0

I have a script running with the user user1:user1, making operations inside a directory dir. At the end of the script, I would like to use chown to change the owner of the script to user2:user2

But it doesn't work. I tried the same operation, logged in as user1 :

$ ls -l
drwxr-xr-x 5 user1 user1 4096 Jan 11 10:58 dir
$ chown -R user2:user2 dir
chown: changing ownership of dir: Operation not permitted

Why can't I change the owner of my own files/repertories ? Is there an other way than using a root access to do this ?

UPDATE

The script makes a git clone and then a rsync with an Apache directory. New files have for owner the current user, but I need Apache to be the owner instead.

ôkio
  • 101
  • 2
  • 2
    Possible duplicate of [chown - Operation not permitted](http://superuser.com/questions/697608/chown-operation-not-permitted) – user Jan 11 '16 at 15:46
  • 1
    Also relevant: [Why can't a normal user `chown` a file?](http://unix.stackexchange.com/q/27350/2465) on [unix.se] – user Jan 11 '16 at 15:48
  • It seems to me to be a rather *elementary* security measure: if it did not exist, I could transfer ownership of infected files to other users at will. – MariusMatutiae Jan 11 '16 at 16:13

1 Answers1

1

The chown command is only available for root, for security reasons, so if you want to do that, you'll have to do it as root.

There are 2 things that come to my mind that you can do:

  • Use the SETUID bit. This way, you're allowing users to run the script as root (though it also has security concerns, depending on what your script does). More on this here.

  • You might also create a task-based queue (for example, using redis). The script would insert a value on the queue when run, and a script run as root would read that queue and make any needed changes (in your case, use chown on that file).

nKn
  • 5,549
  • 6
  • 32
  • 38
  • Thanks for your answer. I have updated my post with the detail of the script. I tried to do `chmod u+s script`, but it doesn't change anything. Is this the right way to use it ? – ôkio Jan 11 '16 at 16:07
  • You running the script as root? If not that's why it's doing nothing – Ramhound Jan 11 '16 at 17:02
  • You'd need to change ownership to `root`. When run as non-root, effectively it will be run as `root` instead of the user that invoked the script. – nKn Jan 11 '16 at 17:09