Ubuntu Mydomain.pem : Permission denied

sslUbuntu

I have a five files in my Webserver(Nginx) folder :

cert_www.Mydomain.com.crt
prv_www.Mydomain.com.key
rootca_www.Mydomain.com.crt
subca1_www.Mydomain.com.crt
subca2_www.Mydomain.com.crt

i want to combine the crt files. but my commands not working. i'm using cat command. please see the below command.

ubuntu@ip:/etc/nginx/ssl$ sudo cat cert_www.Mydomain.com.crt subca1_www.Mydomain.com.crt rootca_www.Mydomain.com.crt > www.Mydomain.com.pem
-bash: www.Mydomain.com.pem: Permission denied

I don't understand, not really sure what's going wrong.

Best Answer

This is happening because the shell redirection applies in your unprivileged shell; it doesn't get the benefit of the sudo.

Just get a regular root shell (run sudo -i) and then run the command again. There are trickier ways of doing it (such as piping through sudo tee) but it's not worth the hassle for a simple interactive session.

Related Solutions

Ubuntu – Permission Denied for User with Sudo Privileges

Could you run

sudo -s
id

And post the output? I want to see if it's actually making you the user you think.

Also, try

sudo cat /etc/sudoers

The output of id here is quite enlightening. When you ran sudo -s, you were given a UID of 1, while the only UID that the kernel will recognize as having root privileges is UID 0.

Try running

getent passwd | grep ':0:'

and see if any entries have that 0 in their first numeric field, the UID. Whatever account that is is the real superuser on the system, while root is a fake. Once you know the name, you can try

sudo -s -u username

to get a shell as that user.

You should also post the output of

getent passwd root

The bigger issue here is how such a condition came to pass.

Is this machine offering any network services? If so, someone may have broken into it and taken it over. In that case, you should probably back up the data, do a clean re-install, and audit anything that goes back on it.

If it's more of a personal machine, might there be a knowledgeable prankster who's had access to it recently?

Edit: your comment to another answer suggests that this is a server. I would highly recommend taking it offline ASAP and imaging its disks for forensic purposes. Unless you can identify a benign cause for this in short order, you've probably had your server cracked.

Ubuntu – Proftpd on Ubuntu – Create directory permission denied (550 ) after upgrade to 9.10

Ok after some trial and error I found the solution.

I needed to add the commands XRMD and XMKD to those allowed by the user. They are described as X-Variants of the commands RMD and MKD and are apparently "often missing from a thorough configuration" according to http://www.castaglia.org/proftpd/doc/contrib/ProFTPD-mini-HOWTO-Limit.html

So perhaps somewhere in my system these commands are now being used instead.

The end of my config now reads:

<Directory /home/userftp/upload>
Umask 022 022
AllowOverwrite on
    <Limit READ>
        DenyAll
        </Limit>

        <Limit STOR CWD MKD RMD DELE XRMD XMKD>
        AllowAll
        </Limit>
</Directory>

Best Answer

Related Solutions

Ubuntu – Permission Denied for User with Sudo Privileges

Ubuntu – Proftpd on Ubuntu – Create directory permission denied (550 ) after upgrade to 9.10

Related Topic