Permission denied to my_app_data example file

I’m going through the Tutorial steps and I’m up to #3, Store a Secret in Conjur. I am logged on as root. When I try to cat the my_app_data file to get “Dave’s” API key, I get this –

error: Permission denied @ rb_sysopen - policy/BotApp.yml

Permissions on my_app_data say I should be able to view it –

-rw-r–r--. 1 root root 59 Oct 24 15:16 my_app_data

What am I doing wrong?

Hi,

Could you please provide the command you are executing.

Thanks,
Andrew

[root@TEST1 policy]# cat my_app_data
error: Permission denied @ rb_sysopen - policy/BotApp.yml

@AdamX @AndrewCopeland
Did you manage to find the fix? I’m getting the same issue.
I even SSH’ed (as root) into the docker using (docker exec -it) but getting the same permission denied error to enter in the policy/ directory.


drwxr-xr-x. 2 root root 24 Mar 28 20:31 policy/

root@9ba67574cd8a:/policy# ls
ls: cannot open directory ‘.’: Permission denied

Hi @prnvx, @AdamX,

I just went through the tutorials up to https://www.conjur.org/get-started/quick-start/store-secret/#step-1 and did not run into any issue.
You should not need to run the tutorial as root in case you did.

If the issue persists, it might be related to SELinux.
You can check SELinux status using sestatus.
If you are using SELinux, you would need to update your (docker-compose.yml file) to add the ‘Z’ label in the client part.
You can find details about that flag here
In your case it would mean to update:
line 72 from - ./conf/policy:/policy to - ./conf/policy:/policy:Z

Let us know how it goes!

Jean-François

1 Like

Thanks @JfcAtCyberArk. Disabling SELINUX did the magic.

1 Like

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.