Home » Computing » Linux » Solving “Permission denied” when using ‘locate’

Solving “Permission denied” when using ‘locate’

On some Linux machines you might encounter a permissions error when trying to use locate as a regular user:

locate: can not open `/var/lib/mlocate/mlocate.db': Permission denied

I’m not entirely sure when this comes about, but it is the case on a number of AWS CentOS 6 machines.

The reason is multi-fold, and the following commands, run as root, enable the ability to use locate as a regular user. You need the database’s directory to b readable and executable globally, and you need the locate command to be executable with SGID.

chown root:slocate /usr/bin/locate
chmod g+x /usr/bin/locate
chmod g+s /usr/bin/locate
chmod a+rx /var/lib/mlocate

Sticky bit execution is powerful, and thus must not be mis-used.

Sticky bit execution, with “s” in the place of “x” on the executable bit, cause the binary to run as the same group as the file, instead of as the user themselves, allowing the program to read the database.

Setting the directory containing the database to readable and executable allows normal users to read the directory and list its contents.

As root, if you list permissions on the files, this is what you should see:

ls -ld /var/lib/mlocate/{,mlocate.db} /usr/bin/locate
-rwx--s--x 1 root slocate    28184 Sep  3  2009 /usr/bin/locate
drwxr-xr-x 2 root root        4096 Jul 20 14:53 /var/lib/mlocate/
-rw-r----- 1 root slocate 16183322 Jul 20 14:53 /var/lib/mlocate/mlocate.db
Posted in Linux

Leave a Reply

Your email address will not be published. Required fields are marked *