permissions error on oauth2.txt.lock file
163 views
Skip to first unread message
Teresa Beamer
May 30, 2024, 3:55:57 PM5/30/24
to GAM for Google Workspace
I recently updated our gam instance on a server to
GAM 6.58 - https://jaylee.us/gam - staticx
Jay Lee <jay...@gmail.com>
Python 3.11.3 64-bit final
google-api-python-client 2.86.0
Linux Centos 7 Core x86_64
Path: /usr/local/eReg/bin/gam
Jay Lee <jay...@gmail.com>
Python 3.11.3 64-bit final
google-api-python-client 2.86.0
Linux Centos 7 Core x86_64
Path: /usr/local/eReg/bin/gam
Before the update there were no permissions errors. After the update we now get:
ERROR: [Errno 13] Permission denied: '/usr/local/eReg/bin/gam/oauth2.txt.lock'
ERROR: [Errno 13] Permission denied: '/usr/local/eReg/bin/gam/oauth2.txt.lock'
Here's the permissions on the file:
]$ sudo ls -lia /usr/local/eReg/bin/gam/oauth2.txt.lock
297287 -rw-r--r--. 1 ereg ereg 0 May 30 11:34 /usr/local/eReg/bin/gam/oauth2.txt.lock
297287 -rw-r--r--. 1 ereg ereg 0 May 30 11:34 /usr/local/eReg/bin/gam/oauth2.txt.lock
The accounts using gam are part of the ereg group.
If I modify the permission to -rw-rw-r-- things work. But eventually the file gets recreated with the original permissions and I can't access gam data again. What is the best way to address this issue? Is there a way to not have the lock file recreated, so once set with the group permission it stays in place? Or is there something in gam I can modify so that the lock file gets created in a way that allows all in that group to access the gam data?
Thanks for your help.
Terri
Teresa Beamer
ITS
Denison University
Ross Scroggs
May 30, 2024, 4:04:50 PM5/30/24
to google-ap...@googlegroups.com
If oauth2.txt.lock is missing, gam creates it with 644 permissions. You change them to 664; the trick is to figure out who changes them back to 644 or who deletes the file and gam recreates it with 644.
Send me a Meet/Zoom invitation and I'll look into it with you.
Ross
--
You received this message because you are subscribed to the Google Groups "GAM for Google Workspace" group.
To unsubscribe from this group and stop receiving emails from it, send an email to google-apps-man...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/google-apps-manager/f383e4c4-f7df-4f67-b07e-4b84bc8df7edn%40googlegroups.com.
Marion Bates
Jan 20, 2026, 12:25:39 PM (19 hours ago) Jan 20
to GAM for Google Workspace
I have the same issue since a recent upgrade to GAM. I have tried setfacl -d -m u::rwx,g::rwx,o::rwx . on the GAM config directory, and when I create a file, it gets -rw-rw-rw- permissions; but, oauth2.txt.lock still somehow ends up getting created with 644 permissions, which causes my web wrapper script to fail. The hackery I had done to address this some years ago seems to have broken since the upgrade, which is not surprising...I am intentionally trying to create a gaping security hole to let Apache do scary things. Ross, can you bail me out again please? :) Thank you regardless! We couldn't live without GAM.
-- MB
Ross Scroggs
Jan 20, 2026, 1:06:16 PM (19 hours ago) Jan 20
to google-ap...@googlegroups.com
Send me a private Meet/Zoom invitation and I'll help.
Ross
To view this discussion visit https://groups.google.com/d/msgid/google-apps-manager/c2b3ca23-3582-4d9c-aca2-336efe2fe2bbn%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages