I wanted to copy .ssh folder from my old computer to a new machine. So on my new ubuntu I mounted my APFS drive (just read-only support) and did:
➜ adam_old ls -ld .ssh
drwx------ 1 501 dialout 6 dub 3 13:16 .ssh
➜ adam_old sudo cp -vr .ssh ~/.ssh
cp: cannot stat '.ssh': Permission denied
and got permission denied for root. But when i removed sudo:
➜ adam_old cp -vr .ssh ~/.ssh
'.ssh/known_hosts' -> '/home/adam/.ssh/.ssh/known_hosts'
'.ssh/pi@hrasp_id_rsa' -> '/home/adam/.ssh/.ssh/pi@hrasp_id_rsa'
'.ssh/pi@hrasp_id_rsa.pub' -> '/home/adam/.ssh/.ssh/pi@hrasp_id_rsa.pub'
'.ssh/config' -> '/home/adam/.ssh/.ssh/config'
'.ssh/pi@rasp_id_rsa' -> '/home/adam/.ssh/.ssh/pi@rasp_id_rsa'
'.ssh/pi@rasp_id_rsa.pub' -> '/home/adam/.ssh/.ssh/pi@rasp_id_rsa.pub'
It worked. I don't get it (I thought root has access to everything).
Has it something to do with the old drive was also a unix system with its own permissions? (We can see user 501 and group dialout as owners of .ssh in the first snippet.)
So I checked groups to which root and my account 'adam' belong, and their IDs:
➜ adam_old cat /etc/group | grep dialout
dialout:x:20:
➜ adam_old cat /etc/passwd | grep -E '^(root|adam)'
root:x:0:0:root:/root:/bin/bash
adam:x:1000:1000:Adam,,,:/home/adam:/usr/bin/zsh
(groups 0 is group 'root' and group 1000 is group 'adam')
still I have no idea why it didn't work for root, but did for 'adam'.
EDIT:
Found out that I actually copied old drive's ~/.ssh to new drive's ~/.ssh/.ssh (but that doesn't matter for the question).
