The /sys directory in Linux is deceptive. Unlike most other directories, it does not provide persistent storage for arbitrary files.
Rather, it's a way to look at the systems's devices - their states and configurations. These files go away between boots and are dynamically generated by your system at startup. It is normal to be denied permission to write new files or directories there, even as root. You can detect these filesystems by viewing the mount type:
$ mount
none on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600)
none on /proc type proc (rw,nosuid,nodev,noexec,relatime)
none on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
none on /proc/sys/fs/binfmt_misc type binfmt_misc (rw,nosuid,nodev,noexec,relatime)
none on /sys/fs/fuse/connections type fusectl (rw,relatime)
none on /run type tmpfs (rw,nosuid,noexec,relatime,size=3284248k,mode=755)
/dev/md2 on /home type ext4 (rw,relatime,user_xattr,acl,barrier=1,data=ordered,discard)
devpts, proc, sysfs, binfmt_misc, and fusectl are all dynamically generated filesystems that reflect internal system information, and aren't for normal filesystem use. You will likely get permission denied errors even as root or other issues if you try to use these as a normal filesystem.tmpfs is a temporary filesystem which resides within RAM - You can write to here and use it like a normal filesystem, but anything saved here will be erased as soon as the computer shuts down. Copy your files elsewhere if you want to save them.ext4 is an actual filesystem on a device somewhere. Data saved here will be preserved like you would expect on a harddisk. There are many filesystems, but the key note is how this line has /dev/md2 instead of none: none means that there is no device backing the filesystem - it doesn't really exist, and is entirely virtual. If a mount point has an actual device (like /dev/sda1 or /dev/md1), then that means the contents actually exist on a device somewhere.
Would you be able to put your edited files in another directory? Or do you specifically mean to edit the configuration of a device?
If you have execute without read permission on a directory, you can include it in a path, but you cannot see its contents, so if you are in /var/www you can for instance see the contents of the html subdirectory with ls html, even though you cannot see html with a simple ls. You need to run:
sudo chmod uga+r /var/www
It's possible that you may not need sudo: you can certainly first try it without.
Best Answer
The
/varpermissions are either a red herring or incidental. For the uid-to-name lookup to work, the following must be correct, in order:/etc/nsswitch.confneeds to have permissions 0644, owner root:root.passwdentry in that file needs to be correct - given the very large IDs, you're probably not using just the local password file, but some ldap or AD setup? Make sure that it's listed, and listed early on./etc/passwdmust have permissions 0644 and owner root:root./varpermissions would come in, but without knowing more about what you use for authentication, that's not possible to troubleshoot. At a minimum, make sure that/varitself has permissions 0755, owner root:root; directories it contains should be owned by either an obvious system user/group (e.g. "mail" for/var/mail) or root, and not be world-writable (with the exception of/var/tmp, if it exists, which should be root-owned and have permissions 1777).If that doesn't help (and even if it does), please provide more information about your auth system - LDAP, samba, AD (via what?), or something else.