LinuxQuestions.org
Latest LQ Deal: Linux Power User Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 08-13-2010, 01:47 PM   #1
vit_r
LQ Newbie
 
Registered: Jun 2008
Posts: 14
Blog Entries: 1

Rep: Reputation: 0
first octet of chmod does not work?


Hi!

I.
Here it goes according to 'ls': dr-x..
~ # ls -ld /proc
dr-xr-xr-x 134 root root 0 2010-08-13 18:58 /proc/
---------- /proc/ is not writable. So next is correct
~ # touch /proc/rwtest
touch «/proc/rwtest»: No such file or directory
~ #

II.
Here it does not (obviously next is correct for OS functioning)..
~ # ls -ld /sys
drwxr-xr-x 134 root root 0 2010-08-13 18:58 /sys/
---------- /sys/ is writable!
~ # touch /sys/rwtest
touch «/sys/rwtest»: No such file or directory
~ #

III.
~ # mkdir TMP
~ # chmod 500 TMP
~ # ls -ld TMP
dr-x------ 2 root root 48 2010-08-13 18:59 TMP/
~ # touch TMP/rwtest
~ # ls -lR TMP
TMP:
-rw-r--r-- 1 root root 0 2010-08-13 18:59 rwtest
~ #

rwtest-file was created by root in directory with dr-x------

Should it be so?

Please..
One question only:

Why does 'chmod 500..' not work under root privileges?

Thanks and good luck!

13-VIII-2010
 
Old 08-13-2010, 02:07 PM   #2
smilemukul
Member
 
Registered: Jun 2009
Distribution: Redhat,CentOS,Ubuntu,Puppet
Posts: 292

Rep: Reputation: 34
Chmod 500 does not work under root privileges as UIDs starting with 500 are reserved for user access & to provide root access to users, SUID & sudo commands are used.

Thanks
 
Old 08-13-2010, 02:23 PM   #3
smilemukul
Member
 
Registered: Jun 2009
Distribution: Redhat,CentOS,Ubuntu,Puppet
Posts: 292

Rep: Reputation: 34
Also that is depended on your umask value which is set for the directory thats why you are getting the above comment as "dr-x------ 2 root root 48 2010-08-13 18:59 TMP".
Your umask value is not set as per directory access for users.
 
Old 08-15-2010, 10:22 AM   #4
vit_r
LQ Newbie
 
Registered: Jun 2008
Posts: 14
Blog Entries: 1

Original Poster
Rep: Reputation: 0
to smilemukul

Thanks for digging notes

I had to mention what its for, sorry..

The goal is to get 'read-only PATH'
(
ie:
dr-xr-xr-x ... bin/
dr-xr-xr-x ... lib/
dr-xr-xr-x ... sbin/
)

-
Still does not work:
~ # umask u=,g=,o=; mkdir fu; touch fu/bar; ls -lR fu
fu:
---------- 1 root root 0 2010-08-14 13:00 bar
-

'ro PATH' whith rw root filesystem is possible:
http://www.linuxquestions.org/questi...y-path-822055/

But when under root privileges 'chmod 500..' will do what it claims 'ro PATH' would be made just like that, isn't so?

Is there a way to get working 'dr-xr-xr-x..' directly?

Thanks
 
Old 08-16-2010, 01:47 PM   #5
smilemukul
Member
 
Registered: Jun 2009
Distribution: Redhat,CentOS,Ubuntu,Puppet
Posts: 292

Rep: Reputation: 34
To discover what umask you are currently working with, type:
% umask

EXAMPLES --
umask directory file
000 rwxrwxrwx rw-rw-rw-
022 rwxr-xr-x rw-r--r--
027 rwxr-x--- rw-r-----
077 rwx------ rw-------
777 --------- ---------

Check your umask value & search more about it on the google.
 
Old 08-18-2010, 04:00 AM   #6
vit_r
LQ Newbie
 
Registered: Jun 2008
Posts: 14
Blog Entries: 1

Original Poster
Rep: Reputation: 0
-
Once more:
~ # umask
0022
~ # umask u=,g=,o=
~ # umask
0777
~ # mkdir fu
~ # ls -ld fu
d--------- ... fu/
Next cmd in unwritable dir certainly should fail
~ # touch fu/bar
But it didn't fail: fu/bar was created.
Look:
~ # ls -l fu/bar
---------- ... bar
~ # umask 0022
~ # umask
0022
-

Still does not work:
Is there somewhere a working example?

Thanks
 
Old 08-18-2010, 04:38 AM   #7
sem007
Member
 
Registered: Nov 2006
Distribution: RHEL, CentOS, Debian Lenny, Ubuntu
Posts: 638

Rep: Reputation: 111Reputation: 111
Quote:
Hi!

I.
Here it goes according to 'ls': dr-x..
~ # ls -ld /proc
dr-xr-xr-x 134 root root 0 2010-08-13 18:58 /proc/
---------- /proc/ is not writable. So next is correct
~ # touch /proc/rwtest
touch «/proc/rwtest»: No such file or directory
~ #

II.
Here it does not (obviously next is correct for OS functioning)..
~ # ls -ld /sys
drwxr-xr-x 134 root root 0 2010-08-13 18:58 /sys/
---------- /sys/ is writable!
~ # touch /sys/rwtest
touch «/sys/rwtest»: No such file or directory
~ #
/proc and /sys is a virtual filesystem.

/sys directory for PnP configuration. It's a sysfs type of file system.

quote from wiki
Quote:
sysfs was originally called ddfs (Device Driver Filesystem) and was initially created to debug the new driver model as it was being written.
Quote:
III.
~ # mkdir TMP
~ # chmod 500 TMP
~ # ls -ld TMP
dr-x------ 2 root root 48 2010-08-13 18:59 TMP/
~ # touch TMP/rwtest
~ # ls -lR TMP
TMP:
-rw-r--r-- 1 root root 0 2010-08-13 18:59 rwtest
~ #
root user can read,write & delete files even if it has read or no permission.

try this

Code:
touch abc;chmod 000 abc

cat > abc

rm abc
Hope this help.
 
Old 08-20-2010, 05:09 AM   #8
vit_r
LQ Newbie
 
Registered: Jun 2008
Posts: 14
Blog Entries: 1

Original Poster
Rep: Reputation: 0
Certainly this help

> root user can read,write & delete files even if it has read or no permission.
Is it said somewhere in docs? I can't find

Seems strange things pops up:
- 'ls' doesn't reflect 100% of real situation
- 'chmod ...' doesn't make all changes correctly
- nothing is mentioned in their man pages

To whom to address these questions to get the "official" answers?


Thanks
 
Old 08-20-2010, 05:57 AM   #9
i92guboj
Gentoo support team
 
Registered: May 2008
Location: Lucena, Córdoba (Spain)
Distribution: Gentoo
Posts: 4,063

Rep: Reputation: 381Reputation: 381Reputation: 381Reputation: 381
Quote:
Originally Posted by vit_r View Post
Hi!

I.
Here it goes according to 'ls': dr-x..
~ # ls -ld /proc
dr-xr-xr-x 134 root root 0 2010-08-13 18:58 /proc/
---------- /proc/ is not writable. So next is correct
~ # touch /proc/rwtest
touch «/proc/rwtest»: No such file or directory
~ #

II.
Here it does not (obviously next is correct for OS functioning)..
~ # ls -ld /sys
drwxr-xr-x 134 root root 0 2010-08-13 18:58 /sys/
---------- /sys/ is writable!
~ # touch /sys/rwtest
touch «/sys/rwtest»: No such file or directory
~ #
First thing, /sys and /proc are not real fs's, they represent internal structures taken directly from your kernel mapped memory and put in an fs-like fashion, so most Linux programs that know how to handle files can take info from there just like they would get info from ~/my_random_txt_file. Note that these files don't even exist, not even in a ram disk or something like that.

The reality is that everything under /proc is created on demand. So, even if you could chmod a file in there, the next time you run ls to see that file you would not be viewing the same file you chmoded, but a new one that's created on the very momment that ls asks for it to the kernel. The kernel procfs driver is the one that does this transparently.

Besides that, you are not supposed to write in there at except for a few cases, and only when you know what you are doing.

In any case, even if /proc was a true fs which it is not, you shouldn't be that scared about this. Attributes have always been fs-dependant, take vfat as an example. It doesn't support posix permissions, and all the umask stuff is emulated at mount time, and never stored. Other virtual fs's (nfs, smb, cifs, fuse based stuff...) have their own rules to emulate and handle permissions and ownerships which might also be controlled via mount options.

Quote:
Why does 'chmod 500..' not work under root privileges?

Thanks and good luck!

13-VIII-2010
Try on a conventional POSIX friendly fs instead of doing weird things on virtual fs's.

Quote:
Originally Posted by vit_r View Post
Certainly this help

> root user can read,write & delete files even if it has read or no permission.
Is it said somewhere in docs? I can't find
It's only natural. What would happen then if you -by accident- did a chmod a-r on a given file? If root couldn't read it who would rescue this file from limbo? Maybe debugfs, but that's suboptimal at best.

Root can do anything, and has absolute rights over ALL the files in your system. Only limited by what the kernel allows or disallows.

Quote:
Seems strange things pops up:
- 'ls' doesn't reflect 100% of real situation
- 'chmod ...' doesn't make all changes correctly
Sure they do. These tools do what the kernel let them do, and don't forget that this tools are not exclusively used over Linux kernels. ls can only show what the fs driver tells it. That might depend from one mount of the fs to another because some attributes on some fs's are controlled by such options as said above.

To sum up. That a given file has a given permission scheme doesn't really allow you to do whatever thing with it. There are additional levels to consider, for example, just pick a floppy 3.5" disk and open the protection latch, put it in your drive and look for a writable file, try to write to it and you'll see you can't. In this case the obstacle is the physical level, but the kernel is also above what chmod and ls can do.

Quote:
- nothing is mentioned in their man pages
Because this has nothing to do with chomd and/or ls. This is kernel internal stuff.

You should also check Documentation/filesystems/proc.txt and Documentation/filesystems/sysfs.txt in your kernel source tree to get a clearer view on what do these fs's do.
 
1 members found this post helpful.
Old 08-22-2010, 01:53 PM   #10
vit_r
LQ Newbie
 
Registered: Jun 2008
Posts: 14
Blog Entries: 1

Original Poster
Rep: Reputation: 0
to i92guboj


Thanks for detailed analysis and good hints

I had to be more accurate when posting


> ... doing weird things on virtual fs's.
There was no such intention. '~ # ls -ld /proc' and '~ # ls -ld /sys' were invented
to illustrate their different output: dr-x.., drwx..
while they both are not writable.

All these.. still puzzles me.. may kernel-team can be asked?
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Apache: difference between chmod 644 and chmod 666 and chmod 600 for output/txt/dat? frenchn00b Programming 6 04-22-2009 02:10 PM
chmod does not work? kalleanka Linux - Newbie 1 05-17-2007 11:51 AM
mv file, then chmod doesn't work? how do I do it? unomateo Programming 4 12-18-2006 08:00 PM
chmod u-x doesn't work? konstantinmiller Linux - Newbie 9 06-05-2006 11:26 PM
chmod doesn't work stonecrest Linux - Newbie 4 02-27-2005 05:43 AM


All times are GMT -5. The time now is 04:25 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration