permission problem
 

Hi All


Consider a compiled C program - a.out that has only execute permission:
$ ls -l a.out
---x------ 1 Sachin Sachin 4704 Jun 18 19:02 a.out
This program can be run using ./a.out

Consider a shell script - test.sh that has only execute permission:
$ ls -l test.sh
---x------ 1 Sachin Sachin 19 Jun 18 19:05 test.sh
If I try to run this shell script, I get:
$ ./test.sh
bash: ./test.sh: Permission denied

At the system level, what is the reason for the difference between the
two cases?
(Note: Assuming that there are sufficient permissions for the parent directory.)

Thanks in Advance
Sachin

Off the top of my head, your bash shell is trying to "read" the script, so as to interpret the commands prior to running them. Whereas with a binary, it simply executes the compiled code.

Since you don't say what's in your "test.sh" script, it's hard to say. xeleema makes a good point, but it could also be whatever command(s) your script is trying to run, you don't have permissions to.

Also, this seems very much like a verbatim homework question..........

Sachin:

meditate on what you are posting......

"Consider...."
"Consider...."
"At the system level... what is the reason...?" "Note: assuming...."

You are not solving an actual newbie problem. Read your textbook. Go to the library. Lazy students have the bad habit of having others solve their homeworks. If you are serious, go post your issue to linux/software forum, not here.

Be reminded that we are NOT tutors for classroom homeworks.

@malekmustaq - I get the feeling you might be right on the verbatim homework question. I've never taken any "UNIX 101" courses before, but I certainly have contributed to them. Coupled with the lack of a response from sachin.s.puri, I'm tempted to agree with you.

However, even though sachin.s.puri only has two posts, his/her other post doesn't strike me as a homework question, so I'm giving him/her the benefit of the doubt.
(Which I'm hoping will be rewarded by a response shortly, perhaps followed by a "Thanks!" if one of us got this right)

xeleema, you are correct; executable binaries (regardless of src lang) can be run with only 'x'. Ditto, 'scripts' in any lang eg bash, ksh, perl, awk etc must have 'rx', because the kernel has to actually read them (specifically the first line '#!/path/to/actual_binary' so as to hand off the processing to the named binary.
Alternately, you can create a 'script' file with only 'r' and get the correct 'binary' to read/process it eg

bash file.sh
perl another.pl

etc

Another wrinkle is that on linux (possibly other *nix) the kernel will NOT read/run a shell script that is setuid ie owner 'x' perm is set 's'.
This is for security reasons.

If my post does reflects like home work question, I am sorry but actually I was learning about unix permissions and found this behavior when I was experimenting with it. The book did not give a clear explanation .

By the way thanks xeleema for the reply
I want to know following from you after reading your reply

1. How is the binary executed, when it does not have a read permission. Doesn't it need to to be "read" into memory first before executing it?

2. I can execute a shell script that does not have a shebang line. How does the kernel know which interpreter to use, when I have not specified the name of the interpreter.

3. When I run a shell script using ./test.sh, it actually the interpreter that is executing. So why does the script too need execute permission?

Thanks
Sachin

Executable Files
 

Thanks xeleema

You answers most of My doubts. Its exactly how I had guessed it to be. There are still some grey areas if we want to poke further:

1. When a shell script without a shebang line is executes using ./test.sh, does it run in the current shell, or is a new instance of the current shell created and the script is run in that?
(I think a new instance should be created. If it was not so, then running a shell script with a single line "cd /var/tmp/" would change the directory of the current shell, which is not true. This can also be seen when you run a shell script with a single line "ps". If you run this shell script in bash using ./test.sh, you will see 2 instances of bash. But strangely, when this same shell script is run in ksh, I can see only 1 instance of ksh. I don't know why this anomaly exists.)

2. I still didn't understand this:

> *3.* When I run a shell script using ./test.sh, it actually the interpreter that is executing. So why does the script too need execute permission?Your currently running shell will "read" and then "execute" the script in question (unless a she-bang tells it to fire up another interpreter). This "read" and "execute" is done at the permissions level to make sure you're not trying to run a "killall" against a root process, etc.

Considering that a new instance of an interpreter is fired up every time "./test.sh" is run, can't the execute permission of the interpreter be checked instead of the execute permission of the script, since ultimately its the interpreter, and not the script that is running. Whether or not you are trying to perform a superuser operation would be checked in either case.

Thanks
Sachin

The a.out binary is an application, while the script is a text file. You do not run a text file directly, but by using some other application to read the textfile and parse the commands.
$ ./a.out
will run a binary from the current location
$ sh my.txt
will use the sh tool to read and process the script my.txt which is a text file
$ . my.txt
will use the current shell to 'source' the file my.txt and see what happens (the dot by itself is also a shell command for reading a file, aka sourcing)

If my.txt contains valid shell scripting syntax, then it will be executed. If it contains your latest poem, then you'll get an error message, but you shouldn't take that as a critic on your art ;-)

Linux