[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Permission Questions



On Mon, Aug 30, 2021 at 09:01:33PM +0200, Rainer Dorsch wrote:
> rd@h370:~/tmp.nobackup$ ls -l /tmp/123
> -rw-rw-r-- 1 rd users 0 30. Aug 20:42 /tmp/123

> User ka overwrites it with the content of another file (atomically):
> 
> ka@h370:~$ echo test > 123
> ka@h370:~$ mv 123 /tmp/123
> mv: cannot move '123' to '/tmp/123': Operation not permitted

In order to perform this move, ka would first need to unlink the
existing /tmp/123 file.  ka cannot do that, because the /tmp directory
is "sticky".  Only "rd" (or root) can do it.

> Maybe moving removes a node in /tmp,

Yes.  You can verify with strace if you're curious enough.

> so I am trying to append to the file as a 
> test:
> 
> -rw-rw-r-- 1 rd users 0 30. Aug 20:35 /tmp/123 

> ka@h370:~$ id 
> uid=1401(ka) gid=1401(ka) Gruppen=1401(ka),20(dialout),21(fax),24(cdrom),
> 30(dip),44(video),46(plugdev),100(users),1000(sispmctl) 
> ka@h370:~$ ls -l /tmp/123 
> -rw-rw-r-- 1 rd users 0 30. Aug 20:35 /tmp/123 
> ka@h370:~$ echo test >> /tmp/123 
> -bash: /tmp/123: Permission denied 

That one should have worked, due to the secondary group membership.

unicorn:~$ sudo touch /tmp/123; sudo chgrp video /tmp/123; sudo chmod 664 /tmp/123
[sudo] password for greg: 
unicorn:~$ ls -l /tmp/123
-rw-rw-r-- 1 root video 0 Aug 30 15:56 /tmp/123
unicorn:~$ id
uid=1000(greg) gid=1000(greg) groups=1000(greg),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),108(netdev)
unicorn:~$ echo stuff >> /tmp/123
unicorn:~$ 

It works for me.  Is your /tmp a non-Unix file system, or is it mounted
with any unusual options?


Reply to: