目录具有777权限,但如果它是root或用户所有,则行为不同
[英]Directory has 777 permission but different behavior if it is root or user owned
问题描述
This is a bizarre thing that a coworker just discovered. 
这是同事刚刚发现的一件奇怪的事情。 As the title, /var/tmp has 777 permission. 作为标题,/ var / tmp具有777权限。 We have a library that we must use (but do not have source access to, disappointing) which when used creates a temp file to do its work (no idea what it is actually doing with that file) and then immediately deletes it. 我们有一个必须使用的库(但没有源访问权限,令人失望),该库在使用时会创建一个临时文件来执行其工作(不知道它对该文件的实际作用),然后立即将其删除。 At least, that's what's supposed to happen. 至少,那是应该发生的。 When /var/tmp is root:root owned, the files are never deleted, never closed. 当/ var / tmp为root:root拥有时,文件永远不会删除,永远不会关闭。 If we change owner to user:user it works perfectly, files are created and deleted faster than they can be detected. 如果我们将所有者更改为user:user,则可以正常工作,文件的创建和删除速度比检测到的快。 This only occurs on his Ubuntu 14.04 32bit machine. 这仅发生在他的Ubuntu 14.04 32位计算机上。 We also have an Ubuntu 12.04 64bit, Debian 7 32 and 64 bit, CentOS6 32 and 64 bit, and a CentOS5 32bit and this behavior is not seen on any of those others, they all work exactly as intended no matter who owns /var/tmp 我们也有一个Ubuntu 12.04 64位,Debian 7 32位和64位,CentOS6 32位和64位以及CentOS5 32位,并且在其他任何一个产品上都没有看到这种行为,无论谁拥有/ var /,它们都按预期工作tmp
This is a problem because after about 1000 times of this library doing its thing the process hits the file limit and refuses to continue. 这是一个问题,因为在执行此库大约1000次后,该过程达到了文件限制,并拒绝继续。
Can anyone think of a situation where a directory could have 777 permission (albeit owned by root), allowing a user process to create a file, but then not be able to delete that file? 有人能想到目录可能具有777权限(尽管是根用户拥有)的情况,该权限允许用户进程创建文件,但之后又不能删除该文件?
Thanks a lot! 非常感谢!
edit: Process is run as the user that /var/tmp is chowned to in order to make it work. 编辑:进程以/ var / tmp被锁定的用户身份运行以使其工作。
$ ls -ltrd /var/tmp/*
drwxr-xr-x 2 user user 4096 Oct 7 2013 /var/tmp/audacity-user
drwx------ 2 root root 4096 Nov 28 2013 /var/tmp/kdecache-root
drwx------ 3 user user 4096 Apr 25 18:07 /var/tmp/kdecache-user
-rw------- 1 root root 3 Jul 3 11:07 /var/tmp/zhanceqDC3256C54D298DEE.dat
-rw------- 1 user user 3 Jul 3 14:25 /var/tmp/homjeaocAADD02BC6EDB687D.tmp
I'm trying to get my coworker to give a similar directory listing while the problem is happening but he stepped out suddenly and may not be back until tomorrow. 我正在尝试让我的同事在发生问题时提供类似的目录清单,但他突然走了出来,可能直到明天才回来。
1 个解决方案
解决方案1
0 2014-07-03 15:20:25
Nevermind, the problem has been uncovered. 没关系,问题已被发现。 Don't know the full sequence of events but the problem was the "zhanceqDC3256C54D298DEE.dat" file. 不知道事件的完整顺序,但问题是“ zhanceqDC3256C54D298DEE.dat”文件。 Apparently this library also creates this file and presumably deletes it: when the directory was owned by root, it could not delete the file even with 777 permission. 显然,该库也创建了该文件并删除了该文件:当目录归root拥有时,即使具有777权限,它也无法删除该文件。 When the directory is owned by user it can. 该目录归用户所有时可以。 The other way to fix it was to simply sudo rm the file and let the library create it itself. 修复它的另一种方法是简单地对文件进行sudo rm,然后由库自行创建。 This process is only ever meant to be run as a user, never as root, but just to test it I ran it as root (and a third user) and in each case it creates a different file with the pertinent user ownership (some kind of user tied guid I guess), so HOW this guy managed to get into this situation will probably remain forever unknown. 此过程只打算以用户身份运行,而不是以root用户身份运行,而只是为了对其进行测试,我以root用户(和第三个用户)身份运行了它,并且在每种情况下,它都会创建一个具有相关用户所有权的不同文件(某种形式) (我猜是用户捆绑guid的用户),所以这个家伙如何成功进入这种情况可能永远永远未知。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.