RELENG_6 weird '..' permission troubles
Dmitry Morozovsky
marck at rinet.ru
Thu Feb 16 05:56:01 PST 2006
Following myself:
On Thu, 16 Feb 2006, Dmitry Morozovsky wrote:
DM> Dear colleagues,
DM>
DM> I have misterious permission troubles on rather fresh RELENG_6:
DM>
DM> from root everything's ok:
[snip]
DM> but from really unprivileged user:
DM>
DM> %id
DM> uid=1008(nata) gid=1008(nata) groups=1008(nata), 24(samba)
DM> %ls -la /usr
DM> ls: ..: Permission denied
DM> Any hints?
Actually, lower level mountpoints (e.g. /usr on / and so on) had
permissions 0750 instead of 0755 or at least 0111. To fix it (machine in
headless) I had to make the following rc.d script (rc.d/early.sh cannot be used
because / is mountd ro at that time) :
root at hamster:/etc# cat /etc/rc.d/earlyroot
#!/bin/sh
#
# $FreeBSD$
#
# REQUIRE: root
# BEFORE: mountcritlocal
# KEYWORD: nojail
if [ -r /etc/rc.earlyroot ]; then
. /etc/rc.earlyroot
fi
and put
/sbin/chmod 0111 /usr /var /lh
in /etc/rc.earlyroot
Sincerely,
D.Marck [DM5020, MCK-RIPE, DM3-RIPN]
------------------------------------------------------------------------
*** Dmitry Morozovsky --- D.Marck --- Wild Woozle --- marck at rinet.ru ***
------------------------------------------------------------------------
More information about the freebsd-stable
mailing list