httpd-modsec2_debug.log: Operation not permitted
Ian Smith
smithi at nimnet.asn.au
Sat Jan 15 16:57:10 UTC 2011
On Sat, 15 Jan 2011, Ian Smith wrote:
> On Sat, 15 Jan 2011, perryh at pluto.rain.com wrote:
[..]
> > Last I knew having a file open, even for writing, was no protection
> > against its last link being removed. The _inode_ won't go away
> > until the last handle is closed, but the _directory entry_ can still
> > be removed.
>
> Accepting that, why wouldn't root be permitted to rm these files? It's
> been shown that they don't have immutable, append-only or other flags
> set. Clearly the filesystem is writable, if full.
Still bugging me .. maybe the _directory_ has some system flag/s set?
sola# mkdir test
sola# cd test
sola# touch a b c
sola# ls -lao
total 14
drwxr-xr-x 2 root wheel - 512 Jan 16 02:31 .
drwxr-xr-x 4 root wheel - 11264 Jan 16 02:31 ..
-rw-r--r-- 1 root wheel - 0 Jan 16 02:31 a
-rw-r--r-- 1 root wheel - 0 Jan 16 02:31 b
-rw-r--r-- 1 root wheel - 0 Jan 16 02:31 c
sola# chflags schg .
sola# ls -lao
total 14
drwxr-xr-x 2 root wheel schg 512 Jan 16 02:31 .
drwxr-xr-x 4 root wheel - 11264 Jan 16 02:31 ..
-rw-r--r-- 1 root wheel - 0 Jan 16 02:31 a
-rw-r--r-- 1 root wheel - 0 Jan 16 02:31 b
-rw-r--r-- 1 root wheel - 0 Jan 16 02:31 c
sola# rm c
rm: c: Operation not permitted
sola# touch d
touch: d: Operation not permitted
sola# chflags noschg .
sola# rm c
sola# ls -lao
total 14
drwxr-xr-x 2 root wheel - 512 Jan 16 02:32 .
drwxr-xr-x 4 root wheel - 11264 Jan 16 02:31 ..
-rw-r--r-- 1 root wheel - 0 Jan 16 02:31 a
-rw-r--r-- 1 root wheel - 0 Jan 16 02:31 b
So on the directory, setting schg achieves Subject behaviour/message,
while sappnd permits adding (and truncating!) but not deleting files.
cheers, Ian
More information about the freebsd-questions
mailing list