setuid on echo command but not working as expected - linux

I have a question about setuid:
for example, there is a file - 1.txt, only root has write permission:
$ll 1.txt
-rw-r--r--. 1 root root 57 Jul 1 12:19 1.txt
For an ordinary user to modify the file, I did the following:
$ sudo chmod u+s /usr/bin/echo
$ ll /usr/bin/echo
-rwsr-xr-x. 1 root root 33128 Oct 31 2018 /usr/bin/echo
However, when the user ran below command, it still got permission error.
$ echo 111 > 1.txt
bash: 1.txt: Permission denied
Then I did a similar test on ls command:
Only root has write permission to test/ directory:
$ ll -d test/
drw-------. 2 root root 34 Jul 1 14:18 test/
a user that run ls command would report an error
$ ls test/
ls: cannot open directory test/: Permission denied
Then setuid on ls command:
$ sudo chmod u+s /usr/bin/ls
$ ll /usr/bin/ls
-rwsr-xr-x. 1 root root 117680 Oct 31 2018 /usr/bin/ls
after this, the user was able to run the command
$ ls test/
1 23 4
What's the difference between echo and ls? Or what I missed here?

Related

chmod doesn't work in mounted partition

I have this file in my mounted partition
/path/to/hardDiskDrive/$ ls -l
-rw------- 1 arash arash 92827804 Jun 15 17:35 qt-creator-opensource-linux-x86_64-4.0.2.run
and then try to chmod it but nothing happens even with sudo
/path/to/hardDiskDrive/$ chmod +x qt-creator-opensource-linux-x86_64-4.0.2.run
/path/to/hardDiskDrive/$ ls -l
-rw------- 1 arash arash 92827804 Jun 15 17:35 qt-creator-opensource-linux-x86_64-4.0.2.run
but when i copy it to my Linux home directory everything works fine ..
What is the resne of this ?!!
~/Desktop $ ls -l
-rw------- 1 arash arash 92827804 Jun 15 17:35 qt-creator-opensource-linux-x86_64-4.0.2.run
~/Desktop $ chmod +x qt-creator-opensource-linux-x86_64-4.0.2.run
~/Desktop $ ls -l
-rwx--x--x 1 arash arash 92827804 Jun 15 17:35 qt-creator-opensource-linux-x86
What is the reason of this?!! and How can i run this file from original place in Hard Drive?
thanks

Why can I remove file without user permission?

I made small test to check how permissions work:
test#comp ~/Documents $ touch test1
test#comp ~/Documents $ ls -l
-rw-r--r-- 1 test test 0 Jul 24 22:14 test1
test#comp ~/Documents $ chmod 044 test1
test#comp ~/Documents $ ls -l
----r--r-- 1 test test 0 Jul 24 22:14 test1
test#comp ~/Documents $ cat test1
cat: test1: Permission denied
test#comp ~/Documents $ rm test1
rm: remove write-protected regular empty file ‘test1’? y
test#comp ~/Documents $ ls -l
total 0
My question is, why when I have no permission on user I can't read file but I can remove it?
In order to remove the file one needs a write permission on the directory that contains this file.
For more information: http://linuxcommand.org/lts0070.php

Failed to change ownership of a file with permission 0666 in Linux

OS: Linux. (CentOS 6)
Step 1: login as normal user and change the directory to the home directory
Step 2: su as root
Step 3: create a file and change permission to 0666
Step 4: change file ownership as normal user but failed
[belcon#no1ca4sh ~]$ pwd
/home/belcon
[belcon#no1ca4sh ~]$ su
Password:
[root#no1ca4sh belcon]# touch test.txt
[root#no1ca4sh belcon]# echo "test">test.txt
[root#no1ca4sh belcon]# cat test.txt
test
[root#no1ca4sh belcon]# chmod 666 test.txt
[root#no1ca4sh belcon]# ls -l test.txt
-rw-rw-rw- 1 root root 5 Jun 26 17:50 test.txt
[root#no1ca4sh belcon]# exit
exit
[belcon#no1ca4sh ~]$ ls -l test.txt
-rw-rw-rw- 1 root root 5 Jun 26 17:50 test.txt
[belcon#no1ca4sh ~]$ chown belcon test.txt
chown: changing ownership of `test.txt': Operation not permitted
That doesn't make sense since I can copy that file to another temporary file as normal user. That temporary file's owner is normal user. Then I can delete the original file, and make a copy the temporary file with same name as original file created by root user. It is actually what 'chown' want to do.
[belcon#no1ca4sh ~]$ cp test.txt test1.txt
[belcon#no1ca4sh ~]$ ls -l test.txt test1.txt
-rw-r--r-- 1 belcon wheel 5 Jun 26 17:56 test1.txt
-rw-rw-rw- 1 root root 5 Jun 26 17:50 test.txt
[belcon#no1ca4sh ~]$ diff -Naur test1.txt test.txt
[belcon#no1ca4sh ~]$ rm test.txt
[belcon#no1ca4sh ~]$ ls -l test.txt test1.txt
ls: cannot access test.txt: No such file or directory
-rw-r--r-- 1 belcon wheel 5 Jun 26 17:56 test1.txt
[belcon#no1ca4sh ~]$ cp test1.txt test.txt
[belcon#no1ca4sh ~]$ ls -l test.txt test1.txt
-rw-r--r-- 1 belcon wheel 5 Jun 26 17:56 test1.txt
-rw-r--r-- 1 belcon wheel 5 Jun 26 17:57 test.txt
[belcon#no1ca4sh ~]$ diff -Naur test1.txt test.txt
[belcon#no1ca4sh ~]$
Can anyone please to explain why I couldn't change ownership of a file with permission 0666? Does there exist some reasons for that?
Ordinary users can't chown files.
See: https://unix.stackexchange.com/questions/27350/why-cant-a-normal-user-chown-a-file
Basically, it would allow users to evade quotas, and there are other edge cases where security can be compromised. (e.g. applications assuming root-owned files are secure, because only root could have written them).

Unable to set SGID bit on linux directory

I am trying to set SGID bit on all directories within this directory, but uanble to do so.
Can anybody please help ?
$ ls -ld Music
drwxrwxr-x 16 pankaj usrgrp 1024 Apr 14 14:54 Music
$ chmod -R g+s Music
$ echo $?
0
$ ls -ld Music
drwxrwxr-x 16 pankaj usrgrp 1024 Apr 14 14:54 Music
$

How to remove and re-create an existing symlink in one single command?

I have a symlink for my live server called current and I have releases in the releases directory, i.e current -> releases/2012-05-08_15-13
If I want to update the symlink of my current directory, I have to unlink/rm it and re ln -s it.
My question is: How can I remove the symlink and update it to the latest release in one step.
The form of ln is
ln -sf sourcefile targetlink
Try
ln -sf releases/2012-05-08_15-13 current
to remove the current and create the new link.
If you want to do it in a single command, do as #hughw suggests and run ln -sf.
If you want to replace the symlink atomically (ie. so that there's no point in time where the symlink doesn't exist) create a new symlink, then mv it over the old one.
As suggested by ToddR, here is the only answer that actually works on maybe most flavours of Linux - definately Ubuntu - which uses ln from coreutils package). Let me prove it to you.
matthewh#xen:~$ mkdir -p releases/dirA
matthewh#xen:~$ mkdir -p releases/dirB
matthewh#xen:~$ ln -s releases/dirA
matthewh#xen:~$ ls -l dirA
lrwxrwxrwx 1 matthewh matthewh 13 Apr 7 09:58 dirA -> releases/dirA
matthewh#xen:~$ ln -sf releases/dirB
matthewh#xen:~$ rm dirA
matthewh#xen:~$ ln -s releases/dirA current
matthewh#xen:~$ ln -sf releases/dirB current
matthewh#xen:~$ ls -l current
lrwxrwxrwx 1 matthewh matthewh 13 Apr 7 09:59 current -> releases/dirA <--- DOESN'T WORK!
matthewh#xen:~$ ln -sfn releases/dirB current <--- WORKS!
matthewh#xen:~$ ls -l current
lrwxrwxrwx 1 matthewh matthewh 13 Apr 7 09:59 current -> releases/dirB
So the correct method on Linux is:
ln -sfn source target
-n, --no-dereference
treat LINK_NAME as a normal file if it is a symbolic link to a directory
This is essential, if you do not use -n switch you will end up with a symlink inside source directory named "target".
In my examples,
matthewh#xen:~$ ls -l releases/dirA/
total 0
lrwxrwxrwx 1 matthewh matthewh 13 Apr 7 10:03 dirB -> releases/dirB
correct answer:
ln -s new current_tmp && mv -Tf current_tmp current
Move is atomic operation.
Don't use 'ln -snf'.
strace 'ln -snf' shows two system calls unlink + symlink.
This example clears the use of -sfn switch:
drwxr-xr-x. 10 root root 4096 Aug 25 18:24 .
dr-xr-xr-x. 25 root root 4096 Aug 19 10:32 ..
lrwxrwxrwx. 1 wildfly wildfly 25 Aug 25 18:15 wildfly -> /opt/wildfly-8.2.0.Final/
drwxr-xr-x. 10 wildfly wildfly 4096 Aug 25 18:28 wildfly-8.2.0.Final
link to link
| |
[gecloud#ip-10-227-224-45 opt]$ sudo ln -sfn wildfly-8.2.0.Final /opt/wildfly
[gecloud#ip-10-227-224-45 opt]$ ls -la
total 115540
drwxr-xr-x. 10 root root 4096 Aug 25 18:34 .
dr-xr-xr-x. 25 root root 4096 Aug 19 10:32 ..
lrwxrwxrwx. 1 root root 19 Aug 25 18:34 wildfly -> wildfly-8.2.0.Final
drwxr-xr-x. 10 wildfly wildfly 4096 Aug 25 18:28 wildfly-8.2.0.Final

Resources