Jan 05 2009

crontab 的一点小问题 Temporary crontab no longer owned by you

Category: 技术ssmax @ 14:31:25

这几天某台服务器上面的crontab突然不能用了,表现为某个用户的crontab 临时文件不能读取,
Temporary crontab no longer owned by you

发现crontab -e的时候,在/tmp下面生成的临时文件有问题:

drwx—— 2 root crontab 4.0K 2009-01-05 14:27 crontab.TRVZy0

变成root用户的了,难怪普通用户读不到。

查了n久没有啥发现,然后无意中ls -alh /usr/bin/crontab
发现:
-rwsr-sr-x 1 root crontab 26K Dec 20 2006 /usr/bin/crontab

在owner一栏多了一个SUID。。。然后
chown u-s /usr/bin/crontab
ls -alh /usr/bin/crontab
-rwxr-sr-x 1 root crontab 26K Dec 20 2006 /usr/bin/crontab

去掉SUID以后,crontab就一切正常了。。。
drwx—— 2 ssmax crontab 4.0K 2009-01-05 14:29 crontab.fdzKZk

SUID、GUID、粘滞位一直都没有留意,好像是基础课的时候学到的,但是之后都一直都没有怎么用到,所以很容易就忘记了。

各个位的定义:man chmod

The letters ‘rwxXstugo’ select the new permissions for the affected users: read (r), write (w), execute (or access for directories) (x), execute only if the file is a directory or already has execute permission for some user (X), set user or group ID on execution (s), sticky (t), the permissions granted to the user who owns the file (u), the permissions granted to other users who are members of the file’s group (g), and the permissions granted to users that are in neither of the two preceding categories (o).

2 Responses to “crontab 的一点小问题 Temporary crontab no longer owned by you”

  1. hotsnow says:

    一般来说无故的suid出现都是暗示着安全问题的出现哦,呵呵

  2. ssmax says:

    恩,有可能,不过现在上面什么服务都关了,估计没有问题了。

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.