这几天某台服务器上面的crontab突然不能用了,表现为某个用户的crontab 临时文件不能读取,
Temporary crontab no longer owned by you
发现crontab -e的时候,在/tmp下面生成的临时文件有问题:
drwx—— 2 root crontab 4.0K 2009-01-05 14:27 crontab.TRVZy0
变成root用户的了,难怪普通用户读不到。
查了n久没有啥发现,然后无意中ls -alh /usr/bin/crontab
发现:
-rwsr-sr-x 1 root crontab 26K Dec 20 2006 /usr/bin/crontab
在owner一栏多了一个SUID。。。然后
chown u-s /usr/bin/crontab
ls -alh /usr/bin/crontab
-rwxr-sr-x 1 root crontab 26K Dec 20 2006 /usr/bin/crontab
去掉SUID以后,crontab就一切正常了。。。
drwx—— 2 ssmax crontab 4.0K 2009-01-05 14:29 crontab.fdzKZk
SUID、GUID、粘滞位一直都没有留意,好像是基础课的时候学到的,但是之后都一直都没有怎么用到,所以很容易就忘记了。
各个位的定义:man chmod
The letters ‘rwxXstugo’ select the new permissions for the affected users: read (r), write (w), execute (or access for directories) (x), execute only if the file is a directory or already has execute permission for some user (X), set user or group ID on execution (s), sticky (t), the permissions granted to the user who owns the file (u), the permissions granted to other users who are members of the file’s group (g), and the permissions granted to users that are in neither of the two preceding categories (o).