19,612
社区成员
发帖
与我相关
我的任务
分享chown:opreration not permitted
在学习linux文件的属主的改变的时候,我遇到了这样一个问题,只要使用超级用户,就可以修改文件的属主,但是该文件的属主无法进行修改,不知道问题出现在何处?希望得到专家的帮助:
举例而言:
[bzjfcx@localhost bzjfcx]$ ls -l sd
-rw-rw-r-- 2 bzjfcx bzjfcx 9 Nov 21 09:31 sd
[bzjfcx@localhost bzjfcx]$ chown root sd
chown: changing ownership of `sd': Operation not permitted
[bzjfcx@localhost bzjfcx]$ ls -l sd
-rw-rw-r-- 2 bzjfcx bzjfcx 9 Nov 21 09:31 sd
这个操作不能成功,然后我就切换到超级用户root进行相同的操作:
[bzjfcx@localhost bzjfcx]$ su - root
Password:
[root@localhost root]# ls -l sd
ls: sd: No such file or directory
[root@localhost root]# cd /home/bzjfcx/
[root@localhost bzjfcx]# ls -l sd
-rw-rw-r-- 2 bzjfcx bzjfcx 9 Nov 21 09:31 sd
[root@localhost bzjfcx]# chown root sd
[root@localhost bzjfcx]# ls -l sd
-rw-rw-r-- 2 root bzjfcx 9 Nov 21 09:31 sd
[root@localhost bzjfcx]#
修改sd属主成功,我想问题上面文件的属主不能修改的原因,谢谢!
举例而言:
[bzjfcx@localhost bzjfcx]$ ls -l sd
-rw-rw-r-- 2 bzjfcx bzjfcx 9 Nov 21 09:31 sd
[bzjfcx@localhost bzjfcx]$ chown root sd
chown: changing ownership of `sd': Operation not permitted
[bzjfcx@localhost bzjfcx]$ ls -l sd
-rw-rw-r-- 2 bzjfcx bzjfcx 9 Nov 21 09:31 sd
这个操作不能成功,然后我就切换到超级用户root进行相同的操作:
[bzjfcx@localhost bzjfcx]$ su - root
Password:
[root@localhost root]# ls -l sd
ls: sd: No such file or directory
[root@localhost root]# cd /home/bzjfcx/
[root@localhost bzjfcx]# ls -l sd
-rw-rw-r-- 2 bzjfcx bzjfcx 9 Nov 21 09:31 sd
[root@localhost bzjfcx]# chown root sd
[root@localhost bzjfcx]# ls -l sd
-rw-rw-r-- 2 root bzjfcx 9 Nov 21 09:31 sd
[root@localhost bzjfcx]#
修改sd属主成功,我想问题上面文件的属主不能修改的原因,谢谢!
...全文
请发表友善的回复…
发表回复
bzcnc 2008-01-28
- 打赏
- 举报
当你创建一个文件时,你就是该文件的属主。一旦你拥有某个文件,就可以改变它的所
有权,把它的所有权交给另外一个/ e t c / p a s s w d文件中存在的合法用户。可以使用用户名或用
户I D号来完成这一操作。在改变一个文件的所有权时,相应的s u i d也将被清除,这是出于安
全性的考虑。只有文件的属主和系统管理员可以改变文件的所有权。一旦将文件的所有权交
给另外一个用户,就无法再重新收回它的所有权。如果真的需要这样做,那么就只有求助于
系统管理员了。
这个unix reference电子书中,说除了超级用户,其属主也是可以改变文件的所有权的。难道有误?
有权,把它的所有权交给另外一个/ e t c / p a s s w d文件中存在的合法用户。可以使用用户名或用
户I D号来完成这一操作。在改变一个文件的所有权时,相应的s u i d也将被清除,这是出于安
全性的考虑。只有文件的属主和系统管理员可以改变文件的所有权。一旦将文件的所有权交
给另外一个用户,就无法再重新收回它的所有权。如果真的需要这样做,那么就只有求助于
系统管理员了。
这个unix reference电子书中,说除了超级用户,其属主也是可以改变文件的所有权的。难道有误?
mymtom 2008-01-28
- 打赏
- 举报
楼上说的很对, 不同的系统实现是不一样的, 对于chown命令,
IEEE Std 1003.1, 2004 Edition
http://www.opengroup.org/onlinepubs/009695399/utilities/chown.html
有以下描述
The following sections are informative.
APPLICATION USAGE
Only the owner of a file or the user with appropriate privileges may change the owner or group of a file.
Some implementations restrict the use of chown to a user with appropriate privileges
而关于chown
这里说的适当权限的用户, 并没有硬性规定, 所以落实到具体的某一操作系统,实现上就会有不同.
比如在Solaris上这是可以配置的:
[code=BatchFile]
User Commands chown(1)
NAME
chown - change file ownership
SYNOPSIS
chown [-fhR] owner[:group] file...
chown -R [-f] [-H | -L | -P] owner[:group] file...
DESCRIPTION
The chown utility sets the user ID of the file named by each
file to the user ID specified by owner, and, optionally,
sets the group ID to that specified by group.
If chown is invoked by other than the super-user, the set-
user-ID bit is cleared.
Only the owner of a file (or the super-user) can change the
owner of that file.
The operating system has a configuration option
{_POSIX_CHOWN_RESTRICTED}, to restrict ownership changes.
When this option is in effect the owner of the file is
prevented from changing the owner ID of the file. Only the
super-user can arbitrarily change owner IDs whether or not
this option is in effect. To set this configuration option,
include the following line in /etc/system:
set rstchown = 1
To disable this option, include the following line in
/etc/system:
set rstchown = 0
{_POSIX_CHOWN_RESTRICTED} is enabled by default. See sys-
tem(4) and fpathconf(2).
SunOS 5.10 Last change: 21 Jun 2004 1
[/code]
FreeBSD 7 明确禁止root之外的用户的使用此命令更改文件属主.
[code=BatchFile]
The ownership of a file may only be altered by a super-user for obvious
security reasons.
[/code]
对于系统系统调用chown也有相应的描述:
IEEE Std 1003.1, 2004 Edition
http://www.opengroup.org/onlinepubs/009695399/functions/chown.html
[code=BatchFile]
NAME
chown - change owner and group of a file
SYNOPSIS
#include <unistd.h>
int chown(const char *path, uid_t owner, gid_t group);
DESCRIPTION
The chown() function shall change the user and group ownership of a file.
The path argument points to a pathname naming a file. The user ID and group ID of the named file shall be set to the numeric values contained in owner and group, respectively.
Only processes with an effective user ID equal to the user ID of the file or with appropriate privileges may change the ownership of a file. If _POSIX_CHOWN_RESTRICTED is in effect for path:
Changing the user ID is restricted to processes with appropriate privileges.
Changing the group ID is permitted to a process with an effective user ID equal to the user ID of the file, but without appropriate privileges, if and only if owner is equal to the file's user ID or ( uid_t)-1 and group is equal either to the calling process' effective group ID or to one of its supplementary group IDs.
ERRORS
The chown() function shall fail if:
....
[EPERM]
The effective user ID does not match the owner of the file, or the calling process does not have appropriate privileges and _POSIX_CHOWN_RESTRICTED indicates that such privilege is required.
...
[/code]
Solaris:
[code=BatchFile]
System Calls chown(2)
NAME
chown, lchown, fchown, fchownat - change owner and group of
a file
SYNOPSIS
#include <unistd.h>
#include <sys/types.h>
...
ERRORS
All of these functions will fail if:
EPERM The effective user ID does not match the
owner of the file and the {PRIV_FILE_CHOWN}
privilege is not asserted in the effective
set of the calling process, or the
{PRIV_FILE_CHOWN_SELF} privilege is not
asserted in the effective set of the calling
process.
[/code]
FreeBSD 7
[code=BatchFile]
CHOWN(2) FreeBSD System Calls Manual CHOWN(2)
NAME
chown, fchown, lchown -- change owner and group of a file
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <unistd.h>
int
chown(const char *path, uid_t owner, gid_t group);
...
ERRORS
The chown() and lchown() will fail and the file will be unchanged if:
...
[EPERM] The operation would change the ownership, but the
effective user ID is not the super-user.
[/code]
IEEE Std 1003.1, 2004 Edition
http://www.opengroup.org/onlinepubs/009695399/utilities/chown.html
有以下描述
The following sections are informative.
APPLICATION USAGE
Only the owner of a file or the user with appropriate privileges may change the owner or group of a file.
Some implementations restrict the use of chown to a user with appropriate privileges
而关于chown
这里说的适当权限的用户, 并没有硬性规定, 所以落实到具体的某一操作系统,实现上就会有不同.
比如在Solaris上这是可以配置的:
[code=BatchFile]
User Commands chown(1)
NAME
chown - change file ownership
SYNOPSIS
chown [-fhR] owner[:group] file...
chown -R [-f] [-H | -L | -P] owner[:group] file...
DESCRIPTION
The chown utility sets the user ID of the file named by each
file to the user ID specified by owner, and, optionally,
sets the group ID to that specified by group.
If chown is invoked by other than the super-user, the set-
user-ID bit is cleared.
Only the owner of a file (or the super-user) can change the
owner of that file.
The operating system has a configuration option
{_POSIX_CHOWN_RESTRICTED}, to restrict ownership changes.
When this option is in effect the owner of the file is
prevented from changing the owner ID of the file. Only the
super-user can arbitrarily change owner IDs whether or not
this option is in effect. To set this configuration option,
include the following line in /etc/system:
set rstchown = 1
To disable this option, include the following line in
/etc/system:
set rstchown = 0
{_POSIX_CHOWN_RESTRICTED} is enabled by default. See sys-
tem(4) and fpathconf(2).
SunOS 5.10 Last change: 21 Jun 2004 1
[/code]
FreeBSD 7 明确禁止root之外的用户的使用此命令更改文件属主.
[code=BatchFile]
The ownership of a file may only be altered by a super-user for obvious
security reasons.
[/code]
对于系统系统调用chown也有相应的描述:
IEEE Std 1003.1, 2004 Edition
http://www.opengroup.org/onlinepubs/009695399/functions/chown.html
[code=BatchFile]
NAME
chown - change owner and group of a file
SYNOPSIS
#include <unistd.h>
int chown(const char *path, uid_t owner, gid_t group);
DESCRIPTION
The chown() function shall change the user and group ownership of a file.
The path argument points to a pathname naming a file. The user ID and group ID of the named file shall be set to the numeric values contained in owner and group, respectively.
Only processes with an effective user ID equal to the user ID of the file or with appropriate privileges may change the ownership of a file. If _POSIX_CHOWN_RESTRICTED is in effect for path:
Changing the user ID is restricted to processes with appropriate privileges.
Changing the group ID is permitted to a process with an effective user ID equal to the user ID of the file, but without appropriate privileges, if and only if owner is equal to the file's user ID or ( uid_t)-1 and group is equal either to the calling process' effective group ID or to one of its supplementary group IDs.
ERRORS
The chown() function shall fail if:
....
[EPERM]
The effective user ID does not match the owner of the file, or the calling process does not have appropriate privileges and _POSIX_CHOWN_RESTRICTED indicates that such privilege is required.
...
[/code]
Solaris:
[code=BatchFile]
System Calls chown(2)
NAME
chown, lchown, fchown, fchownat - change owner and group of
a file
SYNOPSIS
#include <unistd.h>
#include <sys/types.h>
...
ERRORS
All of these functions will fail if:
EPERM The effective user ID does not match the
owner of the file and the {PRIV_FILE_CHOWN}
privilege is not asserted in the effective
set of the calling process, or the
{PRIV_FILE_CHOWN_SELF} privilege is not
asserted in the effective set of the calling
process.
[/code]
FreeBSD 7
[code=BatchFile]
CHOWN(2) FreeBSD System Calls Manual CHOWN(2)
NAME
chown, fchown, lchown -- change owner and group of a file
LIBRARY
Standard C Library (libc, -lc)
SYNOPSIS
#include <unistd.h>
int
chown(const char *path, uid_t owner, gid_t group);
...
ERRORS
The chown() and lchown() will fail and the file will be unchanged if:
...
[EPERM] The operation would change the ownership, but the
effective user ID is not the super-user.
[/code]
newman0708 2008-01-27
- 打赏
- 举报
你前面用的权限是bzjfcx,
而后面是root,
是权限问题吧,
而后面是root,
是权限问题吧,
薛定谔之死猫 2008-01-26
- 打赏
- 举报
恩,是这样的
zeloas 2008-01-26
- 打赏
- 举报
楼上 正解
mymtom 2008-01-26
- 打赏
- 举报
只有root才能改变文件属主:
man chown
......
The ownership of a file may only be altered by a super-user for obvious
security reasons.
man chown
......
The ownership of a file may only be altered by a super-user for obvious
security reasons.
