[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Issue about AIX
From: |
REIX, Tony |
Subject: |
RE: Issue about AIX |
Date: |
Thu, 7 Mar 2019 10:05:30 +0000 |
Hi Chet,
I've experimented on: AIX 6.1 TL9, AIX 7.1 TL3, AIX 7.2 TL0, AIX 7.2 TL2 .
They all show the issue (compared to bash as non-root and to ksh as root or
non-root)
I have no AIX 5.3 machine. However, it's very old now.
Here below is the man of access() routine.
I found this issue when analyzing the failing tests of Git on AIX. When this
bash issue on AIX is fixed, a set of Git tests are now OK.
The difference that I see between AIX and Linux is:
man access :
AIX: The access subroutine indicates success for X_OK even if none of the
execute file permission bits are set.
Linux: If the calling process is privileged (i.e., its real UID is zero),
then an X_OK check is successful for a regular file if execute permission is
enabled for any of the file owner, group, or other.
Here is the test that I'm using:
# cat /tmp/TEST
rm /tmp/foo4
test -x /tmp/foo4 ; echo $?
touch /tmp/foo4
ls -l /tmp/foo4
test -x /tmp/foo4 ; echo $?
chmod +x /tmp/foo4
test -x /tmp/foo4 ; echo $?
rm /tmp/foo4
As root :
# ./bash_64 /tmp/TEST
rm: cannot remove '/tmp/foo4': No such file or directory
1
-rw-r--r-- 1 root system 0 Mar 7 10:40 /tmp/foo4
0
0
# ksh /tmp/TEST
rm: cannot remove '/tmp/foo4': No such file or directory
1
-rw-r--r-- 1 root system 0 Mar 7 10:41 /tmp/foo4
1
0
As non-root:
# ./bash_64 /tmp/TEST
rm: cannot remove '/tmp/foo4': No such file or directory
1
-rw-r--r-- 1 postgres postgres 0 Mar 7 10:49 /tmp/foo4
1
/opt/freeware/bin/chmod: line 1: /tmp/chmod: Permission denied
0
# man access
access, accessx, faccessx, accessxat, or faccessat Subroutine
Purpose
Determines the accessibility of a file.
Library
Standard C Library (libc.a)
Syntax
#include <unistd.h>
int access (PathName,Mode)
char *PathName;
int Mode;
int accessx (PathName, Mode, Who)
char *PathName;
int Mode, Who;
int faccessx (FileDescriptor, Mode, Who)
int FileDescriptor;
int Mode, Who;
int accessxat (DirFileDescriptor, PathName, Mode, Who)
int DirFileDescriptor;
char *PathName;
int Mode, Who;
int faccessat (DirFileDescriptor, PathName, Mode, Flag)
int DirFileDescriptor;
char *PathName;
int Mode, Flag;
Description
The access, accessx, accessxat, faccessat and faccessx subroutines
determine the accessibility of a file system object. The accessx, accessxat,
and faccessx subroutines allow
the specification of a class of users or processes for whom access is to
be checked.
The caller must have search permission for all components of the
PathName parameter.
The accessxat subroutine is equivalent to the accessx subroutine, and
the faccessat subroutine is equivalent to the access subroutine if the PathName
parameter specifies an
absolute path or if the DirFileDescriptor parameter is set to AT_FDCWD.
The file accessibility is determined by the relative path to the directory that
is associated with the
DirFileDescriptor parameter instead of the current working directory. If
the directory is accessed without the O_SEARCH open flag, the subroutine checks
to determine whether
directory searches are permitted by using the current permissions of the
directory. If the directory is accessed with the O_SEARCH open flag, the
subroutine does not perform
the check.
Parameters
Item
Description
PathName
Specifies the path name of the file. If the PathName parameter
refers to a symbolic link, the access subroutine returns information about the
file pointed to by the
symbolic link. If the DirFileDescriptor is specified and PathName
is relative, then the DirFileDescriptor specifies the effective current working
directory for the
PathName.
FileDescriptor
Specifies the file descriptor of an open file.
Mode
Specifies the access modes to be checked. This parameter is a bit
mask containing 0 or more of the following values, which are defined in the
<sys/access.h> file:
R_OK
Check read permission.
W_OK
Check write permission.
X_OK
Check execute or search permission.
F_OK
Check the existence of a file.
If none of these values are specified, the existence of a file is
checked.
Who
Specifies the class of users for whom access is to be checked. This
parameter must be one of the following values, which are defined in the
<sys/access.h> file:
ACC_SELF
Determines if access is permitted for the current process.
The effective user and group IDs, the concurrent group set and the privilege of
the current process are
used for the calculation.
ACC_INVOKER
Determines if access is permitted for the invoker of the
current process. The real user and group IDs, the concurrent group set, and the
privilege of the invoker
are used for the calculation.
Note: The expression access (PathName, Mode) is equivalent
to accessx (PathName, Mode, ACC_INVOKER).
ACC_OTHERS
Determines if the specified access is permitted for any user
other than the object owner. The Mode parameter must contain only one of the
valid modes. Privilege is
not considered in the calculation.
ACC_ALL
Determines if the specified access is permitted for all
users. The Mode parameter must contain only one of the valid modes. Privilege
is not considered in the
calculation .
Note: The accessx subroutine shows the same behavior by both
the user and root with ACC_ALL.
DirFileDescriptor
Specifies the file descriptor of an open directory, which is used
as the effective current working directory for the PathName argument. If the
DirFileDescriptor parameter
equals AT_FDCWD, the DirFileDescriptor parameter is ignored and the
PathName argument specifies the complete file.
Flag
Specifies a bit field argument. If the Flag parameter equals
AT_EACCESS, the effective user and group IDs are checked (ACC_SELF). If the
Flag parameter is zero, the real
IDs are checked (ACC_INVOKER).
Return Values
If the requested access is permitted, the access, accessx, faccessx,
accessxat, and faccessat subroutines return a value of 0. If the requested
access is not permitted or the
function call fails, a value of -1 is returned and the errno global
variable is set to indicate the error.
The access subroutine indicates success for X_OK even if none of the
execute file permission bits are set.
Error Codes
The access faccessat, accessx, and accessx subroutines fail if one or
more of the following are true:
Item
Description
EACCES
Search permission is denied on a component of the PathName prefix.
EFAULT
The PathName parameter points to a location outside the allocated
address space of the process.
ELOOP
Too many symbolic links were encountered in translating the
PathName parameter.
ENAMETOOLONG
A component of the PathName parameter exceeded 255 characters or
the entire PathName parameter exceeded 1022 characters.
ENOENT
A component of the PathName does not exist or the process has the
disallow truncation attribute set.
ENOENT
The named file does not exist.
ENOENT
The PathName parameter was null.
ENOENT
A symbolic link was named, but the file to which it refers does not
exist.
ENOTDIR
A component of the PathName is not a directory.
ESTALE
The process root or current directory is located in a virtual file
system that has been unmounted.
The faccessx subroutine fails if the following is true:
Item
Description
EBADF
The value of the FileDescriptor parameter is not valid.
The access, accessx, and faccessx subroutines fail if one or more of the
following is true:
Item
Description
EACCES
The file protection does not allow the requested access.
ENOMEM
Unable to allocate memory.
EIO
An I/O error occurred during the operation.
EROFS
Write access is requested for a file on a read-only file system.
The accessxat and faccessat subroutines fail if one or more of the
following settings are true:
Item
Description
EBADF
The PathName parameter does not specify an absolute path and the
DirFileDescriptor argument is neither AT_FDCWD nor a valid file descriptor.
EINVAL
The value of the Flag parameter is not valid.
ENOTDIR
The PathName parameter is not an absolute path and
DirFileDescriptor is a file descriptor but is not associated with a directory.
If Network File System (NFS) is installed on your system, the accessx,
accessxat, and faccessx subroutines can also fail if the following settings are
true:
Item
Description
ETIMEDOUT
The connection timed out.
ETXTBSY
Write access is requested for a shared text file that is being
executed.
EINVAL
The value of the Mode argument is invalid.
Cordialement,
Tony Reix
tony.reix@atos.net
ATOS / Bull SAS
ATOS Expert
IBM Coop Architect & Technical Leader
Office : +33 (0) 4 76 29 72 67
1 rue de Provence - 38432 Échirolles - France
www.atos.net<https://mail.ad.bull.net/owa/redir.aspx?C=PvphmPvCZkGrAgHVnWGsdMcDKgzl_dEIsM6rX0g4u4v8V81YffzBGkWrtQeAXNovd3ttkJL8JIc.&URL=http%3a%2f%2fwww.atos.net%2f>
________________________________
De : Chet Ramey <chet.ramey@case.edu>
Envoyé : mercredi 6 mars 2019 22:11:58
À : REIX, Tony; bug-bash@gnu.org
Cc : chet.ramey@case.edu
Objet : Re: Issue about AIX
On 3/6/19 10:22 AM, REIX, Tony wrote:
> Hi,
>
>
> On AIX, like Solaris, when root, the test "test -x /tmp/AFile" returns true
> even if the file is not executable.
>
> This issue is there for ages.
>
> Here attached is the patch for fixing it for v5.0 .
Thanks. Is this true for all versions of AIX?
--
``The lyf so short, the craft so long to lerne.'' - Chaucer
``Ars longa, vita brevis'' - Hippocrates
Chet Ramey, UTech, CWRU chet@case.edu
https://emea01.safelinks.protection.outlook.com/?url=http:%2F%2Ftiswww.cwru.edu%2F~chet%2F&data=02%7C01%7Ctony.reix%40atos.net%7C23893ee88fd54a1afcf308d6a278799c%7C33440fc6b7c7412cbb730e70b0198d5a%7C0%7C0%7C636875035653705583&sdata=IDJ93PZy7JkuNJt3pNwfzD%2BYk0TyFPnpEdaz1zuxlrA%3D&reserved=0