谁能解释一下这个:
嵌入式 Arm 系统,Linux 3.18.44。没有 SELinux 或任何东西:
# ls -l /dev/console
crw------- 1 root root 5, 1 Jan 6 02:40 /dev/console
# ls -l /tmp/console
crw------- 1 root root 5, 1 Jan 6 02:39 /tmp/console
# echo foo > /dev/console
foo
# echo foo > /tmp/console
-sh: can't create /tmp/console: Permission denied
# ls -ld /tmp
drwxr-xr-x 2 root root 80 Jan 6 02:39 /tmp
# ls -ld /dev
drwxr-xr-x 11 root root 5480 Jan 6 02:32 /dev
一些细节来自strace
:
# strace sh -c 'echo foo > /tmp/console' 2>&1 | grep console
execve("/bin/sh", ["sh", "-c", "echo foo > /tmp/console"], [/* 12 vars */]) = 0
open("/tmp/console", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = -1 EACCES (Pe)
相对:
# strace sh -c 'echo foo > /dev/console' 2>&1 | grep console
execve("/bin/sh", ["sh", "-c", "echo foo > /dev/console"], [/* 12 vars */]) = 0
open("/dev/console", O_WRONLY|O_CREAT|O_TRUNC|O_LARGEFILE, 0666) = 3
foo
这是相同的设备:major 5,minor 1。为什么设备会关心引用它的文件系统节点的路径名?如果这就是问题所在,那就是这样的:
# mknod -m 600 /tmp/cons c 5 1
# echo foo > /dev/cons
foo
# mknod -m 600 /tmp/cons c 5 1
# echo foo > /tmp/cons
-sh: can't create /tmp/cons: Permission denied
某种“安全剧院”?它可以在非常相似的硬件上的 Linux 3.14 下运行。
答案1
/tmp
已安装诺德夫/dev 不是...?