我Permission denied在执行cd进入目录 时得到的信息/tct/foxprod_t2b_002/cilin/cust_test/testcases/level1,并且用户是该组的成员;组中的其他用户可以轻松访问这些文件,但只有该用户不能。下面是strace从用户的主目录中截取的输出。
Prod- > strace csh -c 'cd /tct/foxprod_t2b_002/cilin/cust_test/testcases/level1'
execve("/bin/csh", ["csh", "-c", "cd /tct/foxprod_t2b_002/cilin/cu"...], [/* 57 vars */]) = 0
brk(0) = 0xb2a000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0dd0ef2000
access("/etc/ld.so.preload", R_OK) = 0
open("/etc/ld.so.preload", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=26, ...}) = 0
mmap(NULL, 26, PROT_READ|PROT_WRITE, MAP_PRIVATE, 3, 0) = 0x7f0dd0ef1000
close(3) = 0
open("/dgagent/lib64/preload.so", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0(\25\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0700, st_size=25895, ...}) = 0
mmap(NULL, 2115192, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f0dd0acf000
mprotect(0x7f0dd0ad4000, 2093056, PROT_NONE) = 0
mmap(0x7f0dd0cd3000, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x4000) = 0x7f0dd0cd3000
close(3) = 0
munmap(0x7f0dd0ef1000, 26) = 0
open("/grid/common/pkgs/gcc/v4.8.3/lib/tls/x86_64/libtinfo.so.5", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/grid/common/pkgs/gcc/v4.8.3/lib64/libtinfo.so.5", O_RDONLY) = -1 ENOENT (No such file or directory)
stat("/grid/common/pkgs/gcc/v4.8.3/lib64", {st_mode=S_IFDIR|0755, st_size=8192, ...}) = 0
open("/etc/ld.so.cache", O_RDONLY) = 3
open("/usr/lib64/gconv/gconv-modules.cache", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=26060, ...}) = 0
mmap(NULL, 26060, PROT_READ, MAP_SHARED, 3, 0) = 0x7f0dd0edf000
close(3) = 0
gettimeofday({1550755896, 639009}, NULL) = 0
getrusage(RUSAGE_SELF, {ru_utime={0, 0}, ru_stime={0, 1999}, ...}) = 0
getrusage(RUSAGE_CHILDREN, {ru_utime={0, 0}, ru_stime={0, 0}, ...}) = 0
open("/dev/null", O_RDONLY) = 3
close(3) = 0
getuid() = 34400
getgid() = 1001
geteuid() = 34400
getegid() = 1001
gettimeofday({1550755896, 640019}, NULL) = 0
dup2(0, 16) = 16
fcntl(16, F_SETFD, FD_CLOEXEC) = 0
dup2(1, 17) = 17
fcntl(17, F_SETFD, FD_CLOEXEC) = 0
dup2(2, 18) = 18
fcntl(18, F_SETFD, FD_CLOEXEC) = 0
dup2(16, 19) = 19
fcntl(19, F_SETFD, FD_CLOEXEC) = 0
ioctl(18, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(17, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
ioctl(16, SNDCTL_TMR_TIMEBASE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
readlink("/proc/self/fd/16", "/dev/pts/5"..., 4095) = 10
rt_sigaction(SIGALRM, {0x4439d0, [], SA_RESTORER, 0x7f0dd03156a0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [ALRM], NULL, 8) = 0
getcwd("/home/myuser", 4096) = 14
stat("/home/myuser", {st_mode=S_IFDIR|0777, st_size=12288, ...}) = 0
stat("/home/myuser", {st_mode=S_IFDIR|0777, st_size=12288, ...}) = 0
uname({sys="Linux", node="sj-myuser", ...}) = 0
rt_sigaction(SIGCHLD, {SIG_DFL, [], SA_RESTORER, 0x7f0dd03156a0}, NULL, 8) = 0
pipe([3, 4]) = 0
dup(3) = 5
dup(5) = 6
close(5) = 0
close(3) = 0
fcntl(6, F_SETFD, FD_CLOEXEC) = 0
dup(4) = 3
dup(3) = 5
dup(5) = 7
close(5) = 0
close(3) = 0
close(4) = 0
fcntl(7, F_SETFD, FD_CLOEXEC) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f0dd0e969d0) = 5257
socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0
sendto(3, "\2\0\0\0\v\0\0\0\7\0\0\0passwd\0", 19, MSG_NOSIGNAL, NULL, 0) = 19
poll([{fd=3, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=3, revents=POLLIN|POLLHUP}])
recvmsg(3, {msg_name(0)=NULL, msg_iov(2)=[{"bin/xae", 7}, {"\30m\30\31\377\177\0\0", 8}], msg_controllen=0, msg_flags=MSG_CMSG_CLOEXEC}, MSG_CMSG_CLOEXEC) = 0
close(3) = 0
socket(PF_FILE, SOCK_STREAM|SOCK_CLOEXEC|SOCK_NONBLOCK, 0) = 3
connect(3, {sa_family=AF_FILE, path="/var/run/nscd/socket"}, 110) = 0
sendto(3, "\2\0\0\0\0\0\0\0\10\0\0\0nanosrc\0", 20, MSG_NOSIGNAL, NULL, 0) = 20
poll([{fd=3, events=POLLIN|POLLERR|POLLHUP}], 1, 5000) = 1 ([{fd=3, revents=POLLIN|POLLHUP}])
read(3, "\2\0\0\0\1\0\0\0\10\0\0\0\2\0\0\0\351\\\0\0\222u\0\0\10\0\0\0\16\0\0\0"..., 36) = 36
read(3, "nanosrc\0x\0Nanosrc\0/home/nanosrc\0"..., 41) = 41
fcntl(9, F_SETFD, FD_CLOEXEC) = 0
clone(child_stack=0, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x7f0dd0e969d0) = 5290
gettimeofday({1550755896, 842153}, NULL) = 0
close(9) = 0
read(8, "2\n", 4096) = 2
--- SIGCHLD (Child exited) @ 0 (0) ---
rt_sigreturn(0x11) = 2
wait4(-1, [{WIFEXITED(s) && WEXITSTATUS(s) == 0}], WNOHANG|WSTOPPED, {ru_utime={0, 999}, ru_stime={0, 0}, ...}) = 5290
wait4(-1, 0x7fff19181af0, WNOHANG|WSTOPPED, 0x7fff19181a60) = -1 ECHILD (No child processes)
read(8, "", 4096) = 0
close(8) = 0
lstat("so", 0x7fff19186c20) = -1 ENOENT (No such file or directory)
close(0) = 0
close(1) = 0
close(2) = 0
alarm(0) = 0
alarm(0) = 0
close(0) = -1 EBADF (Bad file descriptor)
dup(19) = 0
fcntl(0, F_SETFD, 0) = 0
close(1) = -1 EBADF (Bad file descriptor)
dup(17) = 1
fcntl(1, F_SETFD, 0) = 0
close(2) = -1 EBADF (Bad file descriptor)
dup(18) = 2
fcntl(2, F_SETFD, 0) = 0
dup(18) = 2
fcntl(2, F_SETFD, 0) = 0
chdir("/tct/foxprod_t2b_002/cilin/cust_test/testcases/level1") = -1 EACCES (Permission denied)
chdir("/tct/foxprod_t2b_002/cilin/cust_test/testcases/level1") = -1 EACCES (Permission denied)
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2512, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f0dd0ede000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2512
read(3, "", 4096) = 0
close(3) = 0
munmap(0x7f0dd0ede000, 4096) = 0
open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en_US.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en_US/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, "/tct/foxprod_t2b_002/cilin/cust_"..., 74/tct/foxprod_t2b_002/cilin/cust_test/testcases/level1: Permission denied.
) = 74
lseek(16, 0, SEEK_END) = -1 ESPIPE (Illegal seek)
fstat(0, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 5), ...}) = 0
close(0) = 0
fstat(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 5), ...}) = 0
close(1) = 0
fstat(2, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 5), ...}) = 0
close(2) = 0
fstat(3, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(94, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(95, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(96, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(97, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(98, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(99, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(207, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(208, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(209, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(210, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
fstat(255, 0x7fff19189d10) = -1 EBADF (Bad file descriptor)
exit_group(1) = ?
作为一名 Linux 管理员,我添加了 3 个以上的用户,一切都很好,但这个特定的用户遇到了问题。
组是由 LDAP 维护的,因此 LDAP 组中的组为所有组。