无法在 /tmp 上创建文件，但可以创建目录

我的 linux 机器上的 /tmp 目录遇到了一个奇怪的问题

我可以创建一个目录并触摸其中的文件，但不能直接触摸 /tmp 中的文件：

/tmp]# touch a.txt
touch: setting times of `a.txt': No such file or directory
/tmp]# touch b.txt
touch: setting times of `b.txt': No such file or directory


/tmp]# mkdir toto
/tmp]# touch toto/a.txt

这是/tmp的权限

drwxrwxrwx.    9 root root  4096 Sep  7 08:43 tmp

ls -Z |grep tmp
drwxrwxrwt  root root ?                                tmp

有 touch 命令的 strace：

/tmp]# strace touch /tmp/a.txt
execve("/bin/touch", ["touch", "/tmp/a.txt"], [/* 38 vars */]) = 0
brk(0)                                  = 0xd1a000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f971d778000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=36757, ...}) = 0
mmap(NULL, 36757, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f971d76f000
close(3)                                = 0
open("/lib64/librt.so.1", O_RDONLY)     = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\240!\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=43944, ...}) = 0
mmap(NULL, 2128816, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f971d352000
mprotect(0x7f971d359000, 2093056, PROT_NONE) = 0
mmap(0x7f971d558000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x6000) = 0x7f971d558000
close(3)                                = 0
open("/lib64/libc.so.6", O_RDONLY)      = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0p\356\1\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1920936, ...}) = 0
mmap(NULL, 3750152, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f971cfbe000
mprotect(0x7f971d148000, 2097152, PROT_NONE) = 0
mmap(0x7f971d348000, 20480, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x18a000) = 0x7f971d348000
mmap(0x7f971d34d000, 18696, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f971d34d000
close(3)                                = 0
open("/lib64/libpthread.so.0", O_RDONLY) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0000^\0\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=142688, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f971d76e000
mmap(NULL, 2212848, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f971cda1000
mprotect(0x7f971cdb8000, 2097152, PROT_NONE) = 0
mmap(0x7f971cfb8000, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x17000) = 0x7f971cfb8000
mmap(0x7f971cfba000, 13296, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f971cfba000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f971d76d000
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f971d76c000
arch_prctl(ARCH_SET_FS, 0x7f971d76d700) = 0
mprotect(0x7f971cfb8000, 4096, PROT_READ) = 0
mprotect(0x7f971d348000, 16384, PROT_READ) = 0
mprotect(0x7f971d558000, 4096, PROT_READ) = 0
mprotect(0x7f971d779000, 4096, PROT_READ) = 0
munmap(0x7f971d76f000, 36757)           = 0
set_tid_address(0x7f971d76d9d0)         = 5330
set_robust_list(0x7f971d76d9e0, 24)     = 0
futex(0x7fff99010c8c, FUTEX_WAKE_PRIVATE, 1) = 0
futex(0x7fff99010c8c, FUTEX_WAIT_BITSET_PRIVATE|FUTEX_CLOCK_REALTIME, 1, NULL, 7f971d76d700) = -1 EAGAIN (Resource temporarily unavailable)
rt_sigaction(SIGRTMIN, {0x7f971cda6cb0, [], SA_RESTORER|SA_SIGINFO, 0x7f971cdb07e0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {0x7f971cda6d40, [], SA_RESTORER|SA_RESTART|SA_SIGINFO, 0x7f971cdb07e0}, NULL, 8) = 0
rt_sigprocmask(SIG_UNBLOCK, [RTMIN RT_1], NULL, 8) = 0
getrlimit(RLIMIT_STACK, {rlim_cur=10240*1024, rlim_max=RLIM64_INFINITY}) = 0
brk(0)                                  = 0xd1a000
brk(0xd3b000)                           = 0xd3b000
open("/usr/lib/locale/locale-archive", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=99158576, ...}) = 0
mmap(NULL, 99158576, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9716f10000
close(3)                                = 0
open("/tmp/a.txt", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = -1 EINVAL (Invalid argument)
utimensat(AT_FDCWD, "/tmp/a.txt", NULL, 0) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2512, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f971d777000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2512
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x7f971d777000, 4096)            = 0
open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en_US.utf8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en_US/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en.UTF-8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/coreutils.mo", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=435, ...}) = 0
mmap(NULL, 435, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f971d777000
close(3)                                = 0
write(2, "touch: ", 7touch: )                  = 7
write(2, "setting times of `/tmp/a.txt'", 29setting times of `/tmp/a.txt') = 29
open("/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en_US.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en_US/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, ": No such file or directory", 27: No such file or directory) = 27
write(2, "\n", 1
)                       = 1
close(1)                                = 0
close(2)                                = 0
exit_group(1)                           = ?

是什么阻止我直接触摸 /tmp 中的文件？

有关信息，我使用用户 root。

更新：

getfacl /tmp
getfacl: Removing leading '/' from absolute path names
# file: tmp
# owner: root
# group: root
# flags: --t
user::rwx
group::rwx
other::rwx