Date: Tue, 8 Oct 2002 01:30:33 +0000 From: Jez Hancock <jez.hancock@munk.nu> To: FreeBSD ISP List <freebsd-isp@freebsd.org> Subject: Re: Apache vhost directive problem Message-ID: <20021008013033.GA75840@users.munk.nu> In-Reply-To: <20021007112908.M51200-100000@stalker.amigo.net> References: <20021007005601.GB72630@users.munk.nu> <20021007112908.M51200-100000@stalker.amigo.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Oct 07, 2002 at 11:31:54AM -0600, Randy Smith wrote: > On Mon, 7 Oct 2002, Jez Hancock wrote: > > > Date: Mon, 7 Oct 2002 00:56:01 +0000 > > From: Jez Hancock <jez.hancock@munk.nu> > > To: FreeBSD ISP List <freebsd-isp@freebsd.org> > > Subject: Re: Apache vhost directive problem > > > > > On Thu, Oct 03, 2002 at 09:38:13AM +0400, Konstantin M Volevatch wrote: > > > > Also, you may set 'sunlnk' flag on 'web' subdir > > I did play around with the 'chflags' command on a dummy user's .history > > file to see if I could stop the user from deleting the file. Whilst it > > worked perfectly well in that the user couldn't rm the file, when I > > later went to unset the 'sunlnk' flag I was unable to (as root of > > course). > > > > I then went on to test the problem / try to recreate it in another > > directory. The output is as follows: > > > > [0:44:16] munk@users /home# cd /home/munk > > [0:44:19] munk@users /home/munk# mkdir test > > [0:44:22] munk@users /home/munk# cd test > > [0:44:24] munk@users /home/munk/test# touch test > > [0:44:27] munk@users /home/munk/test# chflags sunlnk test > > [0:44:34] munk@users /home/munk/test# chflags nosunlnk test > > chflags: test: Operation not permitted > > [0:44:42] munk@users /home/munk/test# ls -alo > > total 4 > > drwxr-xr-x 2 root munk - 512 Oct 7 00:44 ./ > > drwx-----x 14 munk munk - 1536 Oct 7 00:44 ../ > > -rw-r--r-- 1 root munk sunlnk 0 Oct 7 00:44 test > > [0:45:05] munk@users /home/munk/test# chflags nosunlnk test > > chflags: test: Operation not permitted > > [0:45:13] munk@users /home/munk/test# id > > uid=0(root) gid=0(wheel) groups=0(wheel), 2(kmem), 3(sys), 4(tty), > > 5(operator), 20(staff), 31(guest), 1010(epl) > > > > What am I missing here? I'm unable to unset the 'sunlnk' flag on the > > file 'test' at all for some reason. > > > > Thanks in advance, > > > > Jez > > > > If kern.securelevel is > 1 then no one (even root) can unset an sunlnk, > schg, etc. flag. You need to reduce your securelevel to remove the files. *doh* - bingo that's the problem. Many thanks. Jez To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20021008013033.GA75840>