ls:不允许操作

时间:2014-09-08 04:33:28

标签: unix fuse

我有一个带有选项allow_other和umask 0的保险丝fs。这给了我一组权限设置为777的文件。虽然当我在包含文件的目录中尝试ls -l时,我得到以下内容输出:

ls: name: Operation not permitted
ls: tags: Operation not permitted
ls: location: Operation not permitted
ls: ext: Operation not permitted
ls: experiment_id: Operation not permitted
ls: file_path: Operation not permitted

任何人都可以告诉我为什么尽管有全局权限(777)我仍然不允许操作?

在运行strace时,我得到以下痕迹:

lstat("tags", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0
lgetxattr("tags", "security.selinux", 0x112ae80, 255) = -1 EPERM (Operation not     permitted)
write(2, "ls: ", 4ls: )                     = 4
write(2, "tags", 4tags)                     = 4
write(2, ": Operation not permitted", 25: Operation not permitted) = 25
write(2, "\n", 1
)                       = 1
lstat("location", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0
lgetxattr("location", "security.selinux", 0x112aea0, 255) = -1 EPERM (Operation not      permitted)
write(2, "ls: ", 4ls: )                     = 4
write(2, "location", 8location)                 = 8
write(2, ": Operation not permitted", 25: Operation not permitted) = 25
write(2, "\n", 1)                       = 1
lstat("ext", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0
lgetxattr("ext", "security.selinux", 0x112aec0, 255) = -1 EPERM (Operation not permitted)
write(2, "ls: ", 4ls: )                     = 4
write(2, "ext", 3ext)                      = 3
write(2, ": Operation not permitted", 25: Operation not permitted) = 25
write(2, "\n", 1)                       = 1
lstat("experiment_id", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0
lgetxattr("experiment_id", "security.selinux", 0x112aee0, 255) = -1 EPERM (Operation not    permitted)  
write(2, "ls: ", 4ls: )                     = 4
write(2, "experiment_id", 13experiment_id)           = 13
write(2, ": Operation not permitted", 25: Operation not permitted) = 25
write(2, "\n", 1)                       = 1
lstat("file_path", {st_mode=S_IFDIR|0777, st_size=4096, ...}) = 0
lgetxattr("file_path", "security.selinux", 0x112af00, 255) = -1 EPERM (Operation not permitted)
write(2, "ls: ", 4ls: )                     = 4
write(2, "file_path", 9file_path)                = 9
write(2, ": Operation not permitted", 25: Operation not permitted) = 25
write(2, "\n", 1)                       = 1

所以从跟踪来看,它看起来像是试图获取selinux属性,即使它在我的系统上被禁用。

cat /etc//sysconfig/selinux
SELINUX=disabled
SELINUXTYPE=targeted

4 个答案:

答案 0 :(得分:2)

在包含文件的目录上设置权限。

答案 1 :(得分:2)

请按照以下步骤解决问题。我尝试了以下步骤,为我工作了 1.拉下Apple菜单,然后选择“系统偏好设置” 2.选择“安全和隐私”控制面板 3.现在选择“隐私”选项卡,然后从左侧菜单中选择“全盘访问” 4.单击首选项面板左下角的锁定图标,并以管理员级别登录进行身份验证 5.现在单击[+]加号按钮以添加具有完全磁盘访问权限的应用程序 6.导航到/ Applications / Utilities /文件夹,然后选择“ Terminal”(终端),以授予Terminal具有Full Disk Access权限的终端 7.重新启动终端,“不允许操作”错误消息将消失

答案 2 :(得分:1)

至少使用strace(1)作为

 strace ls -l

这将显示ls完成的所有系统调用,您将识别哪个FUSE文件系统相关syscalls(2)失败。

也许stat(2)tags等个别目录条目失败了??

您可能忘记在FUSE中执行某些操作。

答案 3 :(得分:1)

问题在于我的getxattr实现。我在错误时返回-1,转换为EPERM,而我应该返回ENODATA,这对我的逻辑更正确。这也解决了这些错误。

https://gowalker.org/github.com/hanwen/go-fuse/fuse