[opensuse] How can I fix screwed up permissions.
Hi, I made my local security setting more secure with the yast security module and now I get a host of problems with running configure and cmake. I've tried setting them back to easy but nothing changes, I can't even run ./configure and have to use sh configure. This problem affects root as well how can I fix it? Thanks Dave P -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, 2010-05-28 at 17:00 +0200, Dave Plater wrote:
Hi, I made my local security setting more secure with the yast security module and now I get a host of problems with running configure and cmake. I've tried setting them back to easy but nothing changes, I can't even run ./configure and have to use sh configure. This problem affects root as well how can I fix it?
I thought SUSEConfig did this. Perhaps looking at the /etc/permissions* files might help get you started. That is all I know for this. -- Roger Oberholtzer OPQ Systems / Ramböll RST Ramböll Sverige AB Krukmakargatan 21 P.O. Box 17009 SE-104 62 Stockholm, Sweden Office: Int +46 10-615 60 20 Mobile: Int +46 70-815 1696 -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/28/2010 05:09 PM, Roger Oberholtzer wrote:
On Fri, 2010-05-28 at 17:00 +0200, Dave Plater wrote:
Hi, I made my local security setting more secure with the yast security module and now I get a host of problems with running configure and cmake. I've tried setting them back to easy but nothing changes, I can't even run ./configure and have to use sh configure. This problem affects root as well how can I fix it?
I thought SUSEConfig did this. Perhaps looking at the /etc/permissions* files might help get you started. That is all I know for this.
I've even deleted /etc/permissions and reinstalled to ensure I have the default. Somewhere there's a config file that stops execution of scripts with the executable bit set. Dave P -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, May 28, 2010 at 06:21:51PM +0200, Dave Plater wrote:
On 05/28/2010 05:09 PM, Roger Oberholtzer wrote:
On Fri, 2010-05-28 at 17:00 +0200, Dave Plater wrote:
Hi, I made my local security setting more secure with the yast security module and now I get a host of problems with running configure and cmake. I've tried setting them back to easy but nothing changes, I can't even run ./configure and have to use sh configure. This problem affects root as well how can I fix it?
I thought SUSEConfig did this. Perhaps looking at the /etc/permissions* files might help get you started. That is all I know for this.
I've even deleted /etc/permissions and reinstalled to ensure I have the default. Somewhere there's a config file that stops execution of scripts with the executable bit set.
You might have remounted the filesystem you are building on non-exec. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/28/2010 06:32 PM, Marcus Meissner wrote:
On Fri, May 28, 2010 at 06:21:51PM +0200, Dave Plater wrote:
On 05/28/2010 05:09 PM, Roger Oberholtzer wrote:
On Fri, 2010-05-28 at 17:00 +0200, Dave Plater wrote:
Hi, I made my local security setting more secure with the yast security module and now I get a host of problems with running configure and cmake. I've tried setting them back to easy but nothing changes, I can't even run ./configure and have to use sh configure. This problem affects root as well how can I fix it?
I thought SUSEConfig did this. Perhaps looking at the /etc/permissions* files might help get you started. That is all I know for this.
I've even deleted /etc/permissions and reinstalled to ensure I have the default. Somewhere there's a config file that stops execution of scripts with the executable bit set.
You might have remounted the filesystem you are building on non-exec.
Ciao, Marcus
I build on an ext4 filesystem and my root is xfs and this is across both and it started immediately after I'd played permissions with yast security. After writing this email I've realized that it's only shell scripts that are affected and python, perl and other scripts aren’t. /dev/sda3 on / type xfs (rw,relatime) and /dev/sda5 on /data type ext4 (rw,noexec,nosuid,nodev,relatime,acl). Regards Dave P -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, May 28, 2010 at 06:58:31PM +0200, Dave Plater wrote:
On 05/28/2010 06:32 PM, Marcus Meissner wrote:
On Fri, May 28, 2010 at 06:21:51PM +0200, Dave Plater wrote:
On 05/28/2010 05:09 PM, Roger Oberholtzer wrote:
On Fri, 2010-05-28 at 17:00 +0200, Dave Plater wrote:
Hi, I made my local security setting more secure with the yast security module and now I get a host of problems with running configure and cmake. I've tried setting them back to easy but nothing changes, I can't even run ./configure and have to use sh configure. This problem affects root as well how can I fix it?
I thought SUSEConfig did this. Perhaps looking at the /etc/permissions* files might help get you started. That is all I know for this.
I've even deleted /etc/permissions and reinstalled to ensure I have the default. Somewhere there's a config file that stops execution of scripts with the executable bit set.
You might have remounted the filesystem you are building on non-exec.
Ciao, Marcus
I build on an ext4 filesystem and my root is xfs and this is across both and it started immediately after I'd played permissions with yast security. After writing this email I've realized that it's only shell scripts that are affected and python, perl and other scripts aren’t. /dev/sda3 on / type xfs (rw,relatime) and /dev/sda5 on /data type ext4 (rw,noexec,nosuid,nodev,relatime,acl).
Well, you can't run stuff on /data then. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/28/2010 07:11 PM, Marcus Meissner wrote:
I build on an ext4 filesystem and my root is xfs and this is across both
and it started immediately after I'd played permissions with yast security. After writing this email I've realized that it's only shell scripts that are affected and python, perl and other scripts aren’t. /dev/sda3 on / type xfs (rw,relatime) and /dev/sda5 on /data type ext4 (rw,noexec,nosuid,nodev,relatime,acl).
Well, you can't run stuff on /data then.
Ciao, Marcus
Would you have any idea how I can get rid of the noexec flag, it's not in fstab? Regards Dave P -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/28/2010 07:24 PM, Dave Plater wrote:
On 05/28/2010 07:11 PM, Marcus Meissner wrote:
I build on an ext4 filesystem and my root is xfs and this is across both
and it started immediately after I'd played permissions with yast security. After writing this email I've realized that it's only shell scripts that are affected and python, perl and other scripts aren’t. /dev/sda3 on / type xfs (rw,relatime) and /dev/sda5 on /data type ext4 (rw,noexec,nosuid,nodev,relatime,acl).
Well, you can't run stuff on /data then.
Ciao, Marcus
Would you have any idea how I can get rid of the noexec flag, it's not in fstab? Regards Dave P
I tried the obvious and put exec into fstab for /dev/sda5 and it's solved the problem. There must be a bug somewhere in yast security or maybe it was something else that happened at the same time, I've been getting by with using sh for quite a while. Thanks Dave P -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
You could boot with the install disk and then choose the repair option. I forget what it called exactly. But it is chosen early on. You can, IIRC, choose which things that should be checked. As the file system is mounted by the install, but does not run software from it, I think it could repair many things. You would need the release you are running. I am not sure how it deals with updates you have done. Roger Oberholtzer OPQ Systems / Ramböll RST Ramböll Sverige AB Kapellgränd 7 P.O. Box 4205 SE-102 65 Stockholm, Sweden Office: Int +46 8-615 60 20 Mobile: Int +46 70-815 1696 And remember: It is RSofT and there is always something under construction. It is like talking about large city with all constructions finished. Not impossible, but very unlikely. -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On Fri, May 28, 2010 at 07:36:26PM +0200, Dave Plater wrote:
On 05/28/2010 07:24 PM, Dave Plater wrote:
On 05/28/2010 07:11 PM, Marcus Meissner wrote:
I build on an ext4 filesystem and my root is xfs and this is across both
and it started immediately after I'd played permissions with yast security. After writing this email I've realized that it's only shell scripts that are affected and python, perl and other scripts aren’t. /dev/sda3 on / type xfs (rw,relatime) and /dev/sda5 on /data type ext4 (rw,noexec,nosuid,nodev,relatime,acl).
Well, you can't run stuff on /data then.
Ciao, Marcus
Would you have any idea how I can get rid of the noexec flag, it's not in fstab? Regards Dave P
I tried the obvious and put exec into fstab for /dev/sda5 and it's solved the problem. There must be a bug somewhere in yast security or maybe it was something else that happened at the same time, I've been getting by with using sh for quite a while.
No good idea though where this comes from. Ciao, Marcus -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/28/2010 08:56 PM, Marcus Meissner wrote:
I tried the obvious and put exec into fstab for /dev/sda5 and it's
solved the problem. There must be a bug somewhere in yast security or maybe it was something else that happened at the same time, I've been getting by with using sh for quite a while.
No good idea though where this comes from.
Ciao, Marcus
My problems solved anyway and I know where to look now. Thanks again Dave P -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Friday, 2010-05-28 at 20:56 +0200, Marcus Meissner wrote:
On Fri, May 28, 2010 at 07:36:26PM +0200, Dave Plater wrote:
/dev/sda3 on / type xfs (rw,relatime) and /dev/sda5 on /data type ext4 (rw,noexec,nosuid,nodev,relatime,acl).
Well, you can't run stuff on /data then.
Would you have any idea how I can get rid of the noexec flag, it's not in fstab?
I tried the obvious and put exec into fstab for /dev/sda5 and it's solved the problem. There must be a bug somewhere in yast security or maybe it was something else that happened at the same time, I've been getting by with using sh for quite a while.
No good idea though where this comes from.
I think it is the new default mount option for "data" filesystems, in oS 11.2 or thereabouts. Otherwise, using yast to activate a more "secure" mode would surely put the noexec option for those filesystems - ie, removing the "exec" option in fstab. I have been bitten by this noexec thing, too. - -- Cheers, Carlos E. R. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (GNU/Linux) iEYEARECAAYFAkwAX0UACgkQtTMYHG2NR9URnACfbmAnX/oicZhKzzBBRYDc+mnR Y+4Anisa7y8Kgc1szujdAzMbvTNfunoN =Gw+z -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
On 05/28/2010 06:32 PM, Marcus Meissner wrote:
You might have remounted the filesystem you are building on non-exec.
Ciao, Marcus
It's definitely something to do with the ext4 filesystem that I build on because I just tried ./configure on the xfs root and it works. Thanks Dave P -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org
participants (4)
-
Carlos E. R. -
Dave Plater -
Marcus Meissner -
Roger Oberholtzer