Re: rm: cannot unlink `sendmail': Operation not permitted
try chattr -i /usr/sbin Even if sendmail is set -i, if the directory is immutable you will not be able to rm it. Pete -- http://www.elbnet.com ELB Internet Services, Inc. Web Design, Computer Consulting, Internet Hosting Jason Lim wrote: > > Hi all, > > This is happening on a Redhat 7.2 system, but i think it would apply > across all Linux distros. > > [EMAIL PROTECTED] sbin]# pwd > /usr/sbin > [EMAIL PROTECTED] sbin]# chattr -iu sendmail > [EMAIL PROTECTED] sbin]# rm sendmail > rm: remove `sendmail'? y > rm: cannot unlink `sendmail': Operation not permitted > > [EMAIL PROTECTED] sbin]# ls -al sendmail > -rwxr-xr-x 1 root root99161 May 1 01:21 sendmail > > That is happening for all the files in that directory. > > strace rm sendmail: > > lstat64("sendmail", {st_mode=S_IFREG|0755, st_size=99161, ...}) = 0 > access("sendmail", W_OK)= 0 > unlink("sendmail") = -1 EPERM (Operation not > permitted) > > Any ideas as to what may be happening? > > Sincerely, > Jason > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: rm: cannot unlink `sendmail': Operation not permitted
try chattr -i /usr/sbin Even if sendmail is set -i, if the directory is immutable you will not be able to rm it. Pete -- http://www.elbnet.com ELB Internet Services, Inc. Web Design, Computer Consulting, Internet Hosting Jason Lim wrote: > > Hi all, > > This is happening on a Redhat 7.2 system, but i think it would apply > across all Linux distros. > > [root@linux1 sbin]# pwd > /usr/sbin > [root@linux1 sbin]# chattr -iu sendmail > [root@linux1 sbin]# rm sendmail > rm: remove `sendmail'? y > rm: cannot unlink `sendmail': Operation not permitted > > [root@linux1 sbin]# ls -al sendmail > -rwxr-xr-x 1 root root99161 May 1 01:21 sendmail > > That is happening for all the files in that directory. > > strace rm sendmail: > > lstat64("sendmail", {st_mode=S_IFREG|0755, st_size=99161, ...}) = 0 > access("sendmail", W_OK)= 0 > unlink("sendmail") = -1 EPERM (Operation not > permitted) > > Any ideas as to what may be happening? > > Sincerely, > Jason > > -- > To UNSUBSCRIBE, email to [EMAIL PROTECTED] > with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
chattr certain dirs on Debian? (was Re: rm: cannot unlink `sendmail': Operation not permitted)
Nope... it wasn't running. I did a "chattr = sendmail" to remove all flags, and now it works. [EMAIL PROTECTED] sbin]# lsattr |more suSiadAc-- ./iconvconfig suSiadAc-- ./rpcinfo suSiadAc-- ./zdump suSiadAc-- ./zic suSiadAc-- ./pwunconv suSiadAc-- ./pwck suSiadAc-- ./glibc_post_upgrade suSiadAc-- ./mklost+found suSiadAc-- ./arping suSiadAc-- ./clockdiff suSiadAc-- ./ping6 Redhat 7.2 has these by default. Despite the trouble it caused me earlier, perhaps this is a *GOOD* thing... it would prevent root from accidentally deleting any critical system files, and would make hacking/cracking slightly harder (okay... only slightly, but hey... everything adds up to help). On a Debian system: sh-2.05a# lsattr /usr/sbin -- /usr/sbin/locale-gen -- /usr/sbin/dpkg-preconfigure -- /usr/sbin/vchkpw -- /usr/sbin/dpkg-reconfigure Would this be something we want to do on Debian? Sincerely, Jason - Original Message - From: "John Gonzalez/netMDC admin" <[EMAIL PROTECTED]> To: "Jason Lim" <[EMAIL PROTECTED]> Sent: Friday, May 24, 2002 8:22 AM Subject: Re: rm: cannot unlink `sendmail': Operation not permitted > Is sendmail running? > > Do a: ps auxww | grep sendmail > > On Fri, May 24, 2002 at 08:16:25AM +1000, Jason Lim wrote: > > Hi all, > > > > This is happening on a Redhat 7.2 system, but i think it would apply > > across all Linux distros. > > > > [EMAIL PROTECTED] sbin]# pwd > > /usr/sbin > > [EMAIL PROTECTED] sbin]# chattr -iu sendmail > > [EMAIL PROTECTED] sbin]# rm sendmail > > rm: remove `sendmail'? y > > rm: cannot unlink `sendmail': Operation not permitted > > -- > John Gonzalez, Tularosa Communications | (505) 439-0200 work > JG6416, ASN 11711, [EMAIL PROTECTED] | (505) 443-1228 fax > http://www.tularosa.net > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: rm: cannot unlink `sendmail': Operation not permitted
On Fri, May 24, 2002 at 08:16:25AM +1000, Jason Lim wrote: > Hi all, > > This is happening on a Redhat 7.2 system, but i think it would apply > across all Linux distros. > > [EMAIL PROTECTED] sbin]# pwd > /usr/sbin > [EMAIL PROTECTED] sbin]# chattr -iu sendmail > [EMAIL PROTECTED] sbin]# rm sendmail > rm: remove `sendmail'? y > rm: cannot unlink `sendmail': Operation not permitted > > [EMAIL PROTECTED] sbin]# ls -al sendmail > -rwxr-xr-x 1 root root99161 May 1 01:21 sendmail > > That is happening for all the files in that directory. > > strace rm sendmail: > > lstat64("sendmail", {st_mode=S_IFREG|0755, st_size=99161, ...}) = 0 > access("sendmail", W_OK)= 0 > unlink("sendmail") = -1 EPERM (Operation not > permitted) > > Any ideas as to what may be happening? [EMAIL PROTECTED]:~ $ mkdir test [EMAIL PROTECTED]:~ $ cd test [EMAIL PROTECTED]:~/test $ touch biff [EMAIL PROTECTED]:~/test $ sudo chattr +i . [EMAIL PROTECTED]:~/test $ lsattr biff -- biff [EMAIL PROTECTED]:~/test $ ls -l biff -rw-rw-r--1 nnorman nnorman 0 May 23 17:35 biff [EMAIL PROTECTED]:~/test $ rm biff rm: cannot unlink `biff': Permission denied [EMAIL PROTECTED]:~/test $ lsattr -d . ---i-- . Check the directory. -- Nathan Norman - Micromuse Ltd. mailto:[EMAIL PROTECTED] Gil-galad was an Elven-king.| The Fellowship Of him the harpers sadly sing: |of the last whose realm was fair and free | the Ring between the Mountains and the Sea. | J.R.R. Tolkien pgp3Ga1obacQy.pgp Description: PGP signature
chattr certain dirs on Debian? (was Re: rm: cannot unlink `sendmail': Operation not permitted)
Nope... it wasn't running. I did a "chattr = sendmail" to remove all flags, and now it works. [root@linux1 sbin]# lsattr |more suSiadAc-- ./iconvconfig suSiadAc-- ./rpcinfo suSiadAc-- ./zdump suSiadAc-- ./zic suSiadAc-- ./pwunconv suSiadAc-- ./pwck suSiadAc-- ./glibc_post_upgrade suSiadAc-- ./mklost+found suSiadAc-- ./arping suSiadAc-- ./clockdiff suSiadAc-- ./ping6 Redhat 7.2 has these by default. Despite the trouble it caused me earlier, perhaps this is a *GOOD* thing... it would prevent root from accidentally deleting any critical system files, and would make hacking/cracking slightly harder (okay... only slightly, but hey... everything adds up to help). On a Debian system: sh-2.05a# lsattr /usr/sbin -- /usr/sbin/locale-gen -- /usr/sbin/dpkg-preconfigure -- /usr/sbin/vchkpw -- /usr/sbin/dpkg-reconfigure Would this be something we want to do on Debian? Sincerely, Jason - Original Message - From: "John Gonzalez/netMDC admin" <[EMAIL PROTECTED]> To: "Jason Lim" <[EMAIL PROTECTED]> Sent: Friday, May 24, 2002 8:22 AM Subject: Re: rm: cannot unlink `sendmail': Operation not permitted > Is sendmail running? > > Do a: ps auxww | grep sendmail > > On Fri, May 24, 2002 at 08:16:25AM +1000, Jason Lim wrote: > > Hi all, > > > > This is happening on a Redhat 7.2 system, but i think it would apply > > across all Linux distros. > > > > [root@linux1 sbin]# pwd > > /usr/sbin > > [root@linux1 sbin]# chattr -iu sendmail > > [root@linux1 sbin]# rm sendmail > > rm: remove `sendmail'? y > > rm: cannot unlink `sendmail': Operation not permitted > > -- > John Gonzalez, Tularosa Communications | (505) 439-0200 work > JG6416, ASN 11711, [EMAIL PROTECTED] | (505) 443-1228 fax > http://www.tularosa.net > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: rm: cannot unlink `sendmail': Operation not permitted
On Fri, May 24, 2002 at 08:16:25AM +1000, Jason Lim wrote: > Hi all, > > This is happening on a Redhat 7.2 system, but i think it would apply > across all Linux distros. > > [root@linux1 sbin]# pwd > /usr/sbin > [root@linux1 sbin]# chattr -iu sendmail > [root@linux1 sbin]# rm sendmail > rm: remove `sendmail'? y > rm: cannot unlink `sendmail': Operation not permitted > > [root@linux1 sbin]# ls -al sendmail > -rwxr-xr-x 1 root root99161 May 1 01:21 sendmail > > That is happening for all the files in that directory. > > strace rm sendmail: > > lstat64("sendmail", {st_mode=S_IFREG|0755, st_size=99161, ...}) = 0 > access("sendmail", W_OK)= 0 > unlink("sendmail") = -1 EPERM (Operation not > permitted) > > Any ideas as to what may be happening? nnorman@foo:~ $ mkdir test nnorman@foo:~ $ cd test nnorman@foo:~/test $ touch biff nnorman@foo:~/test $ sudo chattr +i . nnorman@foo:~/test $ lsattr biff -- biff nnorman@foo:~/test $ ls -l biff -rw-rw-r--1 nnorman nnorman 0 May 23 17:35 biff nnorman@foo:~/test $ rm biff rm: cannot unlink `biff': Permission denied nnorman@foo:~/test $ lsattr -d . ---i-- . Check the directory. -- Nathan Norman - Micromuse Ltd. mailto:[EMAIL PROTECTED] Gil-galad was an Elven-king.| The Fellowship Of him the harpers sadly sing: |of the last whose realm was fair and free | the Ring between the Mountains and the Sea. | J.R.R. Tolkien msg06441/pgp0.pgp Description: PGP signature