Re: rm: cannot unlink `sendmail': Operation not permitted
try chattr -i /usr/sbin
Even if sendmail is set -i, if the directory is immutable you will not
be able to rm it.
Pete
--
http://www.elbnet.com
ELB Internet Services, Inc.
Web Design, Computer Consulting, Internet Hosting
Jason Lim wrote:
>
> Hi all,
>
> This is happening on a Redhat 7.2 system, but i think it would apply
> across all Linux distros.
>
> [EMAIL PROTECTED] sbin]# pwd
> /usr/sbin
> [EMAIL PROTECTED] sbin]# chattr -iu sendmail
> [EMAIL PROTECTED] sbin]# rm sendmail
> rm: remove `sendmail'? y
> rm: cannot unlink `sendmail': Operation not permitted
>
> [EMAIL PROTECTED] sbin]# ls -al sendmail
> -rwxr-xr-x 1 root root99161 May 1 01:21 sendmail
>
> That is happening for all the files in that directory.
>
> strace rm sendmail:
>
> lstat64("sendmail", {st_mode=S_IFREG|0755, st_size=99161, ...}) = 0
> access("sendmail", W_OK)= 0
> unlink("sendmail") = -1 EPERM (Operation not
> permitted)
>
> Any ideas as to what may be happening?
>
> Sincerely,
> Jason
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: rm: cannot unlink `sendmail': Operation not permitted
try chattr -i /usr/sbin
Even if sendmail is set -i, if the directory is immutable you will not
be able to rm it.
Pete
--
http://www.elbnet.com
ELB Internet Services, Inc.
Web Design, Computer Consulting, Internet Hosting
Jason Lim wrote:
>
> Hi all,
>
> This is happening on a Redhat 7.2 system, but i think it would apply
> across all Linux distros.
>
> [root@linux1 sbin]# pwd
> /usr/sbin
> [root@linux1 sbin]# chattr -iu sendmail
> [root@linux1 sbin]# rm sendmail
> rm: remove `sendmail'? y
> rm: cannot unlink `sendmail': Operation not permitted
>
> [root@linux1 sbin]# ls -al sendmail
> -rwxr-xr-x 1 root root99161 May 1 01:21 sendmail
>
> That is happening for all the files in that directory.
>
> strace rm sendmail:
>
> lstat64("sendmail", {st_mode=S_IFREG|0755, st_size=99161, ...}) = 0
> access("sendmail", W_OK)= 0
> unlink("sendmail") = -1 EPERM (Operation not
> permitted)
>
> Any ideas as to what may be happening?
>
> Sincerely,
> Jason
>
> --
> To UNSUBSCRIBE, email to [EMAIL PROTECTED]
> with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
chattr certain dirs on Debian? (was Re: rm: cannot unlink `sendmail': Operation not permitted)
Nope... it wasn't running. I did a "chattr = sendmail" to remove all flags, and now it works. [EMAIL PROTECTED] sbin]# lsattr |more suSiadAc-- ./iconvconfig suSiadAc-- ./rpcinfo suSiadAc-- ./zdump suSiadAc-- ./zic suSiadAc-- ./pwunconv suSiadAc-- ./pwck suSiadAc-- ./glibc_post_upgrade suSiadAc-- ./mklost+found suSiadAc-- ./arping suSiadAc-- ./clockdiff suSiadAc-- ./ping6 Redhat 7.2 has these by default. Despite the trouble it caused me earlier, perhaps this is a *GOOD* thing... it would prevent root from accidentally deleting any critical system files, and would make hacking/cracking slightly harder (okay... only slightly, but hey... everything adds up to help). On a Debian system: sh-2.05a# lsattr /usr/sbin -- /usr/sbin/locale-gen -- /usr/sbin/dpkg-preconfigure -- /usr/sbin/vchkpw -- /usr/sbin/dpkg-reconfigure Would this be something we want to do on Debian? Sincerely, Jason - Original Message - From: "John Gonzalez/netMDC admin" <[EMAIL PROTECTED]> To: "Jason Lim" <[EMAIL PROTECTED]> Sent: Friday, May 24, 2002 8:22 AM Subject: Re: rm: cannot unlink `sendmail': Operation not permitted > Is sendmail running? > > Do a: ps auxww | grep sendmail > > On Fri, May 24, 2002 at 08:16:25AM +1000, Jason Lim wrote: > > Hi all, > > > > This is happening on a Redhat 7.2 system, but i think it would apply > > across all Linux distros. > > > > [EMAIL PROTECTED] sbin]# pwd > > /usr/sbin > > [EMAIL PROTECTED] sbin]# chattr -iu sendmail > > [EMAIL PROTECTED] sbin]# rm sendmail > > rm: remove `sendmail'? y > > rm: cannot unlink `sendmail': Operation not permitted > > -- > John Gonzalez, Tularosa Communications | (505) 439-0200 work > JG6416, ASN 11711, [EMAIL PROTECTED] | (505) 443-1228 fax > http://www.tularosa.net > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: rm: cannot unlink `sendmail': Operation not permitted
On Fri, May 24, 2002 at 08:16:25AM +1000, Jason Lim wrote:
> Hi all,
>
> This is happening on a Redhat 7.2 system, but i think it would apply
> across all Linux distros.
>
> [EMAIL PROTECTED] sbin]# pwd
> /usr/sbin
> [EMAIL PROTECTED] sbin]# chattr -iu sendmail
> [EMAIL PROTECTED] sbin]# rm sendmail
> rm: remove `sendmail'? y
> rm: cannot unlink `sendmail': Operation not permitted
>
> [EMAIL PROTECTED] sbin]# ls -al sendmail
> -rwxr-xr-x 1 root root99161 May 1 01:21 sendmail
>
> That is happening for all the files in that directory.
>
> strace rm sendmail:
>
> lstat64("sendmail", {st_mode=S_IFREG|0755, st_size=99161, ...}) = 0
> access("sendmail", W_OK)= 0
> unlink("sendmail") = -1 EPERM (Operation not
> permitted)
>
> Any ideas as to what may be happening?
[EMAIL PROTECTED]:~ $ mkdir test
[EMAIL PROTECTED]:~ $ cd test
[EMAIL PROTECTED]:~/test $ touch biff
[EMAIL PROTECTED]:~/test $ sudo chattr +i .
[EMAIL PROTECTED]:~/test $ lsattr biff
-- biff
[EMAIL PROTECTED]:~/test $ ls -l biff
-rw-rw-r--1 nnorman nnorman 0 May 23 17:35 biff
[EMAIL PROTECTED]:~/test $ rm biff
rm: cannot unlink `biff': Permission denied
[EMAIL PROTECTED]:~/test $ lsattr -d .
---i-- .
Check the directory.
--
Nathan Norman - Micromuse Ltd. mailto:[EMAIL PROTECTED]
Gil-galad was an Elven-king.| The Fellowship
Of him the harpers sadly sing: |of
the last whose realm was fair and free | the Ring
between the Mountains and the Sea. | J.R.R. Tolkien
pgp3Ga1obacQy.pgp
Description: PGP signature
chattr certain dirs on Debian? (was Re: rm: cannot unlink `sendmail': Operation not permitted)
Nope... it wasn't running. I did a "chattr = sendmail" to remove all flags, and now it works. [root@linux1 sbin]# lsattr |more suSiadAc-- ./iconvconfig suSiadAc-- ./rpcinfo suSiadAc-- ./zdump suSiadAc-- ./zic suSiadAc-- ./pwunconv suSiadAc-- ./pwck suSiadAc-- ./glibc_post_upgrade suSiadAc-- ./mklost+found suSiadAc-- ./arping suSiadAc-- ./clockdiff suSiadAc-- ./ping6 Redhat 7.2 has these by default. Despite the trouble it caused me earlier, perhaps this is a *GOOD* thing... it would prevent root from accidentally deleting any critical system files, and would make hacking/cracking slightly harder (okay... only slightly, but hey... everything adds up to help). On a Debian system: sh-2.05a# lsattr /usr/sbin -- /usr/sbin/locale-gen -- /usr/sbin/dpkg-preconfigure -- /usr/sbin/vchkpw -- /usr/sbin/dpkg-reconfigure Would this be something we want to do on Debian? Sincerely, Jason - Original Message - From: "John Gonzalez/netMDC admin" <[EMAIL PROTECTED]> To: "Jason Lim" <[EMAIL PROTECTED]> Sent: Friday, May 24, 2002 8:22 AM Subject: Re: rm: cannot unlink `sendmail': Operation not permitted > Is sendmail running? > > Do a: ps auxww | grep sendmail > > On Fri, May 24, 2002 at 08:16:25AM +1000, Jason Lim wrote: > > Hi all, > > > > This is happening on a Redhat 7.2 system, but i think it would apply > > across all Linux distros. > > > > [root@linux1 sbin]# pwd > > /usr/sbin > > [root@linux1 sbin]# chattr -iu sendmail > > [root@linux1 sbin]# rm sendmail > > rm: remove `sendmail'? y > > rm: cannot unlink `sendmail': Operation not permitted > > -- > John Gonzalez, Tularosa Communications | (505) 439-0200 work > JG6416, ASN 11711, [EMAIL PROTECTED] | (505) 443-1228 fax > http://www.tularosa.net > -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: rm: cannot unlink `sendmail': Operation not permitted
On Fri, May 24, 2002 at 08:16:25AM +1000, Jason Lim wrote:
> Hi all,
>
> This is happening on a Redhat 7.2 system, but i think it would apply
> across all Linux distros.
>
> [root@linux1 sbin]# pwd
> /usr/sbin
> [root@linux1 sbin]# chattr -iu sendmail
> [root@linux1 sbin]# rm sendmail
> rm: remove `sendmail'? y
> rm: cannot unlink `sendmail': Operation not permitted
>
> [root@linux1 sbin]# ls -al sendmail
> -rwxr-xr-x 1 root root99161 May 1 01:21 sendmail
>
> That is happening for all the files in that directory.
>
> strace rm sendmail:
>
> lstat64("sendmail", {st_mode=S_IFREG|0755, st_size=99161, ...}) = 0
> access("sendmail", W_OK)= 0
> unlink("sendmail") = -1 EPERM (Operation not
> permitted)
>
> Any ideas as to what may be happening?
nnorman@foo:~ $ mkdir test
nnorman@foo:~ $ cd test
nnorman@foo:~/test $ touch biff
nnorman@foo:~/test $ sudo chattr +i .
nnorman@foo:~/test $ lsattr biff
-- biff
nnorman@foo:~/test $ ls -l biff
-rw-rw-r--1 nnorman nnorman 0 May 23 17:35 biff
nnorman@foo:~/test $ rm biff
rm: cannot unlink `biff': Permission denied
nnorman@foo:~/test $ lsattr -d .
---i-- .
Check the directory.
--
Nathan Norman - Micromuse Ltd. mailto:[EMAIL PROTECTED]
Gil-galad was an Elven-king.| The Fellowship
Of him the harpers sadly sing: |of
the last whose realm was fair and free | the Ring
between the Mountains and the Sea. | J.R.R. Tolkien
msg06441/pgp0.pgp
Description: PGP signature
