|
Home > Archive > Unix administration > December 2004 > file permissions--something is changing it
You are viewing an archived Text-only version of the thread.
To view this thread in it's original format and/or if you want to reply to
this thread please [click here]
| Author |
file permissions--something is changing it
|
|
| ilaboo 2004-12-21, 2:54 am |
| using kppp debian periodically something is changing permissions of
dev/ttys0 to all forbidden
i hve to periodically as root change them to all a +rw
how can i monitor whatever is chaging this files permissions?
tia
peter
| |
| Jean-Philippe Blais 2004-12-21, 5:56 pm |
| ilaboo wrote:
> using kppp debian periodically something is changing permissions of
> dev/ttys0 to all forbidden
>
> i hve to periodically as root change them to all a +rw
>
> how can i monitor whatever is chaging this files permissions?
>
> tia
> peter
Give a try with FAM (file access monitor).
JP.
| |
| Jean-Philippe Blais 2004-12-21, 5:56 pm |
| Jean-Philippe Blais wrote:
> ilaboo wrote:
>
>
> Give a try with FAM (file access monitor).
>
> JP.
Oups it is not file access monitor but File Alteration Monitor.
JP.
| |
| Bryan Brock 2004-12-21, 5:56 pm |
| What are the exact permissions on /dev/ttyS0 and the kppp executable?
What's the group membership of the user? Can you use minicom to access
/dev/ttyS0?
If kppp is changing /dev/ttyS0, you should be able to use strace to see
the system calls kppp made to change the permissions or ownership of
the file (maybe chown32 or chmod32).
Try "strace -o strace.out kppp". This should run kppp and save the
stack trace output in strace.out. In another window, monitor the
system calls with "tail -f strace.out". You could also do an "ls -l
/dev/ttyS0" to note when the permissions have changed.
If you're not sure whether or not kppp is the culprit, you can use the
"-r" switch with the lsof command to monitor which program is opening
/dev/ttyS0.
To check for any processes that have opened /dev/ttyS0 once every
second, you can use the "-r 1" like this:
bbrock@queue:~> lsof -r 1 /dev/ttyS0
=======
=======
=======
=======
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
minicom 13413 bbrock 3u CHR 4,64 34953 /dev/ttyS0
=======
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
minicom 13413 bbrock 3u CHR 4,64 34953 /dev/ttyS0
=======
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
minicom 13413 bbrock 3u CHR 4,64 34953 /dev/ttyS0
=======
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
minicom 13413 bbrock 3u CHR 4,64 34953 /dev/ttyS0
=======
=======
=======
=======
bbrock@queue:~>
| |
| Bryan Brock 2004-12-21, 5:56 pm |
| What are the exact permissions on /dev/ttyS0 and the kppp executable?
What's the group membership of the user? Can you use minicom to access
/dev/ttyS0?
If kppp is changing /dev/ttyS0, you should be able to use strace to see
the system calls kppp made to change the permissions or ownership of
the file (maybe chown32 or chmod32).
Try "strace -o strace.out kppp". This should run kppp and save the
stack trace output in strace.out. In another window, monitor the
system calls with "tail -f strace.out". You could also do an "ls -l
/dev/ttyS0" to note when the permissions have changed.
If you're not sure whether or not kppp is the culprit, you can use the
"-r" switch with the lsof command to monitor which program is opening
/dev/ttyS0.
To check for any processes that have opened /dev/ttyS0 once every
second, you can use the "-r 1" like this:
bbrock@queue:~> lsof -r 1 /dev/ttyS0
=======
=======
=======
=======
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
minicom 13413 bbrock 3u CHR 4,64 34953 /dev/ttyS0
=======
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
minicom 13413 bbrock 3u CHR 4,64 34953 /dev/ttyS0
=======
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
minicom 13413 bbrock 3u CHR 4,64 34953 /dev/ttyS0
=======
COMMAND PID USER FD TYPE DEVICE SIZE NODE NAME
minicom 13413 bbrock 3u CHR 4,64 34953 /dev/ttyS0
=======
=======
=======
=======
bbrock@queue:~>
|
|
|
|
|