2

I have a PHP process that:

  • starts as root
  • writes to and then closes a pid file in /var/run/
  • chown()s said pid file to another user
  • changes to that user via posix_setuid()
  • tries to delete pid file at end of process

Now, even though I am chown()ing the pid file to the current user, it is unable to delete the file claiming "Permission denied" on the unlink() call. That means that even though the effective user owns the file, and the file is NOT open in the current (or any) process, there is still insufficient permission.

On a hunch, I tried moving the pid file location to my home directory, and this works without a problem. Note that the user of the process is not MY personal user, so the effective user has no write permissions on my home directory, just the one specific file.

So, why can't I delete the pid file when it's in /var/run/?

4

1 回答 1

1

Issue is that the user needs write permissions on the directory in order to delete the file. Write permissions on the file itself does not enable them to delete the file. This is why it works when you move the file to their home directory, which they have write perms for :). Maybe moving the file to their home prior to changing users via posix_setuid() is a possible solution?

See this article for more information on Linux permissions.

Edit: I just re-read your post and realized that you stated you did not move the file to the user's actual home. However, the /home/ dir that your moving the file, must grant write permissions to the user for them to delete the file. My hunch is that the directory your moving the file to either has write granted to a group owner which the user is a member of or has write granted for everyone. "ls -l" should show you this information.

于 2011-02-07T05:12:26.027 回答