it-swarm-ja.com

Linux:rootとしてのファイルのrmがEPERMで失敗する(操作は許可されていません)

Rootとしてログインしています

# whoami
root

私はファイルを持っています

# ls -l /usr/share/applications/google-chrome.desktop
-rw-r--r-- 1 root root 8424 Dec  3 10:29 /usr/share/applications/google-chrome.desktop

テキストファイルです

# file /usr/share/applications/google-chrome.desktop
/usr/share/applications/google-chrome.desktop: UTF-8 Unicode text

削除したいのですが、EPERMエラーのため削除できません

# rm /usr/share/applications/google-chrome.desktop
rm: cannot remove ‘/usr/share/applications/google-chrome.desktop’: Operation not permitted

touchを実行しようとすると、EACCESエラーで失敗します

# touch /usr/share/applications/google-chrome.desktop
touch: cannot touch ‘/usr/share/applications/google-chrome.desktop’: Permission denied

ファイルのアクセス許可を変更できません(ただし、同じディレクトリ内の他のファイルのアクセス許可を変更することはできます)

# chmod 666 /usr/share/applications/google-chrome.desktop
chmod: changing permissions of ‘/usr/share/applications/google-chrome.desktop’: Operation not permitted

このファイルが原因で、親ディレクトリのアクセス許可を再帰的に変更しようとすると失敗します

# chmod -R u+w /usr/share/applications
chmod: changing permissions of ‘/usr/share/applications/google-chrome.desktop’: Operation not permitted

不十分なディスク容量は問題ではありません

# df -h
Filesystem                        Size  Used Avail Use% Mounted on
/dev/sda9                         126G   84G   36G  70% /
none                              4.0K     0  4.0K   0% /sys/fs/cgroup
udev                              3.8G  4.0K  3.8G   1% /dev
tmpfs                             780M  1.2M  779M   1% /run
none                              5.0M     0  5.0M   0% /run/lock
none                              3.9G  152K  3.9G   1% /run/shm
none                              100M   28K  100M   1% /run/user
/dev/sda7                         465M  107M  331M  25% /boot
/dev/sda2                         256M   56M  201M  22% /boot/efi

再起動しましたが、これはまだ問題です。

これは、straceで失敗するrm呼び出しのEPERMです。

# strace rm /usr/share/applications/google-chrome.desktop
execve("/bin/rm", ["rm", "/usr/share/applications/google-c"...], [/* 29 vars */]) = 0
brk(0)                                  = 0xb87000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f65a6901000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=130454, ...}) = 0
mmap(NULL, 130454, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f65a68e1000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\37\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1845024, ...}) = 0
mmap(NULL, 3953344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f65a631b000
mprotect(0x7f65a64d6000, 2097152, PROT_NONE) = 0
mmap(0x7f65a66d6000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bb000) = 0x7f65a66d6000
mmap(0x7f65a66dc000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f65a66dc000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f65a68e0000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f65a68de000
Arch_prctl(Arch_SET_FS, 0x7f65a68de740) = 0
mprotect(0x7f65a66d6000, 16384, PROT_READ) = 0
mprotect(0x60d000, 4096, PROT_READ)     = 0
mprotect(0x7f65a6903000, 4096, PROT_READ) = 0
munmap(0x7f65a68e1000, 130454)          = 0
brk(0)                                  = 0xb87000
brk(0xba8000)                           = 0xba8000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=7216688, ...}) = 0
mmap(NULL, 7216688, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f65a5c39000
close(3)                                = 0
ioctl(0, SNDCTL_TMR_TIMEBASE or SNDRV_TIMER_IOCTL_NEXT_DEVICE or TCGETS, {B38400 opost isig icanon echo ...}) = 0
newfstatat(AT_FDCWD, "/usr/share/applications/google-chrome.desktop", {st_mode=S_IFREG|0644, st_size=8424, ...}, AT_SYMLINK_NOFOLLOW) = 0
geteuid()                               = 0
unlinkat(AT_FDCWD, "/usr/share/applications/google-chrome.desktop", 0) = -1 EPERM (Operation not permitted)
open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2570, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f65a6900000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2570
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x7f65a6900000, 4096)            = 0
open("/usr/share/locale/en_AU/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale-langpack/en_AU/LC_MESSAGES/coreutils.mo", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=63459, ...}) = 0
mmap(NULL, 63459, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f65a68f1000
close(3)                                = 0
open("/usr/share/locale-langpack/en/LC_MESSAGES/coreutils.mo", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=619, ...}) = 0
mmap(NULL, 619, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f65a68f0000
close(3)                                = 0
open("/usr/lib/charset.alias", O_RDONLY|O_NOFOLLOW) = -1 ENOENT (No such file or directory)
write(2, "rm: ", 4rm: )                     = 4
write(2, "cannot remove \342\200\230/usr/share/appl"..., 65cannot remove ‘/usr/share/applications/google-chrome.desktop’) = 65
open("/usr/share/locale/en_AU/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale-langpack/en_AU/LC_MESSAGES/libc.mo", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=3100, ...}) = 0
mmap(NULL, 3100, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f65a68ef000
close(3)                                = 0
open("/usr/share/locale-langpack/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, ": Operation not permitted", 25: Operation not permitted) = 25
write(2, "\n", 1
)                       = 1
lseek(0, 0, SEEK_CUR)                   = -1 ESPIPE (Illegal seek)
close(0)                                = 0
close(1)                                = 0
close(2)                                = 0
exit_group(1)                           = ?
+++ exited with 1 +++

これは、straceで失敗するtouch呼び出しのEACCESです。

# strace touch /usr/share/applications/google-chrome.desktop
execve("/usr/bin/touch", ["touch", "/usr/share/applications/google-c"...], [/* 29 vars */]) = 0
brk(0)                                  = 0x105c000
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9a020af000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
open("/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=130454, ...}) = 0
mmap(NULL, 130454, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9a0208f000
close(3)                                = 0
access("/etc/ld.so.nohwcap", F_OK)      = -1 ENOENT (No such file or directory)
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\0\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\320\37\2\0\0\0\0\0"..., 832) = 832
fstat(3, {st_mode=S_IFREG|0755, st_size=1845024, ...}) = 0
mmap(NULL, 3953344, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f9a01ac9000
mprotect(0x7f9a01c84000, 2097152, PROT_NONE) = 0
mmap(0x7f9a01e84000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1bb000) = 0x7f9a01e84000
mmap(0x7f9a01e8a000, 17088, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f9a01e8a000
close(3)                                = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9a0208e000
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9a0208c000
Arch_prctl(Arch_SET_FS, 0x7f9a0208c740) = 0
mprotect(0x7f9a01e84000, 16384, PROT_READ) = 0
mprotect(0x60d000, 4096, PROT_READ)     = 0
mprotect(0x7f9a020b1000, 4096, PROT_READ) = 0
munmap(0x7f9a0208f000, 130454)          = 0
brk(0)                                  = 0x105c000
brk(0x107d000)                          = 0x107d000
open("/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=7216688, ...}) = 0
mmap(NULL, 7216688, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9a013e7000
close(3)                                = 0
open("/usr/share/applications/google-chrome.desktop", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = -1 EACCES (Permission denied)
utimensat(AT_FDCWD, "/usr/share/applications/google-chrome.desktop", NULL, 0) = -1 EACCES (Permission denied)
open("/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2570, ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f9a020ae000
read(3, "# Locale name alias data base.\n#"..., 4096) = 2570
read(3, "", 4096)                       = 0
close(3)                                = 0
munmap(0x7f9a020ae000, 4096)            = 0
open("/usr/share/locale/en_AU/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale-langpack/en_AU/LC_MESSAGES/coreutils.mo", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=63459, ...}) = 0
mmap(NULL, 63459, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9a0209f000
close(3)                                = 0
open("/usr/share/locale-langpack/en/LC_MESSAGES/coreutils.mo", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=619, ...}) = 0
mmap(NULL, 619, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9a0209e000
close(3)                                = 0
open("/usr/lib/charset.alias", O_RDONLY|O_NOFOLLOW) = -1 ENOENT (No such file or directory)
write(2, "touch: ", 7touch: )                  = 7
write(2, "cannot touch \342\200\230/usr/share/appli"..., 64cannot touch ‘/usr/share/applications/google-chrome.desktop’) = 64
open("/usr/share/locale/en_AU/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/locale-langpack/en_AU/LC_MESSAGES/libc.mo", O_RDONLY) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=3100, ...}) = 0
mmap(NULL, 3100, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f9a0209d000
close(3)                                = 0
open("/usr/share/locale-langpack/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, ": Permission denied", 19: Permission denied)     = 19
write(2, "\n", 1
)                       = 1
close(1)                                = 0
close(2)                                = 0
exit_group(1)                           = ?
+++ exited with 1 +++

ここで何が起こっているのですか?このファイルを削除するにはどうすればよいですか?

4
Steve Lorimer

ファイルに不変属性が設定されていることがわかります。

chattrを使用して不変の属性を削除することができます

# chattr -i /usr/share/applications/google-chrome.desktop

取り外しが可能になりました

# rm /usr/share/applications/google-chrome.desktop
# echo $?
0
5
Steve Lorimer