Return to Revisions

5 of 5

edited body

edited May 4, 2015 at 10:43

9.9k
16
51
52

Why does redirection (>) not work sometimes but appending (>>) does?

While studying for the RHCE, I came across a situation where stdin redirection does not work in bash:

# file /tmp/users.txt
/tmp/users.txt: cannot open `/tmp/users.txt' (No such file or directory)  
# semanage login -l > /tmp/users.txt
# file /tmp/users.txt
/tmp/users.txt: empty

However, this works:

# file /tmp/users.txt
/tmp/users.txt: cannot open `/tmp/users.txt' (No such file or directory)
# semanage login -l >> /tmp/users.txt
# file /tmp/users.txt
/tmp/users.txt: ASCII text

Why is this the case?

1st Update:

Permissions:

# ls -ld /tmp
drwxrwxrwt. 8 root root 4096 Jul 17 15:27 /tmp

ACLs (not an ACL mount but just in case):

# getfacl /tmp
getfacl: Removing leading '/' from absolute path names
# file: tmp
# owner: root
# group: root
# flags: --t
user::rwx
group::rwx
other::rwx

And I'm performing all commands as root (hence the hash prompt).

2nd Update

Per Caleb, full permissions listing of /tmp:

# ls -al /tmp
total 40
drwxrwxrwt.  8 root    root    4096 Jul 17 15:37 .
dr-xr-xr-x. 26 root    root    4096 Jul 17 15:07 ..
drwx------.  2 melmel  melmel  4096 Jul 16 21:08 .esd-500
drwxrwxrwt.  2 root    root    4096 Jul 17 15:07 .ICE-unix
drwx------.  2 gdm     gdm     4096 Jul 17 15:08 orbit-gdm
drwx------.  2 gdm     gdm     4096 Jul 17 15:07 pulse-5E9i88IGxaNh
drwx------.  2 melmel  melmel  4096 Jul 16 21:08 pulse-329qCo13Xk
-rw-------.  1 root    root       0 Jul 16 14:32 tmpXd9THg
-rw-------.  1 root    root       0 Jul 16 12:55 tmpie0O98
-rw-------.  1 root    root       0 Jul 16 20:23 tmpr10LrK
-r--r--r--.  1 root    root      11 Jul 17 15:07 .X0-lock
drwxrwxrwt.  2 root    root    4096 Jul 17 15:07 .X11-unix
-rw-r--r--.  1 root    root     865 Jul 16 20:20 yum.conf.security
-rw-------.  1 root    root       0 Jul 10 14:57 yum.log

3rd Update:

Per Hello71:

# mount | grep /tmp
# mount | grep -w '/'
/dev/mapper/vg_svr-tap-lv_root on / type ext4 (rw)

Answers to Gilles' questions:

Is this something you read about in a book, or did you reach this situation on a real machine?

Noticed this while performing a lab in a book on a real machine.

Is SELinux in use?

# sestatus 
SELinux status:                 enabled
SELinuxfs mount:                /selinux
Current mode:                   enforcing
Mode from config file:          enforcing
Policy version:                 24
Policy from config file:        targeted

Some Linux-on-Linux virtualisation?

Yes. KVM/QEMU guest.

I second Hello71's request, except please grep /tmp /proc/mounts

Nothing matches.

Also env | grep '^LD_' please.

Nothing matches.

Oh, and can we rule out active attacks

Yes we can. I'm the only one that has access to this guest.

asked Jul 17, 2011 at 19:21

Belmin Fernandez

9.9k
16
51
52