This discussion is archived
1 Reply Latest reply: Aug 4, 2009 12:39 AM by abrante RSS

Solaris Privs

807567 Newbie
Currently Being Moderated
I have a question about the following from the man pages on privileges:

PRIV_FILE_DAC_WRITE
Allow a process to write a file or directory whose permission bits or ACL do not allow the process write permission. All privileges are required to write files owned by UID 0 in the absence of an effective UID of 0.

I am unclear on what that means - I ask because of a truss output I collected on a process that appeared to be hung from the user's perspective but was burning up the cpu via top:

stat("M$FST000.TMP", 0xFFFFFFFF7FFFD6E8) Err#2 ENOENT
stat("M$FST000.TMP", 0xFFFFFFFF7FFFD830) Err#2 ENOENT
open("M$FST000.TMP", O_RDWR|O_CREAT, 0666) Err#13 EACCES [file_dac_write]


I did post a different question regarding this truss output - and do not intend to double post. I would simply like a description of the EACCESS (file_dac_write) error that is being returned in this example. My limited understanding of this would indicate that the process was attempting to create a file or directory with the specified permissions but failed because some element in the file ro dirs path was exclusively owned by root.

Thanks -

Mike
  • 1. Re: Solaris Privs
    abrante Pro
    Currently Being Moderated
    Yes, you are right. The EACCES indicates that the process is not allowed to open that file for writing. I guess that the [file_dac_write] indicates that the system, upon failure to write to the file, also checked if the user had the appropriate privilege (file_dac_write), which he didn't.

    You could take a look at the manpage for 'open' and see what it says about EACCES.

    .7/M.