mknod: xxx: Operation not permitted
Arjan van de Ven
arjanv at redhat.com
Thu Dec 16 09:44:10 UTC 2004
On Thu, 2004-12-16 at 09:31 +0100, Ralf Corsepius wrote:
> Hi,
>
> Trying to create a char-device as ordinary user, results into this:
> # mknod /var/tmp/bla-1.0.0/etc/udev/devices/bla01 c 212 0
> mknod: `/var/tmp/bla-1.0.0/etc/udev/devices/bla01': Operation not permitted
>
> Any explanation for this behavior?
yes
if you allow non-root to create a device-node, then that non-root user
automatically has access to the device. At which point the game is over,
he's effectively root.
> This issue prevents one from being able to build rpms containing special
> devices as ordinary users.
then the rpm in question is buggy.
First of all, RPM has a directive to do this properly (%device iirc),
that way it gets created in the cpio properly but doesn't have to be on
the filesystem
Second of all, it's quite suspect that you want to package a device node
in an rpm since most of them are dynamic numbers nowadays... are you
sure your device is registered with LANANA ?
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/fedora-devel-list/attachments/20041216/a92f354c/attachment.sig>
More information about the fedora-devel-list
mailing list