"permission denied" error as root

Asked by Thinboy00 on 2008-05-26

This is REALLY bizarre. I've never heard of anything like this. I was bored so I tried one of the examples from info coreutils 'tee invocation' relating to du. Long story short, I ended up doing sudo du (followed by a pipeline). I got one "permission denied" error. That intrigued me. In a root shell, I did
# cd .gvfs
-bash: cd: .gvfs: Permission denied
Note: # is the command prompt, not a comment. The '-' in front of "-bash" isn't a typo on my part
WTF? How can root be denied permission? And wtf is "-bash" (as opposed to just "bash"). As myself, I did
~$ ls -Ald .gvfs
dr-x------ 2 me me 0 2008-05-26 12:09 .gvfs
~$ cd .gvfs
~/.gvfs$
Note: username replaced with "me"
Those permissions look awfully strange. The weird part is that the lack of permission for root is not constrained to cd ing, it also applies to chmod (and presumably others...), which troubles me. If I can do this (I really don't know where that dir. came from, but I "own" it...)... why can't a virus/cracker do it?
Can anyone explain how it is that I can do something root can't?

Question information

Language:
English Edit question
Status:
Solved
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Solved by:
Fred
Solved:
2008-11-11
Last query:
2008-11-11
Last reply:
2008-07-05
Thinboy00 (thinboy00) said : #1

Note, I should have mentioned, I recently (before discovering this behavior) updated my kernel via the update manager and restarted computer as needed.

MattWelborn (mattwelborn) said : #2

as root run "chmod 777 .gvfs" if that fails (which would be even more ridiculous), you could run the same command as your user.

very odd though

Thinboy00 (thinboy00) said : #3

unfortunately, I was migrating my homedir to another partition, and I didn't bother to migrate that dir (it was empty). I copied the contents of /home recursively to the other partition (which at the time was mounted at /mnt). I copied as root using cp -ar to avoid permissions issues. That directory refused to copy... I decided not to bother copying it manually, and just now, I tried to recreate it with the same permissions, and failed to get the same response. Oh well, the directory was empty and I have no idea what made it, probably not that important anyway. Thanks for the advice.

Thinboy00 (thinboy00) said : #4

Weird... it looks like the cosmic rays have been shining on this file, because now the "problem" is manifesting itself... chmod didn't work (perm. denied as root, silently failed to do anything as me):

$ sudo -i
[sudo] password for me:
# cd /home/me
# chmod 777 .gvfs
chmod: cannot access `.gvfs': Permission denied
# exit
logout
$ chmod 777 .gvfs
$ ls -ld .gvfs
dr-x------ 2 me me 0 2008-06-21 10:37 .gvfs

I don't see this as too much of a problem, except that such files could be used by virii to store whatever data they may need (a little troubling)

Thinboy00 (thinboy00) said : #5

is it possible that ".gvfs" is a file that is constantly in use by another program (doesn't make much sense though, since last time I got that error was when migrating my /home dir, and that was via a LiveCD)

Thinboy00 (thinboy00) said : #6

Another strange thing:
~$ cd .gvfs
~/.gvfs$ sudo -s
# cd ..
bash: cd: ..: Permission denied

(no hyphen in front of "bash" this time...?)

Thinboy00 (thinboy00) said : #7

Oops, forgot to copy the directory for that last command prompt:
# cd ..
should be
~/.gvfs# cd ..

sorry about all the spam

Thinboy00 (thinboy00) said : #8

One other thing (I really should learn to not hit that send button so quickly...):
The above weirdness only applies to relative paths, not absolute ones like "~" or "/"

Ralph Janke (txwikinger) said : #9

You need to use

sudo chmod 777 .gvfs

Hope this helps

Thinboy00 (thinboy00) said : #10

that is exactly what I did to do it as root IIRC. I also tried it as me, and it thought it did it, but it didn't:
~$ chmod 777 -v ./.gvfs
mode of `./.gvfs' changed to 0777 (rwxrwxrwx)
~$ ls -ld ./.gvfs
dr-x------ 2 kevin kevin 0 2008-06-23 16:25 ./.gvfs

Those commands were executed more or less consecutively (the only command separating them was very similar to the ls command and gave ~identical output except that both i and o were missing the "./" so I reenacted it)

Best Fred (frederic-lespez) said : #11

Hi,

.gfvs is a FUSE mount point :
$ mount|grep gvfs
gvfs-fuse-daemon on /home/fred/.gvfs type fuse.gvfs-fuse-daemon (rw,nosuid,nodev,user=fred)

This mount is setup so that only the user logged in can view it.

The fact that root cannot this directory seems to be a FUSE limitation. See :
http://bugzilla.gnome.org/show_bug.cgi?id=534284
and :
https://bugs.launchpad.net/gvfs/+bug/225361

Hope it helps.

Thinboy00 (thinboy00) said : #12

Thanks Fred, that solved my question.