You are not logged in.

Pages: 1

#1 2014-03-26 22:50:16

joerg1
Member
Registered: 2014-03-26
Posts: 6

[Solved] Hassles with /dev/null

Whenever I have a terminal with su open and surf a bit in google-chrome-stable, /dev/null is changed into a file with permissions 0600.

I didn't know what was happening, so I used auditctl to get this:

type=PATH msg=audit(26/03/14 23:24:16.648:2428) : item=3 name=/dev/null- inode=1027 dev=00:05 mode=character,666 ouid=root ogid=root rdev=01:03 nametype=CREATE
type=PATH msg=audit(26/03/14 23:24:16.648:2428) : item=2 name=/dev/null inode=1027 dev=00:05 mode=character,666 ouid=root ogid=root rdev=01:03 nametype=DELETE
type=PATH msg=audit(26/03/14 23:24:16.648:2428) : item=1 name=/dev/ inode=1025 dev=00:05 mode=dir,755 ouid=root ogid=root rdev=00:00 nametype=PARENT
type=PATH msg=audit(26/03/14 23:24:16.648:2428) : item=0 name=/dev/ inode=1025 dev=00:05 mode=dir,755 ouid=root ogid=root rdev=00:00 nametype=PARENT
type=CWD msg=audit(26/03/14 23:24:16.648:2428) :  cwd=/home/joerg
type=SYSCALL msg=audit(26/03/14 23:24:16.648:2428) : arch=x86_64 syscall=rename success=yes exit=0 a0=0xe12c20 a1=0xe11e70 a2=0x6c a3=0x7fff8d034210 items=4 ppid=3166 pid=3167 auid=joerg uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root ses=2 tty=pts0 comm=bash exe=/usr/bin/bash key=(null)
----
type=PATH msg=audit(26/03/14 23:24:16.648:2431) : item=1 name=/dev/null- inode=1027 dev=00:05 mode=character,666 ouid=root ogid=root rdev=01:03 nametype=DELETE
type=PATH msg=audit(26/03/14 23:24:16.648:2431) : item=0 name=/dev/ inode=1025 dev=00:05 mode=dir,755 ouid=root ogid=root rdev=00:00 nametype=PARENT
type=CWD msg=audit(26/03/14 23:24:16.648:2431) :  cwd=/home/joerg
type=SYSCALL msg=audit(26/03/14 23:24:16.648:2431) : arch=x86_64 syscall=unlink success=yes exit=0 a0=0xe11e70 a1=0x0 a2=0x0 a3=0x7fff8d034210 items=2 ppid=3166 pid=3167 auid=joerg uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root ses=2 tty=pts0 comm=bash exe=/usr/bin/bash key=(null)

How can I find out what's causing it?

Thanks
joerg

--Edit: It seems to happen (only?) when I exit from su.

Last edited by joerg1 (2014-03-27 00:02:50)

Offline

#2 2014-03-26 23:49:46

joerg1
Member
Registered: 2014-03-26
Posts: 6

Re: [Solved] Hassles with /dev/null

Figured it out:

I had HISTFILE set to /dev/null

Offline

#3 2014-03-26 23:53:42

jasonwryan
Anarchist
From: .nz
Registered: 2009-05-09
Posts: 30,424
Website

Re: [Solved] Hassles with /dev/null

Please remember to mark your thread as [Solved] by editing your first post and prepending it to the title.

Arch + dwm   •   Mercurial repos  •   Surfraw

Registered Linux User #482438

Offline

Pages: 1

Board footer

Powered by FluxBB