[SOLVED] Cannot remove/move/create files in my .ssh folder

olhybrius · 2020-09-27 10:01:17

Hi everyone,

I'm having a hard time figuring this out : I can't delete nor move or even create any file in my .ssh folder ; even as root (whether I'm using sudo or su directly).

The command rm .ssh/authorized_keys outputs that the operation is not permitted :

rm: cannot remove '.ssh/authorized_keys': Operation not permitted

Trying to move the file gives the same output.

Trying to create a file with touch .ssh/test gives some weird output :

touch: setting times of '.ssh/toto': No such file or directory

Obviously, trying to remove the directory and its content altogether with the following commands :

rm -r .ssh

rmdir .ssh

also gives the output

cannot remove '.ssh': Operation not permitted

It is not an attribute issue since the command lsattr .ssh reveals no a or i attribute set :

--------------e----- .ssh/authorized_keys

I don't know if it's helping ; but here is the output of the strace command for touch .ssh/test :

execve("/usr/bin/touch", ["touch", ".ssh/test"], 0x7ffc6e857b88 /* 41 vars */) = 0
brk(NULL)                               = 0x55d04dd31000
arch_prctl(0x3001 /* ARCH_??? */, 0x7fff262773b0) = -1 EINVAL (Invalid argument)
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/etc/ld.so.cache", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=176669, ...}) = 0
mmap(NULL, 176669, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f97cbc22000
close(3)                                = 0
openat(AT_FDCWD, "/usr/lib/libc.so.6", O_RDONLY|O_CLOEXEC) = 3
read(3, "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\3\0>\0\1\0\0\0\220\202\2\0\0\0\0\0"..., 832) = 832
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
pread64(3, "\4\0\0\0\20\0\0\0\5\0\0\0GNU\0\2\0\0\300\4\0\0\0\3\0\0\0\0\0\0\0", 32, 848) = 32
pread64(3, "\4\0\0\0\24\0\0\0\3\0\0\0GNU\0\364[g\253(\257\25\201\313\250\344q>\17\323\262"..., 68, 880) = 68
fstat(3, {st_mode=S_IFREG|0755, st_size=2159552, ...}) = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f97cbc20000
pread64(3, "\6\0\0\0\4\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0@\0\0\0\0\0\0\0"..., 784, 64) = 784
mmap(NULL, 1868448, PROT_READ, MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x7f97cba57000
mmap(0x7f97cba7d000, 1363968, PROT_READ|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x26000) = 0x7f97cba7d000
mmap(0x7f97cbbca000, 311296, PROT_READ, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x173000) = 0x7f97cbbca000
mmap(0x7f97cbc16000, 24576, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x1be000) = 0x7f97cbc16000
mmap(0x7f97cbc1c000, 12960, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x7f97cbc1c000
close(3)                                = 0
mmap(NULL, 8192, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0x7f97cba55000
arch_prctl(ARCH_SET_FS, 0x7f97cbc21600) = 0
mprotect(0x7f97cbc16000, 12288, PROT_READ) = 0
mprotect(0x55d04d19b000, 4096, PROT_READ) = 0
mprotect(0x7f97cbc7a000, 4096, PROT_READ) = 0
munmap(0x7f97cbc22000, 176669)          = 0
brk(NULL)                               = 0x55d04dd31000
brk(0x55d04dd52000)                     = 0x55d04dd52000
openat(AT_FDCWD, "/usr/lib/locale/locale-archive", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=3041456, ...}) = 0
mmap(NULL, 3041456, PROT_READ, MAP_PRIVATE, 3, 0) = 0x7f97cb76e000
close(3)                                = 0
openat(AT_FDCWD, ".ssh/test", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = -1 EPERM (Operation not permitted)
utimensat(AT_FDCWD, ".ssh/test", NULL, 0) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/locale.alias", O_RDONLY|O_CLOEXEC) = 3
fstat(3, {st_mode=S_IFREG|0644, st_size=2998, ...}) = 0
read(3, "# Locale name alias data base.\n#"..., 4096) = 2998
read(3, "", 4096)                       = 0
close(3)                                = 0
openat(AT_FDCWD, "/usr/share/locale/en_US.UTF-8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en_US.utf8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en_US/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en.UTF-8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en.utf8/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en/LC_MESSAGES/coreutils.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, "touch: ", 7touch: )                  = 7
write(2, "setting times of '.ssh/toto'", 28setting times of '.ssh/toto') = 28
openat(AT_FDCWD, "/usr/share/locale/en_US.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en_US.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en_US/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en.UTF-8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en.utf8/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
openat(AT_FDCWD, "/usr/share/locale/en/LC_MESSAGES/libc.mo", O_RDONLY) = -1 ENOENT (No such file or directory)
write(2, ": No such file or directory", 27: No such file or directory) = 27
write(2, "\n", 1
)                       = 1
close(1)                                = 0
close(2)                                = 0
exit_group(1)                           = ?
+++ exited with 1 +++

Thanks for reading me, hopefully someone can help me with this (weird) issue.

See ya !

Last edited by olhybrius (2020-09-27 14:50:32)

seth · 2020-09-27 12:24:42

pwd
stat .ssh
stat ~/.ssh
ls -la ~/.ssh
mount

That being said:

execve("/usr/bin/touch", ["touch", ".ssh/test"], 0x7ffc6e857b88 /* 41 vars */) = 0
…
openat(AT_FDCWD, ".ssh/toto", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = -1 EPERM (Operation not permitted)
utimensat(AT_FDCWD, ".ssh/toto", NULL, 0) = -1 ENOENT (No such file or directory)

test ./. toto??

olhybrius · 2020-09-27 12:32:45

That being said:

execve("/usr/bin/touch", ["touch", ".ssh/test"], 0x7ffc6e857b88 /* 41 vars */) = 0
…
openat(AT_FDCWD, ".ssh/toto", O_WRONLY|O_CREAT|O_NOCTTY|O_NONBLOCK, 0666) = -1 EPERM (Operation not permitted)
utimensat(AT_FDCWD, ".ssh/toto", NULL, 0) = -1 ENOENT (No such file or directory)

test ./. toto??

My bad, I changed the filename in the post and forgot to update the output accordingly. I just edited my post.

As for the commands you asked for :

pwd

/home/olivier

stat .ssh

  File: .ssh
  Size: 4096      	Blocks: 8          IO Block: 4096   directory
Device: fe04h/65028d	Inode: 54394966    Links: 2
Access: (0700/drwx------)  Uid: ( 1000/ olivier)   Gid: ( 1000/ olivier)
Access: 2020-09-27 11:45:55.186666996 +0200
Modify: 2019-12-27 11:35:42.524711686 +0100
Change: 2019-12-27 11:43:39.818043975 +0100
 Birth: 2019-12-27 11:35:42.521378353 +0100

stat ~/.ssh

  File: /home/olivier/.ssh
  Size: 4096      	Blocks: 8          IO Block: 4096   directory
Device: fe04h/65028d	Inode: 54394966    Links: 2
Access: (0700/drwx------)  Uid: ( 1000/ olivier)   Gid: ( 1000/ olivier)
Access: 2020-09-27 11:45:55.186666996 +0200
Modify: 2019-12-27 11:35:42.524711686 +0100
Change: 2019-12-27 11:43:39.818043975 +0100
 Birth: 2019-12-27 11:35:42.521378353 +0100

ls -la ~/.ssh

drwx------  2 olivier olivier 4096 Dec 27  2019 .
drwx------ 66 olivier olivier 4096 Sep 27 14:20 ..
-rwxrwxrwx  1 olivier olivier    0 Sep 25 16:14 authorized_keys

mount

proc on /proc type proc (rw,nosuid,nodev,noexec,relatime)
sys on /sys type sysfs (rw,nosuid,nodev,noexec,relatime)
dev on /dev type devtmpfs (rw,nosuid,relatime,size=8121460k,nr_inodes=2030365,mode=755)
run on /run type tmpfs (rw,nosuid,nodev,relatime,mode=755)
efivarfs on /sys/firmware/efi/efivars type efivarfs (rw,nosuid,nodev,noexec,relatime)
/dev/mapper/vg1-root on / type ext4 (rw,relatime)
securityfs on /sys/kernel/security type securityfs (rw,nosuid,nodev,noexec,relatime)
tmpfs on /dev/shm type tmpfs (rw,nosuid,nodev)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,gid=5,mode=620,ptmxmode=000)
tmpfs on /sys/fs/cgroup type tmpfs (ro,nosuid,nodev,noexec,size=4096k,nr_inodes=1024,mode=755)
cgroup2 on /sys/fs/cgroup/unified type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)
cgroup on /sys/fs/cgroup/systemd type cgroup (rw,nosuid,nodev,noexec,relatime,xattr,name=systemd)
pstore on /sys/fs/pstore type pstore (rw,nosuid,nodev,noexec,relatime)
none on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,relatime,mode=700)
cgroup on /sys/fs/cgroup/cpu,cpuacct type cgroup (rw,nosuid,nodev,noexec,relatime,cpu,cpuacct)
cgroup on /sys/fs/cgroup/freezer type cgroup (rw,nosuid,nodev,noexec,relatime,freezer)
cgroup on /sys/fs/cgroup/cpuset type cgroup (rw,nosuid,nodev,noexec,relatime,cpuset)
cgroup on /sys/fs/cgroup/perf_event type cgroup (rw,nosuid,nodev,noexec,relatime,perf_event)
cgroup on /sys/fs/cgroup/net_cls,net_prio type cgroup (rw,nosuid,nodev,noexec,relatime,net_cls,net_prio)
cgroup on /sys/fs/cgroup/hugetlb type cgroup (rw,nosuid,nodev,noexec,relatime,hugetlb)
cgroup on /sys/fs/cgroup/devices type cgroup (rw,nosuid,nodev,noexec,relatime,devices)
cgroup on /sys/fs/cgroup/pids type cgroup (rw,nosuid,nodev,noexec,relatime,pids)
cgroup on /sys/fs/cgroup/memory type cgroup (rw,nosuid,nodev,noexec,relatime,memory)
cgroup on /sys/fs/cgroup/blkio type cgroup (rw,nosuid,nodev,noexec,relatime,blkio)
cgroup on /sys/fs/cgroup/rdma type cgroup (rw,nosuid,nodev,noexec,relatime,rdma)
systemd-1 on /proc/sys/fs/binfmt_misc type autofs (rw,relatime,fd=29,pgrp=1,timeout=0,minproto=5,maxproto=5,direct,pipe_ino=14519)
hugetlbfs on /dev/hugepages type hugetlbfs (rw,relatime,pagesize=2M)
mqueue on /dev/mqueue type mqueue (rw,nosuid,nodev,noexec,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,nosuid,nodev,noexec,relatime)
tracefs on /sys/kernel/tracing type tracefs (rw,nosuid,nodev,noexec,relatime)
configfs on /sys/kernel/config type configfs (rw,nosuid,nodev,noexec,relatime)
/dev/sda1 on /mnt/ssd2 type ext4 (rw,relatime)
/dev/sdc1 on /efi type vfat (rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=iso8859-1,shortname=mixed,utf8,errors=remount-ro)
/dev/mapper/vg1-home on /home type ext4 (rw,relatime)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,nr_inodes=409600)
tmpfs on /run/user/1000 type tmpfs (rw,nosuid,nodev,relatime,size=1627020k,nr_inodes=406755,mode=700,uid=1000,gid=1000)
fusectl on /sys/fs/fuse/connections type fusectl (rw,nosuid,nodev,noexec,relatime)
gvfsd-fuse on /run/user/1000/gvfs type fuse.gvfsd-fuse (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)

Last edited by olhybrius (2020-09-27 12:34:40)

coxe87b · 2020-09-27 13:08:14

olhybrius wrote:

stat .ssh
File: .ssh
Size: 4096 Blocks: 8 IO Block: 4096 directory
Device: fe04h/65028d Inode: 54394966 Links: 2
Access: (0700/drwx------) Uid: ( 1000/ olivier) Gid: ( 1000/ olivier)
Access: 2020-09-27 11:45:55.186666996 +0200
Modify: 2019-12-27 11:35:42.524711686 +0100
Change: 2019-12-27 11:43:39.818043975 +0100
Birth: 2019-12-27 11:35:42.521378353 +0100

Correct me if I'm wrong, but it looks to me like your User identifier (UID) not matching up is the cause. Have you changed username or copied the directory from another installation?

Here is mine:

 ~ ∮ stat .ssh
  File: .ssh
  Size: 4096      	Blocks: 8          IO Block: 4096   directory
Device: 10303h/66307d	Inode: 6431878     Links: 2
Access: (0700/drwx------)  Uid: ( 1000/    ewan)   Gid: ( 1000/    ewan)
Access: 2020-09-27 22:54:45.014626505 +1000
Modify: 2020-09-27 22:54:43.977949744 +1000
Change: 2020-09-27 22:54:43.977949744 +1000
 Birth: 2020-03-15 22:01:39.534181497 +1100
 ~ ∮

Maybe trying doing a

 sudo chown -R olivier:olivier .ssh

Trilby · 2020-09-27 13:13:13

coxe87b wrote:

Correct me if I'm wrong, but it looks to me like your User identifier (UID) not matching up is the cause.

What part of that output do you base this on? The chown command you propose would have no effect (on the directory) as it already has that ownership.

loqs · 2020-09-27 13:32:00

Is the system running a mandatory access control system? What is the output of the following, if any? (requires the lsof package)

# lsof +D /home/olivier/.ssh

Last edited by loqs (2020-09-27 13:32:18)

olhybrius · 2020-09-27 14:35:47

Trilby wrote:

coxe87b wrote:
Correct me if I'm wrong, but it looks to me like your User identifier (UID) not matching up is the cause.
What part of that output do you base this on? The chown command you propose would have no effect (on the directory) as it already has that ownership.

Pretty much my thought too. Also I specifically said that even root cannot do anything with this folder and its content.

Anyway, I tried the chown just in case with no success :

$  sudo chown -R olivier:olivier .ssh

chown: changing ownership of '.ssh': Operation not permitted

Using the same command after "su-ing" to root gave me the same output.

loqs wrote:

Is the system running a mandatory access control system? What is the output of the following, if any? (requires the lsof package)
# lsof +D /home/olivier/.ssh

No, I didn't set up any mandatory access control system and am the only one using this machine. As for the command, it doesn't output anything besides the following warning :

lsof: WARNING: can't stat() fuse.gvfsd-fuse file system /run/user/1000/gvfs
      Output information may be incomplete.

seth · 2020-09-27 14:41:34

Sanity check:

lsattr -d ~ ~/.ssh

olhybrius · 2020-09-27 14:50:03

seth wrote:

Sanity check:
lsattr -d ~ ~/.ssh

Problem solved ! That command made me realise that, while I didn't have any flag set to the files in the .ssh folder, I did have one (the i) set to the folder itself. I thought I checked this, but apparently not. My bad.

Thanks a lot for your help, it turned out to be way simpler than I thought.

Arch Linux

#1 2020-09-27 10:01:17

[SOLVED] Cannot remove/move/create files in my .ssh folder

#2 2020-09-27 12:24:42

Re: [SOLVED] Cannot remove/move/create files in my .ssh folder

#3 2020-09-27 12:32:45

Re: [SOLVED] Cannot remove/move/create files in my .ssh folder

#4 2020-09-27 13:08:14

Re: [SOLVED] Cannot remove/move/create files in my .ssh folder

#5 2020-09-27 13:13:13

Re: [SOLVED] Cannot remove/move/create files in my .ssh folder

#6 2020-09-27 13:32:00

Re: [SOLVED] Cannot remove/move/create files in my .ssh folder

#7 2020-09-27 14:35:47

Re: [SOLVED] Cannot remove/move/create files in my .ssh folder

#8 2020-09-27 14:41:34

Re: [SOLVED] Cannot remove/move/create files in my .ssh folder

#9 2020-09-27 14:50:03

Re: [SOLVED] Cannot remove/move/create files in my .ssh folder

Board footer