- This topic has 16 replies, 6 voices, and was last updated Dec 18-2:53 pm by anticapitalista.
-
Posts
-
rayluo
Hi there,
I have some executable files on my usb drive. Let’s just say it is a simple script containing “echo hello”. My USB drive is using ext4 partition (rather than FAT or NTFS which do not record the “x” permission), and I also give it the “x” permission, but it still won’t be run.
$ cd /media/Live-usb/Live-usb-storage/demo/ demo@antix1:/media/Live-usb/Live-usb-storage/demo$ ls -ltr hello.sh -rwxrwxr-x 1 demo demo 11 Dec 15 18:35 hello.sh demo@antix1:/media/Live-usb/Live-usb-storage/demo$ cat hello.sh echo hello demo@antix1:/media/Live-usb/Live-usb-storage/demo$ ./hello.sh -bash: ./hello.sh: Permission denied demo@antix1:/media/Live-usb/Live-usb-storage/demo$ sh hello.sh hello demo@antix1:/media/Live-usb/Live-usb-storage/demo$Some research suggests that it could be blocked by the (default?) “noexec” setting in /etc/fstab, but that does not seem to be the case in our antiX (I’m running a Frugal install, if that matters):
cat /etc/fstab ... # Added by make-fstab /dev/sdb1 label=Live-usb UUID=739e04d0-16b3-4072-8144-0ff2fab39f31 /media/Live-usb ext4 noauto,exec,users 0 0 ...FWIW, the USB disk I used, was previously a Live USB drive (and it worked great IF my computer boots from it), but now if I plug it to a Frugal antiX computer, I encounter such “unable to run executable files on USB disk” issue.
What else should I tweak to make it work?I know the workaround “sh hello.sh” works, and “sudo mount /media/Live-usb -o remount,exec” also works. But I’m curious to know why it does not work out-of-the-box in a antiX Frugal environment.Regards,
Ray- This topic was modified 2 years, 4 months ago by rayluo.
sybok
Hi, just some random musings:
0) Is the file executable for you (you should fine ‘x’ in the appropriate place in the output of)
ls -l /path-to/file
1) If you copy the executable to local HDD/SSD drive, does it run?
2) If it is a (non-compiled BASH, Python etc.) script, does e.g. bash /path/to/file work?
3) Did you try to explicitly remount as suggested in the link?
Apart from that, I have currently no other idea.Anonymous
I would outcomment the existing fstab line, and change the label to something (anything) other than “Live-usb”
then, after rebooting, create a fresh line in fstab.
In the meantime, a “remount” operation may workaroundhttps://unix.stackexchange.com/questions/520934/running-an-executable-off-of-a-usb-drive
The command to remount the drive with execute allowed goes like
sudo mount $THING -o remount,exec
but with an appropriate value for $THING. You can use the device name, or the mount point.
rayluo
Thanks for the input so far, gentlemen. I have updated my original post to:
* Give further clarification on the symptom. (And, if you folks happen to have a spare USB drive laying around, you can plug it in and easily test it. FYI: I’m using a frugal install, though, not sure whether that would make a difference.)
* Mention the 2 known workarounds. But I am still curious to know whether it could work without any workaround.details?
stat /media/Live-usb/Live-usb-storage/demo/hello.sh stat /media/Live-usb/Live-usb-storage/demo | grep Uid stat /media/Live-usb/Live-usb-storage | grep Uid stat ~/Live-usb-storage | grep Uid grep '#!' /media/Live-usb/Live-usb-storage/demo/hello.sh mount | grep Live-usb-storage
christophe
I just tried it – a file in /media/sdb1/Live-usb-storage/demo
demo@antix19-core-jwm:/media/sdb1/Live-usb-storage/demo $ ./test.sh bash: ./test.sh: Permission deniedWhen I copied the file to ~ it worked just fine.
I don’t know why, other than antiX doesn’t recognize it as “me” (demo) when it’s on the stick (I’m running from a different frugal instance from hdd).
confirmed antiX frugaler, since 2019
rayluo
details?
stat /media/Live-usb/Live-usb-storage/demo/hello.sh stat /media/Live-usb/Live-usb-storage/demo | grep Uid stat /media/Live-usb/Live-usb-storage | grep Uid stat ~/Live-usb-storage | grep Uid grep '#!' /media/Live-usb/Live-usb-storage/demo/hello.sh mount | grep Live-usb-storageAppreciate your trying to help. Your requested info comes as below. By the way, did you hint that you won’t be able to reproduce this in your (normal installed-on-hard-disk?) antiX environment? I thought it would be easier to just plug in a USB drive to reproduce it and then you would have everything you need to investigate.
demo@antix1:/media$ stat /media/Live-usb/Live-usb-storage/demo/hello.sh File: /media/Live-usb/Live-usb-storage/demo/hello.sh Size: 11 Blocks: 8 IO Block: 4096 regular file Device: 811h/2065d Inode: 13934 Links: 1 Access: (0775/-rwxrwxr-x) Uid: ( 1000/ demo) Gid: ( 1000/ demo) Access: 2020-12-15 19:02:57.901572180 -0800 Modify: 2020-12-15 18:35:14.149371945 -0800 Change: 2020-12-15 18:40:18.955561343 -0800 Birth: - demo@antix1:/media$ stat /media/Live-usb/Live-usb-storage/demo | grep Uid Access: (0755/drwxr-xr-x) Uid: ( 1000/ demo) Gid: ( 1000/ demo) demo@antix1:/media$ stat /media/Live-usb/Live-usb-storage | grep Uid Access: (0755/drwxr-xr-x) Uid: ( 0/ root) Gid: ( 0/ root) demo@antix1:/media$ stat ~/Live-usb-storage | grep Uid Access: (0755/drwxr-xr-x) Uid: ( 1000/ demo) Gid: ( 1000/ demo) demo@antix1:/media$ mount | grep Live-usb-storage /dev/sda7 on /root/Live-usb-storage type ext4 (rw,noatime,data=ordered) /dev/sda7 on /home/demo/Live-usb-storage type ext4 (rw,noatime,data=ordered)I did not do “grep ‘#!’ /media/Live-usb/Live-usb-storage/demo/hello.sh” this time, because I already did this in my first post:
demo@antix1:/media/Live-usb/Live-usb-storage/demo$ cat hello.sh echo helloI just tried it – a file in /media/sdb1/Live-usb-storage/demo
demo@antix19-core-jwm:/media/sdb1/Live-usb-storage/demo $ ./test.sh bash: ./test.sh: Permission deniedWhen I copied the file to ~ it worked just fine.
I don’t know why, other than antiX doesn’t recognize it as “me” (demo) when it’s on the stick (I’m running from a different frugal instance from hdd).
Exactly, I’m also using a frugal instance from hdd. Could that be a factor?
New findings
Inspired by the very last command from skidoo’s troubleshooting steps, I use it to find the mounting parameters of the auto-mounted USB drive. Indeed they somehow got a “noexec” flag:
demo@antix1:/media$ mount | grep sdb /dev/sdb1 on /media/Live-usb type ext4 (rw,nosuid,nodev,noexec,relatime,data=ordered) ...despite the /etc/fstab still contains:
demo@antix1:~/L2/demo$ grep sdb1 /etc/fstab -A1 # Added by make-fstab /dev/sdb1 label=Live-usb UUID=739e04d0-16b3-4072-8144-0ff2fab39f31 /media/Live-usb ext4 noauto,exec,users 0 0Remount would work, but I’m trying to understand why/where that default “noexec” behavior comes from.
did you hint that you won’t be able to reproduce this in your (normal installed-on-hard-disk?) antiX environment? I thought it would be easier to just plug in a USB drive to reproduce it
FWIW, I do have installed-to-disk instances of antiX 13.2, 16, and 17… but none of those hard drives are cabled to any running PC. They are each heavily modified and their mounting behavior would, almost certainly, differ from the stock distro. All the antiX systems I locally support and maintain have been “diskless” since back around 2019. Any internal drives, if present, are typically uncabled.
> I thought it would be easier to just plug in a USB drive to reproduce it
Easier?
On your system, in your usage…
did antiX automounter handle the mount, or eudev, or pmount, or udevil?
Readers don’t know which one, and so attempting to reliably reproduce seems (to me) a longshot.I did not do “grep ‘#!’ /media/Live-usb/Live-usb-storage/demo/hello.sh” this time, because I already did this in my first post:
I did not see a literal #! in post number one
and so I wondered if, truly, none was present and the “script” just contained that single echo line.
(grasping, trying to ruleout whether “runs okay with bash, but not in sh” was a factor)/dev/sda7 on /root/Live-usb-storage type ext4 (rw,noatime,data=ordered)
/dev/sda7 on /home/demo/Live-usb-storage type ext4 (rw,noatime,data=ordered)you said: I don’t wanna workaround.
In response (perhaps wrongly) I attempted to lead you through the output of a series of commands which would bring you to the conclusion that a remount may not be a workaround, but a necessity. I suspect the noexec is implicit, and remains in force until/unless you elect to remount and explicitly declare the -o execIs this a correct summary assessment?
When interacting with the Live-usb-storage mountpoint, can exec.
When interacting with the Live-usb-storage directory, pathed under /live/boot-dev mountpoint, cannot exec.trying to understand why/where that default “noexec” behavior comes from.
understanding should follow from determining who/how/what/how is governing the mount
https://gitlab.com/antiX-Linux/Live-initrd-1/-/blob/master/etc/init.d/live-usb-storage#L137
echo_live "$_Enable_live_usb_storage_at_X_" "$(pquote $from_dir)" mount --bind $store_dir $from_dirman mount (and search in page: bind)
rayluo
OK, OK, I understand that you were helping. And I appreciate it! I was merely trying to find a way to make these interaction more efficient, simply because running some command line locally in our computer would take seconds per command, and then we could read the output, and fire up another command within half a minute, …, rinse and repeat. That sounds faster than each iteration would take hours of asynchronized waiting time in forum, with some iteration would even be used to rule out other possibility. (In particular, my first post contained 2 “cat” output, the “cat hello.sh” contains only one line, hinting that I did not omit anything i.e. that script contains no shebang, in contrary to the “cat /etc/fstab” which I used “…” to omit some lines.)
Is this a correct summary assessment?
When interacting with the Live-usb-storage mountpoint, can exec.
When interacting with the Live-usb-storage directory, pathed under /live/boot-dev mountpoint, cannot exec.Perhaps it is not about mountpoint vs directory. Let me show you the following uncensored output, plus some “<–” comments.
demo@antix1:~ (master)$ mount | grep -i live-usb /dev/sda7 on /root/Live-usb-storage type ext4 (rw,noatime,data=ordered) <-- sda7 is the frugal partition, but it is not mount on /root/Live-usb-storage /dev/sda7 on /home/demo/Live-usb-storage type ext4 (rw,noatime,data=ordered) <-- sda7 is the frugal partition, and yes, this is its mount point /dev/sdb1 on /media/Live-usb type ext4 (rw,nosuid,nodev,noexec,relatime,data=ordered) <-- sdb1 is the main partition on my Live USB, turns out it is mounted as noexec demo@antix1:~ (master)$ cp /media/Live-usb/Live-usb-storage/demo/hello.sh ~/Live-usb-storage/ <-- Again, this is that test script containing only one line "echo hello" demo@antix1:~ (master)$ ~/Live-usb-storage/hello.sh hello demo@antix1:~ (master)$ /media/Live-usb/Live-usb-storage/demo/hello.sh -bash: /media/Live-usb/Live-usb-storage/demo/hello.sh: Permission deniedyou said: I don’t wanna workaround.
In response (perhaps wrongly) I attempted to lead you through the output of a series of commands which would bring you to the conclusion that a remount may not be a workaround, but a necessity.In my first post, I was saying I already know the workaround and that’s fine, but I’m trying to understand whether it was controlled by a hidden setting in somewhere. If there is no such “flip switch”, then so be it.
All the antiX systems I locally support and maintain have been “diskless” since back around 2019. Any internal drives, if present, are typically uncabled.
Perhaps we can spend these forum interaction on more fruitful topics, such as how you manage your diskless system. 🙂 Feel free to start a new thread to share your tips and tricks on using diskless system. Do your machines have plenty of RAM? I used to do diskless, they worked well until you reach a point that your system is out of memory, and then it would typically halt without any prior warning. So, nowadays I tend to still hook up a small hard drive, to be used as a swap, if nothing else.
sybok
Hi, sorry for re-joining that late in the discussion that might have already been well covered by @skidoo and @rayluo ‘s closing comment.
Regarding the strange defaults:1) I have a partition ‘/data/’ on another HDD, ‘sdb2’, always connected to/in(side) my PC where I have some scripts.
The static line in ‘/etc/fstab’ contains options ‘auto,exec,users,rw’ and the current status is:mount | grep 'sdb2' /dev/sdb2 on /data type ext4 (rw,nosuid,nodev,noexec,relatime)Testing on a BASH script
#!/bin/bash echo "Hello there"with the appropriate ‘x’ (executable) attribute present reproduces your behavior.
$ ./scriptname bash: ./scriptname: Permission deniedWhile
$ bash ./scriptname
works OK as in your case.2) man mount:
‘users’ => implies ‘noexec’ (unless overriden)
I wonder, could it be that the order in line from your /etc/fstab/ which was
noauto,exec,users
simply means that the last ‘users’ overrides the preceding (default?) ‘exec’?3) I’ve tried to explore the antiX ‘Control centre’ -> ‘Disks’ -> ‘Configure Automount’ but did not see any options mentioned such as ‘noexec’.
Subsequent search revealed treasury of antiX scripts in ‘/usr/local/bin/’ incl. many mount-related scripts, find them via:
find /usr/local/bin/ -type f -iname '*mount*'
This may be worth examining!
I’ve tried to grep string ending with ‘exec’
grep -- 'exec\>' *
and the output indicates that ‘exec’ is always used as last of the mount options.Conclusion: if it’s due to ‘mount’ default behavior (item 2), then I have no idea how it got there (here’s looking at you, order in /etc/fstab) from antiX scripts (item 3)
Anyway, I mostly call my scripts using the interpreter, i.e. bash <whatever>.sh, python3 <whatever>.py etc.
Just wanted to share my findings not related to the exotic (to me) frugal/diskless/live modes.
- This reply was modified 2 years, 4 months ago by sybok. Reason: More information on the /data partition (item 1)
> noauto,exec,users
sybok, what you mention seems exactly correct, matches the details explained in the mount manpage
users
Allow any user to mount and to unmount the filesystem, even when some other ordinary user mounted it.
This option implies the options noexec, nosuid, and nodev
(unless overridden by subsequent options, as in the option line users,exec,dev,suid).sybok
@skidoo: Actually, I’ve found it in the man page (as stated in “title” line of my item 2).
If the antiX scripts in /usr/local/bin contain
<substitute command> -o <some-stuff>,exec
i.e. ‘exec’ at the last position, then I wonder how come it ends up prior to users in the ‘/etc/fstab’ file.
I did not discover the reason behind that.- This reply was modified 2 years, 4 months ago by sybok.
rayluo
Thanks for getting back on this, Sybok!
1) I have a partition ‘/data/’ on another HDD, ‘sdb2’, always connected to/in(side) my PC where I have some scripts.
The static line in ‘/etc/fstab’ contains options ‘auto,exec,users,rw’ and the current status is:mount | grep ‘sdb2’
/dev/sdb2 on /data type ext4 (rw,nosuid,nodev,noexec,relatime)So, this also happens on a local “data” HDD? Good to know. I do not currently have a convenient way to test this on my hard disk. My hard disk mostly have legacy FAT32 or NTFS partitions which do not support “x” permission to begin with. Thanks for testing and sharing!
Anyway, I mostly call my scripts using the interpreter, i.e. bash <whatever>.sh, python3 <whatever>.py etc.
Yeah, as a workaround, this would work, but only for those scripting files. If it is a native executable, this trick won’t work. And I guess we’d have to “sudo mount /media/your-mountpoint -o remount,exec”.
Xecure
Did you follow the hint and replaced the order of the fstab items noauto,exec,users to users,noauto,exec?
It should look like this:# Added by make-fstab /dev/sdb1 label=Live-usb UUID=739e04d0-16b3-4072-8144-0ff2fab39f31 /media/Live-usb ext4 users,noauto,exec 0 0antiX Live system enthusiast.
General Live Boot Parameters for antiX.rayluo
Thanks for the hint, Xecure! Now I can connect the dots!
> noauto,exec,users
sybok, what you mention seems exactly correct, matches the details explained in the mount manpage
users
Allow any user to mount and to unmount the filesystem, even when some other ordinary user mounted it.
This option implies the options noexec, nosuid, and nodev
(unless overridden by subsequent options, as in the option line users,exec,dev,suid).Did you follow the hint and replaced the order of the fstab items noauto,exec,users to users,noauto,exec?
It should look like this:# Added by make-fstab /dev/sdb1 label=Live-usb UUID=739e04d0-16b3-4072-8144-0ff2fab39f31 /media/Live-usb ext4 users,noauto,exec 0 0Manually modifying the parameters order in /etc/fstab to “noauto,users,exec” does solve the problem, for an already-booted Live antiX system.
So, the follow-up question would be, where did that incorrect order come from? Per the same hint, it was generated by make-fstab. So, now I believe the real root cause – or I called it the “flip switch” – is in this line: https://gitlab.com/antiX-Linux/Live-initrd-1/-/blob/master/bin/make-fstab#L37
I
will sendhave sent out a pull request in that repo, and hopefully @AntiCapitalista would notice this conversationand/or that pull request, because my earlier another pull request in that repo did not yet get much attention.Thank you all!
- You must be logged in to reply to this topic.
