"Write" over a file without permissions

[Manouchehri]

Would it be possible to automatically write on top of a file if the user doesn't have permission to access it? Right now my workaround is touch it in the RW folder first, but that's a bit of a pain. I checked --help but didn't see anything that seemed to work.

/tmp > mkdir dump/ layer/
/tmp > ./unionfs -o cow dump/=RW:/=RO layer/
/tmp > cat layer/etc/sudoers # This is expected to return a permission denied.
cat: layer/etc/sudoers: Permission denied
/tmp > touch layer/etc/sudoers # I want this to write to the RW folder instead of trying the existing RO one.
touch: cannot touch ‘layer/etc/sudoers’: Permission denied
/tmp > mkdir dump/etc/ # Ideally avoiding this step.
/tmp > touch dump/etc/sudoers # And this one as well.
/tmp > cat layer/etc/sudoers
/tmp > 

[bsbernd]

Hi David,

On 07/26/2015 04:45 AM, David Manouchehri wrote:

Would it be possible to automatically write on top of a file if the user doesn't have permission to access it? Right now my workaround is touch it in the RW folder first, but that's a bit of a pain. I checked --help but didn't see anything that seemed to work.

/tmp > mkdir dump/ layer/
/tmp > ./unionfs -o cow dump/=RW:/=RO layer/
/tmp > cat layer/etc/sudoers # This is expected to return a permission denied.
cat: layer/etc/sudoers: Permission denied
/tmp > touch layer/etc/sudoers # I want this to write to the RW folder instead of trying the existing RO one.
touch: cannot touch ‘layer/etc/sudoers’: Permission denied
/tmp > mkdir dump/etc/ # Ideally avoiding this step.
/tmp > touch dump/etc/sudoers # And this one as well.
/tmp > cat layer/etc/sudoers
/tmp > 

I guess you are looking for "-o relaxed_permissions".

Hope it helps, Bernd

[Manouchehri]

Thanks Bernd; my first guess was to try relaxed_permissions as well, but it doesn't quite work the way I was hoping for. I'm still unable to touch/modify files without an extra step (I'm trying to avoid getting the second Permission denied message).

/tmp > ./unionfs -o relaxed_permissions,cow dump/=RW:/=RO layer/
/tmp > cat layer/etc/sudoers # This is expected to return a permission denied.
cat: layer/etc/sudoers: Permission denied
/tmp > touch layer/etc/sudoers # I want this to write to the RW folder instead of trying the existing RO one.
touch: cannot touch ‘layer/etc/sudoers’: Permission denied
/tmp > touch dump/etc/sudoers # I'm able to skip mkdir dump/etc/ with relaxed_permissions since dump/etc gets created when I try to touch layer/etc/.
/tmp > cat layer/etc/sudoers
/tmp > 

[bsbernd]

On 07/26/2015 08:46 PM, David Manouchehri wrote:

Thanks Bernd; my first guess was to try relaxed_permissions as well, but it doesn't quite work the way I was hoping for. I'm still unable to touch/modify files without an extra step (I'm trying to avoid getting the second Permission denied message).

/tmp > ./unionfs -o relaxed_permissions,cow dump/=RW:/=RO layer/
/tmp > cat layer/etc/sudoers # This is expected to return a permission denied.
cat: layer/etc/sudoers: Permission denied
/tmp > touch layer/etc/sudoers # I want this to write to the RW folder instead of trying the existing RO one.
touch: cannot touch ‘layer/etc/sudoers’: Permission denied
/tmp > touch dump/etc/sudoers # I'm able to skip mkdir dump/etc/ with relaxed_permissions since dump/etc gets created when I try to touch layer/etc/.
/tmp > cat layer/etc/sudoers
/tmp > 

Oh, I guess I know what happens - copy-on-write tries to copy /etc/sudoers to the rw-layer, but as the unionfs process does not have permissions to read the file, it fails with EPERM. Problem now is that one usally wants to have an error message if copy-on-write fails. You are basically asking for another parameter, something like: -osilently-skip-cow-error

Not difficult to implement, although, I won't have time for that till next weekend.

Cheers, Bernd

[Manouchehri]

Yep, you got it. A lot of programs halt on Permission denied. Having an option to return an empty file or a no such file error would probably fix most situations; e.g., silently-return-cow-error and silently-skip-cow-error.

My temporary solution right now is going to be manually running something along the lines of find / -type f -perm xx0 -exec touch dump{} \;, but that's rather slow for a large /.