Detecting whether an application was launched from a read-only file system on OS X
You can also check directly from Java whether a certain path points to something within a read-only directory by querying the FileStore
associated with your path:
File classpathRoot = new File(MyClass.class.getClassLoader().getResource("").getPath());
/* getPath() actually returns a String instead of a Path object,
* so we need to take this little detour */
Path yourAppPath = classpathRoot.toPath();
boolean isReadOnly = Files.getFileStore(yourAppPath).isReadOnly();
Ansible: Detect if a Linux filesystem is mounted read-only
The information can be obtained from Ansible facts. Ansible code that accomplishes this:
- name: Determine shared-dir mount point
command: "/usr/bin/env stat -c '%m' {{ shared_dir_real_path }}"
register: shared_dir_mount_point
changed_when: False
- name: Determine the mount point's filesystem type and mount options
set_fact:
"shared_dir_mount_{{ item }}": "{{ ansible_mounts | selectattr('mount', 'equalto', shared_dir_mount_point.stdout) | map(attribute = item) | join(',') }}"
with_items:
- fstype
- options
- name: Determine the access to the shared-data directory
set_fact:
shared_dir_access_flags: "{{ ['ro', 'rw'] | intersect( shared_dir_mount_options.split(',') )}}"
- name: Verify Access mode sanity
assert:
that: shared_dir_access_flags | length == 1
Then to determine whether the mount is R/W or R/O I use:
when: "'rw' in shared_dir_access_flags"
or
when: "'ro' in shared_dir_access_flags"
Another, more terse but perhaps less clean approach that I used previously, was to obtain the information from /proc/self/mountinfo. A little more platform-specific than I hoped, but it only depends on documented intrefaces.
- name: Get Shared dir mount options
shell: "grep -F `stat -c '%m' {{ shared_dir_path }}` /proc/self/mountinfo | cut -d' ' -f 6"
register: shared_dir_mount_options
changed_when: False
Then the expressions to determine whether the mount is R/W or R/O I would become a bit more cumbersome:
when: "'rw' in shared_dir_mount_options.stdout.split(',')"
or
when: "'ro' in shared_dir_mount_options.stdout.split(',')"
test -x in Mounted Filesystem
This is a bug in libguestfs
used by guestmount
. You can see it here:
/* Root user should be able to access everything, so only bother
* with these fine-grained tests for non-root. (RHBZ#1106548).
*/
if (fuse->uid != 0) {
[...]
if (mask & X_OK)
ok = ok &&
( fuse->uid == statbuf.st_uid ? statbuf.st_mode & S_IXUSR
: fuse->gid == statbuf.st_gid ? statbuf.st_mode & S_IXGRP
: statbuf.st_mode & S_IXOTH);
}
The FS takes a shortcut saying that since you're root you have full access, so there's no point checking the permissions.
As you've demonstrated, this is not true. Root should only have execute permissions for directories, and for files where at least one of the execute bits is set.
I was unable to build the project to submit a patch, but you can file a bug.
Related Topics
Bash: Best Architecture for Reading from Two Input Streams
Bash Sort - How to Sort Using Timestamp
How to Not Transfer Changes Done to Files from a Branch to a Another in Git
Docker Networking Namespace Not Visible in Ip Netns List
Using Iconv to Convert from Utf-16Le to Utf-8
What Are Ld-Linux.So.2 and Linux-Gate.So.1
Differencebetween .Got and .Got.Plt Section
Ffmpeg Split Avi into Frames with Known Frame Rate
Remove File Coding Mark But Preserve Its Coding
Set Filetype and Comment Key Map with .S File
How to Ssh Multiple Hops Without Putting the Local Rsa Key Everywhere
How to Configure a Systemd Service to Restart Periodically
How to Capture Raw Hid Input on Linux