Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
the shell glob (or expansion of the wild card) happens in the shell of the user before the sudo call. I guess the user doesn't have permission to view files in that directory.
Funny thing.. You are using 1(Number one)as an option(i.e -1) to the ls command. You have to use l(letter "l") for a long listing format. please read man page of ls.
I guess that was the reason. Please check that & reply.
Okay. Here it is... The output will look like this..
[user@machine ~]$ ls -l git-clones/scripts/python_scripts/README
-rw-rw-r--. 1 user user 69 Feb 15 12:26 git-clones/scripts/python_scripts/README
Where the first "-" represents a regular file.
rw- = Permissions for the owner
rw- = Permissions for the group user
r-- = Permissions for others
From "rw-rw-r--" represents the owner and group user have read,write permissions and where as other have read permissions.
Funny thing.. You are using 1(Number one)as an option(i.e -1) to the ls command. You have to use l(letter "l") for a long listing format. please read man page of ls.
Even with -1 option, it will list out all files that matches the globbing pattern. I doubt the filename used is wrong.
@OtagoHarbour:
Can you invoke following cmd and see if sub-directories exists and path of specified files is ok:-
from what I can tell the question is about sudo and shell globbing not options/flags/switches of ls (or even really ls: the same behaviour would be seen for any command).
It seems that what OP is trying to understand is the result of the fact that the shell can't glob files it can't see, where as ls can list such file because it is being run with higher privileges via sudo.
It is the standard problem of handling parameters through the shell - "Where is it interpreted?".
Before the command line can be executed it must be parsed - and that parse breaks up the line into tokens.
If one of those tokens has shell metacharacters then it will be replaced - unless something prevents it.
The "something to prevent it" is an apostrophe quote ('), or a back slash (\). In either case, the escape character is removed (the apostrophe quoting as well as any double quote character ") and the resulting token is treated as a parameter.
In the "\*" above, the command line 'ls -1 /var/www/Peter/test7/*.cel' is then reprocessed by the shell started by sudo - and hence gets a different environment.
Now SOMETIMES that doesn't quite work as expected - nested shells can reinterpret, or not reinterpret depending on how the shell gets invoked. If the shell is invoked through the system or popen library functions, reinterpretation is more obvious. If, however, it is invoked via exec sequence then the parameters may not be reinterpreted - until they get used in a command line. If that command line is another shell (such as a script) then how it gets quoted again makes a difference- the script is attempting to pass a metacharacter to yet another shell - which may require that metacharacter to be escaped... but the escape character has already been removed...
This is also a source of security problems when using sudo/su and having it run a shell script. An escaped metacharacter can be passed to a more privileged script causing the script to do "bad things".
Consider this variant of the ls example: "sudo ls -1 /var/www/Peter/test\`rm -rf /home\`" (CAUTION: CAN DELETE THE HOME DIRECTORIES)
sudo attempts to prevent this via the "noexec" option, but that makes it hard to use a shell script as the command to execute via sudo... perl or python would be a better language in that case due to the more complete programming environment built into the interpreter. BTW, noexec would work for the ls example as ls is the only thing executed... but then, the previous example would not have worked either (I don't believe the shell is invoked when the noexec is used by sudo, I do know that use of the exec system call is blocked by a dummy function).
Thank you to everyone for your help. My underlying problem was actually due to a logical bug in my PHP code. However I did not realise that the expansion of the wildcard happened before the sudo call. That was the issue in my test case.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.