I experience a strange behaviour in stick bit on /tmp directory and flock command. Tried with two cases:
Case 1: create file with Ubuntu user, root have no access to the created file.
ubuntu@:~$ touch -a /tmp/ubuntu_user_created.lck
ubuntu@:~$ flock -n /tmp/ubuntu_user_created.lck -c "echo 123"
123
ubuntu@:~$ sudo flock -n /tmp/ubuntu_user_created.lck -c "echo 123"
flock: cannot open lock file /tmp/ubuntu_user_created.lck: Permission denied
Case 2: create file with root user, root and Ubuntu user have access to the created file.
ubuntu@:~$ sudo touch -a /tmp/root_user_created.lck
ubuntu@:~$ flock -n /tmp/root_user_created.lck -c "echo 123"
123
ubuntu@:~$ sudo flock -n /tmp/root_user_created.lck -c "echo 123"
123
Permission in the two files:
ls -la /tmp/
total 52
drwxrwxrwt 12 root root 4096 Oct 6 08:08 .
drwxr-xr-x 19 root root 4096 Oct 6 03:42 ..
-rw-r--r-- 1 root root 0 Oct 6 07:56 root_user_created.lck
-rw-rw-r-- 1 ubuntu ubuntu 0 Oct 6 07:54 ubuntu_user_created.lck
I don't understand why Ubuntu user can run the command flock -n /tmp/root_user_created.lck
successfully, since the file root_user_created.lck
is owned by root, does the flock command just want to open this file with read mode?
If the flock command only need a read access, so why run the command flock -n /tmp/ubuntu_user_created.lck
command with root privileges return permission denied?