I am using RHEL 8.9 and have created a basic dhclient hook script in which I want to log to a file.
The script is able to write to places like /tmp, but not /opt. It can read files from /opt, but not write to the directory:
[root@server]# ls -la /etc/dhcp/dhclient-exit-hooks.d/test.sh
-rwxr-xr-x. 1 root root 159 Feb 12 22:47 /etc/dhcp/dhclient-exit-hooks.d/test.sh
[root@server]# cat /etc/dhcp/dhclient-exit-hooks.d/test.sh
#!/bin/bash
{ date; cat /opt/test1.txt; } >> /tmp/test1.txt # works as expected (reading from /opt and writing to /tmp)
date >> /opt/test2.txt # does not work; cannot write to /opt
When testing the hook I am seeing permission issues:
[root@server]# dhclient eth0
/etc/dhcp/dhclient-exit-hooks.d/test.sh: line 3: /opt/test2.txt: Permission denied
I have verified that write access is granted on the file in /opt, and even gone so far as to give write/execute to all users on the directory:
[root@server]# ls -la /opt/
total 8
drwxrwxrwx. 2 root root 40 Feb 12 22:46 .
dr-xr-xr-x. 17 root root 224 Dec 21 10:37 ..
-rw-rw-rw-. 1 root root 4 Feb 12 22:45 test1.txt
-rw-rw-rw-. 1 root root 4 Feb 12 22:46 test2.txt
File reading/writing to /tmp is working without issues.
I also can run the script directly with root and not face any permission issues (it works as expected).
Any ideas?
dhclient -nc eth0? According to the die.net man page,dhclientdrops capabilities by default if it's built with libcap-ng support, which I'm guessing is likely the case for most distros.dhclient -nc eth0(permission issues).