1

System: RHEL8 4.18.0-372.19.1.el8_6.x86_64 Selinux: Enabled FIPS: Enabled

Program:

#include <stdio.h>

int main( void )
{
  fprintf( stdout, "Running test Program...\r\n" );
}

Compile:
gcc test.c -o test

Run Program:
./test -bash: ./test: Operation not permitted
It doesn't work.

List Directory:
$ ls -l
total 24
-rwx------. 1 dev dev 18088 Aug 9 13:01 test
-rw-r--r--. 1 dev dev 95 Aug 9 13:00 test.c

List File Attributes:
-------------------- ./test.c
-------------------- ./test

Mounted Partition:
There is -> no <- "noexec" set.

Run as root:
sudo ./test
Running test Program... It works running as root.

What am I missing here?
I have read, write, and execute permission for this file.

krbo3
  • 11
  • 2
  • 1
    `test` is not a good name for a program (it is already used by another command: https://www.tutorialspoint.com/unix_commands/test.htm) – David Ranieri Aug 09 '22 at 20:19
  • 1
    Check /var/log/messages or /var/log/secure to see if the execution was blocked – dbush Aug 09 '22 at 20:23
  • 1
    What user are you when you try to run it? The program is executable only by user "dev". Are you that user when you try to run it? – Steve Summit Aug 09 '22 at 20:24
  • I suppose it's possible there's a permissions issue with a shared library such as `/lib/libc.so`. – Steve Summit Aug 09 '22 at 20:25
  • @Ranieri -> Thanks for the insight! Renamed to simpleTest.c. Still didn't work. – krbo3 Aug 09 '22 at 20:36
  • @dbush -> Checked it, nothing. – krbo3 Aug 09 '22 at 20:37
  • @Steve -> trying to run as user 'dev' – krbo3 Aug 09 '22 at 20:37
  • Do you have fapolicyd running? – n. m. could be an AI Aug 09 '22 at 20:46
  • I wonder if it's significant that the error message is "Operation not permitted"? If it were a permissions issue, I'd expect "Permission denied". But I can't find an errno value for "Operation not permitted" just now, or a corresponding failure reason at `man 2 execve`. – Steve Summit Aug 09 '22 at 21:06
  • Try copying your program to another location and running it there — `cp simpleTest "${TMPDIR:=/tmp}"; "$TMPDIR/simpleTest"`. If that works, the problem is associated with the directory you're compiling/running it in — or in a directory above that. If that fails too, I'm not sure what's going on. – Jonathan Leffler Aug 09 '22 at 21:14
  • 1
    I suspect that selinux may be outright prohibiting the running of programs not in "approved" bin directories, or something. I found some tips at https://www.mysysadmintips.com/linux/servers/587-find-if-permission-denied-error-is-caused-by-selinux that might be useful to try. – Steve Summit Aug 09 '22 at 23:24

1 Answers1

0

Try to change the owner (chown) or the permissions (chmod) of the executable and/or the directory it is in. Maybe something is wrong with it.

Tenobaal
  • 637
  • 1
  • 16