« McCain Apparently Takes Florida | Main | The New McCain Isn't Even Electable »

January 30, 2008

Unix Hell - The Really Annoying Cannot Exec Sperl Error

by Ferdinand T Cat

Unix is supposed to be a lot more solid than Windows, but it has one problem-- the security system. It's not that the system doesn't work, it's just that it hasn't changed all that much since the days when a character was 6 bits. (Currently, we're on the cusp of moving from 8 bits to 16, so 6 bits is really old.)

In any case, every six months or so, Bruce gets following mysterious error message when trying to run one of his programs.

    Can't do setuid (cannot exec sperl)

This error occurs because you've set one of the sticky bits on a script file. Sticky bits tell the Unix permission system that when a program is running, it should pretend to be the user who owns the program rather than the user running it. This is important if the program creates files in a secured directory.

Unfortunately, for certain types of programs, the sticky bits also have another meaning, which is that a special security environment should be used to run the program. Some systems are so secure that this environment doesn't even exist. That's what the above message means.

I'm writing this article so that in two months, when this happens to Bruce for the hundredth time and he does a Google search to find out what is going wrong, he'll see this page and know that the fix is to do

     chmod g-s filename
on the script in question.

Respectfully submitted,

Ferdinand T. Cat



ADDENDUM: Rogue sticky bits can also cause files to become invisible on the web or marked with a numeric owner instead of a named owner when accessed via FTP. To find and delete all the sticky bits in a directory tree, use 
  find . -type f -print | xargs chmod g-s

# At Wed 10:49 AM | Permalink | Trackback URI | Comments (2) | More Unix Hell | Tags:

Trackback Pings

Comments

The s bit is not the sticky bit - it's the setuid bit. The sticky bit is denoted by t.

Your solution is not going to help, since the programs will then not have the permissions they need to run.

The real solution is to install perl-suidperl.


Posted by: John Nixon at February 24, 2009 11:18 AM

Hi it is true, I solved the problem by installing perl-suid (not perl-suidperl). Please remove the last perl from the previous posting).

Please rewrite the page again so that people can use it to solve their problem. Otherwise thank you for trying to solve other's problem.

Cheers


Posted by: Zizi at May 14, 2009 8:23 AM

Leave a comment

HTML is not allowed in comments; however, if you put in a raw URL (http://www.somewhere.com/page.html) it will automatically be converted to a link.. Also, it is likely your comment will not appear unless you refresh the page manually after posting it.

Leave a comment