Logo Questions Linux Laravel Mysql Ubuntu Git Menu

Weird "Permission denied" exception when running bash script on EC2 (Ubuntu)

I've attached an EBS block and mounted it at "/data" on my EC2 instance, which runs Ubuntu 12.04. There is a backup script which runs okay but after I move the script to "/data/backup" folder, it cannot be executed, with error:

-bash: ./db_backup.sh: Permission denied

The permission is:

-rwxr-xr-x 1 ubuntu ubuntu 2.3K Nov 22 03:25 db_backup.sh

If I run it with "sudo", there is no error and no output, but there should be some thing echo to console.

And I also try use "strace" to follow the excecution, got:

execve("./db_backup.sh", ["./db_backup.sh"], [/* 19 vars */]) = -1 EACCES (Permission   denied)
dup(2)                                  = 3
fcntl(3, F_GETFL)                       = 0x8002 (flags O_RDWR|O_LARGEFILE)
fstat(3, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 1), ...}) = 0
mmap(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) =     0x7f354f010000
lseek(3, 0, SEEK_CUR)                   = -1 ESPIPE (Illegal seek)
write(3, "strace: exec: Permission denied\n", 32strace: exec: Permission denied
) = 32
close(3)                                = 0
munmap(0x7f354f010000, 4096)            = 0
exit_group(1)                           = ?

But if I put this script somewhhere, say "/tmp", it works no problem. To narrow down the root cause, I also created a test script:


echo "hello"

Sadly, this doesn't work too if I put it in the /data folder.

like image 407
xiaowl Avatar asked Feb 14 '23 14:02


1 Answers

Most probably it is mounted with the noexec flag on. You can confirm with:

mount | grep /data

In the output you will probably see something like (rw,noexec) at the end of the line. The noexec flag is not a default, so this usually happens when it is configured explicitly to mount it that way.

I don't know how you mount it, but there must be a configuration somewhere for this. You can probably change it, but maybe it's not such a good idea, these defaults exist for a reason. A better option is to run the script explicitly in bash or sh, like this:

sh db_backup.sh


In some cases @Doc's comment might help too:

I was dealing with the same sort of behaviour. I noticed in my /etc/fstab, even though I had "exec" in there explicitly for my partition, I also had "user" after it.. As soon as I removed user and remounted the partition, my users could exec on the partition.

like image 144
janos Avatar answered Feb 17 '23 04:02