Go fork/exec权限被拒绝错误

huangapple go评论103阅读模式
英文:

Go fork/exec permission denied error

问题

我最近在我们的CentOS 6.3服务器上安装了Go。安装似乎进行得很顺利。然而,我创建了一个测试的“hello world”脚本,当我运行时,会得到以下输出。

fork/exec /tmp/go-build967564990/command-line-arguments/_obj/a.out: permission denied

现在运行go env或其他go命令似乎都可以正常工作。起初我以为这是一个权限问题,然而以root用户身份运行时,我得到了相同的结果。

英文:

I recently installed Go onto our server with CentOS 6.3. The install appears to have gone fine. However I made a test "hello world" script, and when I run I get the following output.

fork/exec /tmp/go-build967564990/command-line-arguments/_obj/a.out: permission denied

Now running go env or other go commands seem to work. At first I figured it was a permission issue, however running as root user I get the same thing. An

答案1

得分: 25

我今天遇到了这个问题,但是上面的解决方案都没有起作用。我的问题通过简单地运行以下命令解决了:

$ export TMPDIR=~/tmp/

然后我就能够通过以下命令运行脚本了:

$ go run hello.go
hello, world

唯一的缺点是每次想要运行一个应用程序时都需要运行export TMPDIR命令。

Adam Goforth致敬

英文:

I encountered this issue today but the solutions above did not work. Mine was fixed by simply running:

$ export TMPDIR=~/tmp/

then I was able to get the script to run with:

$ go run hello.go
hello, world

The only downside is you have to run export TMPDIR every time you want to run an application.

Kudos to Adam Goforth

答案2

得分: 18

只是猜测:出于安全原因,您的nix可能禁用了在/tmp目录中执行程序的功能。在CentOS中可能是可配置的,但我不知道。

另一种解决方案:看起来您正在尝试使用go run来执行Go程序(就像C是脚本一样)。尝试使用正常的构建方式,而不是:

me:~/src/foo$ go run main.go

尝试:

me:~/src/foo$ go build # 这里可能不需要main.go
me:~/src/foo$ ./foo

这种方法仍然会使用/tmp-whatever来创建二进制文件,但不会尝试从那里执行它。

PS:不要以root身份运行这些命令。在正确的设置下不需要这样做。

英文:

Just guessing: Your nix perhaps disables for security reasons executing programs in /tmp. It might be configurable in CentOS, but I don't know that.

The alternative solution: It seems you're trying go run to execute a Go program (which is as script as C is a script). Try (assuming $GOPATH=~, the easy possibility) instead a normal build, i.e. instead of

me:~/src/foo$ go run main.go

try

me:~/src/foo$ go build # main.go should not be necessary here
me:~/src/foo$ ./foo

This approach will still use /tmp-whatever to create the binary, IIRC, but it will not attempt to execute it from there.

PS: Do not run these command as root. No need for that with correct setup.

答案3

得分: 1

我正在使用Fedora 31,并遇到了一个类似的错误,导致我来到这里。我无法在Jetbrains IntelliJ Ultimate/GoLand中运行Go调试器,因为出现了fork/execpermission denied错误。解决方案是这样的:

setsebool deny_ptrace 0

详细信息请参见https://fedoraproject.org/wiki/Features/SELinuxDenyPtrace。

英文:

I am using Fedora 31 and got a similar error which brought me here. I could not run the Go debugger used by Jetbrains IntelliJ Ultimate/GoLand without fork/exec & permission denied error. The solution was this:

setsebool deny_ptrace 0

See https://fedoraproject.org/wiki/Features/SELinuxDenyPtrace for details.

答案4

得分: 1

而不是设置TMPDIR可能会影响其他程序,你可以设置GOTMPDIR

mkdir /some/where/gotmp
export GOTMPDIR=/some/where/gotmp

然后将export GOTMPDIR=/some/where/gotmp添加到你的配置文件(例如.bash_profile)中,以使该变量永久生效。

英文:

Instead of settings TMPDIR which might affect other programs, you can set GOTMPDIR:

mkdir /some/where/gotmp
export GOTMPDIR=/some/where/gotmp

Then add export GOTMPDIR=/some/where/gotmp to your profile (i.e. .bash_profile) to make the variable permanent.

答案5

得分: 0

exec.Command返回的是Cmd类型的结构体。

标准注释:

// Dir指定命令的工作目录。
// 如果Dir为空字符串,则Run在调用进程的当前目录中运行命令。
Dir string

因此,你可以将exec cmd的路径传递给自己的exec命令:

cmd := exec.Command(xxxxx)
cmd.Dir = xxxxPath

然后你可以调用Run()或其他Output()函数。

英文:

exec.Command return this sturct: type Cmd

standard comment:

// Dir specifies the working directory of the command. 	
// If Dir is the empty string, Run runs the command in the
// calling process's current directory.
Dir string

so resolve, you can pass the exec cmd's path to exec yourself command:

cmd := exec.Command(xxxxx)
cmd.Dir = xxxxPath

and then you can call Run() or other Output() func

答案6

得分: -2

为了在我的Chromebook上解决这个问题,我只是将/tmp重新挂载为可执行文件。这样做可能会有安全隐患,但是由于go run在其他平台上可以工作,我认为可能并不那么糟糕(尤其是在本地开发机上):

sudo mount -i -o remount,exec /tmp/

我将这个命令添加到了我的.bash_profile脚本中。

英文:

To fix this issue on my Chromebook I just remounted /tmp as executable. There may be security implications in doing this, but since go run works on other platforms I figure maybe it's not that bad (especially on a local dev machine):

sudo mount -i -o remount,exec /tmp/

I added this to my .bash_profile script.

答案7

得分: -4

考虑尝试:

sudo mount -o remount exec /tmp

英文:

Consider trying:

sudo mount -o remount exec /tmp

huangapple
  • 本文由 发表于 2013年2月19日 03:32:44
  • 转载请务必保留本文链接:https://go.coder-hub.com/14943917.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定