Strange file in the root directory

English Install/Boot/Login
#1

In a fresh install of 11.4 I see a file named “1” (the number “One”) in the / (root) directory.

vodoo@host:/> ls -l 1
-rw-r--r-- 1 root root 0 May 31 11:29 1

Who creates this file and what is it good for?

#2

That file is created by root (who else, or root must have spoiled the access bits of /).

I do not thinks it good for anything.

I guess that some human being loged in as root (you?) and did something that is not easy to recontruct for me (but maybe for you when you rethink all of the things you have done as root on he system, it is only 24 hours ago).

It is very easy to spoil your system while being root (I know you know it), one small typo …

You could check the contents, it is only 1 byte :wink:

#3

It may be a bug in some script where the author wrote by mistake:

2>1 instead of 2>&1

If you would like to do a grep in all the installation scripts, you may have a bug to report. You’re welcome to it. :slight_smile:

#4

Actually it’s empty. Which reduces greatly the possibilities of what it could contain. :wink:

#5

While of (very) minor importance, I deny it is empty. Then it would have shown 0 for the size. Now it shows 1.
I agree that this byte most probably is a New Line. I also agree that “2>1 instead of 2>&1” would create this and that it has a high probability of being the culprit.

#6

The 1 is the link count. The size field is after the owner and group.

#7

:shame: :shame: You are correct. I take the rest of the day off and will hide in a dark corner :shame::shame:

#8

I guess that some human being loged in as root (you?)

No. As I said: it was there yesterday right after a fresh install, before touching anything. But I think ken_yap is on the right track. My question now is: does everyone have it or just some of the users? I see this on all 3 hosts where I installed 11.4.

#9

You could report it anyway in bugzilla and some dev may check it out.

#10

I have installed 11.4 some time ago. Did not look if I had it (of course) and thus never deleted it. I do not have it now.

#11

On 06/01/2011 12:06 PM, hcvv wrote:
>
> :shame: :shame: You are correct.

Dang! i thought there was gonna be a fist fight

> I take the rest of the day off and will
> hide in a dark corner :shame::shame:

don’t you dare take a day off: the penalty for making a mistake it MORE
work (which is why i am here so much–i make LOTS of mistakes…


dd CAVEAT: http://is.gd/bpoMD
[NNTP via openSUSE 11.4 [2.6.37.6-0.5] + KDE 4.6.0 + Thunderbird 3.1.10]
Dual booting with Sluggish Loser7 on Acer Aspire One D255

#12

On 06/01/2011 12:36 PM, vodoo wrote:
>
> I see this on all 3 hosts where I installed 11.4.

where did you get your install media and did it pass this check:
http://tinyurl.com/2ebcf27


dd CAVEAT: http://is.gd/bpoMD
[NNTP via openSUSE 11.4 [2.6.37.6-0.5] + KDE 4.6.0 + Thunderbird 3.1.10]
Dual booting with Sluggish Loser7 on Acer Aspire One D255

#13

On 06/01/2011 01:06 PM, hcvv wrote:
>
> I have installed 11.4 some time ago. Did not look if I had it (of
> course) and thus never deleted it. I do not have it now.

i don’t have it, i’ve never seen a file in /

ever…


dd CAVEAT: http://is.gd/bpoMD
[NNTP via openSUSE 11.4 [2.6.37.6-0.5] + KDE 4.6.0 + Thunderbird 3.1.10]
Dual booting with Sluggish Loser7 on Acer Aspire One D255

#14

On 2011-06-01 14:24, DenverD wrote:

> i don’t have it, i’ve never seen a file in /

cer@Telcontar:~> ls /other/test_b1/
bin boot data dev etc home lib lib64 media mnt opt other proc
root sbin selinux srv success sys tmp usr var

‘success’ is a file :-p

(It is a flag for YaST)


Cheers / Saludos,

Carlos E. R.
(from 11.2 x86_64 “Emerald” at Telcontar)

#15

@DenverD

where did you get your install media and did it pass this check:
http://tinyurl.com/2ebcf27

rotfl! You can bet a crate of beer that I did. I am not going to waste my time installing new hosts with defective media. So the short answer is YES.

Longer answer is: I got the ISO file from the openSUSE site and burned the DVD at a slow 4x pace with cdrecord. MD5 sum of the ISO was checked before burning. Then:

nice -n -19 cdrecord -v dev=/dev/sr0 speed=4 fs=32m driveropts=burnproof -eject openSUSE-11.4-DVD-i586.iso

I checked the media right after burning and once again on the install host after installation. It checked out ok both times. The command line way to do this is:

#!/bin/bash
# Media check for openSUSE-11.4-DVD-i586.iso DVD
BSIZE=2048
SSIZE=4541382656 # Size of ISO file as given by ls -l
BLOCKS=$(($SSIZE / $BSIZE))
dd if=/dev/sr0 bs=$BSIZE count=$BLOCKS conv=notrunc,noerror 2>/dev/null \
   | md5sum - | sed -e "s/ .*/  <== MD5 sum of this DVD/"
echo "5f6d6d67c3e256b2513311f4ed650515  <== original ISO file MD5 sum"
exit 0

@everyone:

I tried to investigate ken_yap’s idea of a faulty “2>1” (or similar) and found nothing suspect in /etc/init.d/ or /var/adm. Does anyone know where all those code snippets from the %post section of the spec files are stored?

#16

The scripts are inside special sections of the RPM. I think the rpm command has an option to allow you to query the scripts.

#17

@ken_yap

Thank you.

rpm -q -a --scripts | grep '> *1'

finds nothing suspicious. Same for –triggers and –triggerscripts. Any idea where else I could look?

#18

I am not sure if that is the right expression in the *grep. *You have a space after the >. That is not needed in the redirection syntax

echo >1

does redirect to the file 1.

#19

You have a space after the >

Yes, I do. I have <SPACE><ASTERISK> in this regular expression and it will find both, >1 or >{SPACE}1 or even >{SPACE}{SPACE}{SPACE}…1

Agreed?

#20

I tested and agree!

It is a Basic Regexp and not a Pattern matching. My fault.