User permission to create new File Descriptor

On CentOS 8 I have a Bash script which uses a non-standard file descriptor (/dev/fd/5) and needs to be executed by a standard user (not root).

When the user executes the script it receives

tee: /dev/fd/5: Permission denied

The code snippet which is raising this error is this:

# Print message both to stdout and FD5
msg() {
    msg="$1"
    echo "$msg" | tee /dev/fd/5
}

What kind of permission I should give to user to let it create and use a new File Descriptor?

Solution 1:

There's no permission you can give for a program to write to a read only section of the /proc filesystem.

Take a look at the path you used /dev/fd/5. Notice that /dev/fd is actually a symlink to /proc/self/fd. This means that these descriptors reference each program's own open files.

When you ask tee to write to /dev/fd/5 it can't do so because /proc/self/fd/5 doesn't exist. It doesn't exist because tee didn't open it. And the kernel won't allow it to be created as a regular file.

If the file descriptor was opened by the script, then you should just send output there directly.

echo "$msg" >&5

If the file descriptor was not opened by the script, you need to rethink your approach to whatever you are doing.