00:18:58 <ant-x> In /etc/ssl/certs , I cannot create a new file with cat:
00:19:10 <ant-x> # cat self.crt self.key > self.pem
00:19:21 <ant-x> sh: cannot create self.pem: Permission denied
00:19:49 <ant-x> Even though I can open, edit, and save self.pem in a text editor, also as root. Why?
01:56:31 <rwp> ant-x, Works for me.  Is self.pem actually a symlink to some place that is truly not writable?
01:57:09 <ant-x> No, it is cat-related: I have done it by hand.
02:00:38 <ant-x> No symlinks.
02:01:17 <ant-x> As I said, I can create self.pem with ``vi self.pem`` or with ``touch self.pem'' (as root).
02:05:20 <rwp> csh has a shell flag that prevents it overwriting files with > redirection.  Is that set for you?
02:05:42 <ant-x> I use sh.
02:07:06 <ant-x> doas echo test > self.pem # fails, too.
02:07:15 <rwp> set -o | grep clobber
02:07:30 <ant-x> I am doing that under /etc/ssl/certs (perhaps it matters).
02:07:31 <rwp> doas will not have any effect on a > redirection.
02:07:40 <ant-x> Ooop!
02:07:56 <rwp> What does "set -o | grep clobber" show?
02:08:01 <ant-x> Unless I do something like eval?
02:08:46 <rwp> You said you were already root so there is no need for doas.
02:09:06 <ant-x> That explains it. This works: doas sh -c "echo test > self.pem"
02:09:17 <rwp> However if you want to use doas to elevate a non-root process then: doas sh -c "echo foo > foo.txt"
02:09:25 <rwp> Jinx!
02:09:39 <ant-x> I said that to simplify things. I use doas to assume root. Beg pardon!@
02:09:50 <ant-x> Yep. Thanks.
02:10:28 <ant-x> That'll teach me to report things literally as they are.
02:10:30 <rwp> I still think you must have the shell's noclobber option set.
02:11:34 <ant-x> No, I don't (just checked).  I have never heard of this options.