Red Hat Bugzilla – Full Text Bug Listing
|Summary:||problem assigning the special permissions (suid, sgid and sticky), isn't possible clear its ussing the numeric method|
|Product:||[Fedora] Fedora||Reporter:||Oscar Ferraro Nobile <oscar>|
|Component:||coreutils||Assignee:||Ondrej Vasik <ovasik>|
|Status:||CLOSED NOTABUG||QA Contact:||Fedora Extras Quality Assurance <extras-qa>|
|Version:||10||CC:||kdudka, mvadkert, ovasik, rrakus, twaugh|
|Fixed In Version:||Doc Type:||Bug Fix|
|Doc Text:||Story Points:||---|
|Last Closed:||2009-03-27 08:03:38 EDT||Type:||---|
|oVirt Team:||---||RHEL 7.3 requirements from Atomic Host:|
Description Oscar Ferraro Nobile 2009-03-26 12:28:34 EDT
Description of problem: When I am changing the special permissions (suid, sgid and sticky) in Fedora with the numeric method (chmod 2755 for example), is possible add the special permissions with numbers, but isn't possible to clear permissions. for example: is possible do chmod 4755 to add suid but if I use chmod 0755 the permission suid isn't remove. In other form, with chmod u-s the permission clear right. The problem is that using the numeric method only is possible add permission specials Version-Release number of selected component (if applicable): How reproducible: Steps to Reproduce: 1. 2. 3. Actual results: Expected results: Additional info:
Comment 1 Roman Rakus 2009-03-27 06:42:56 EDT
chmod is part of coreutils...
Comment 2 Kamil Dudka 2009-03-27 08:03:38 EDT
You can set/clear special permission bits directly by number only for regular files. For directories use symbolic modes. Consider chmod(1) man page: "chmod preserves a directory's set-user-ID and set-group-ID bits unless you explicitly specify otherwise. You can set or clear the bits with symbolic modes like u+s and g-s, and you can set (but not clear) the bits with a numeric mode."
Comment 3 Oscar Ferraro Nobile 2009-03-27 08:23:28 EDT
Yes, I can use the symbolic mode, but this is a bug in Fedora. I probed the same in Red Hat (using the numeric mode) and in Red Hat the numeric mode of chmod works good. But in Fedora is not possible to clear the special permissions with the numeric method. I posted this bug only to share this information. Thank you, Oscar.
Comment 4 Kamil Dudka 2009-03-27 08:33:26 EDT
Nope, this is not "bug in Fedora". GNU coreutils (upstream) behaves this way. It was documented about two years ago: http://git.savannah.gnu.org/gitweb/?p=coreutils.git;a=commitdiff;h=f4a5097ea3d35798fbe220c5d2835295f3bc2cd1
Comment 5 Oscar Ferraro Nobile 2009-03-27 10:13:48 EDT
Ah, oks. Why in Red Hat is different? Using 0 in Red Hat I can clear the special permissions but in Fedora no. I don't understand why. I saw that the version in Fedora of the coreutils is 6.10 and in Red Hat is 5.97 The difference is in the version of coreutils or is different between Fedora and Red Hat?
Comment 6 Kamil Dudka 2009-03-27 10:55:19 EDT
Yes, it's about the version of coreutils. Looking at NEWS I can see this behavior was changed in coreutils 6.0: chmod, install, and mkdir now preserve a directory's set-user-ID and set-group-ID bits unless you explicitly request otherwise. E.g., `chmod 755 DIR' and `chmod u=rwx,go=rx DIR' now preserve DIR's set-user-ID and set-group-ID bits instead of clearing them, and similarly for `mkdir -m 755 DIR' and `mkdir -m u=rwx,go=rx DIR'. To clear the bits, mention them explicitly in a symbolic mode, e.g., `mkdir -m u=rwx,go=rx,-s DIR'. To set them, mention them explicitly in either a symbolic or a numeric mode, e.g., `mkdir -m 2755 DIR', `mkdir -m u=rwx,go=rx,g+s' DIR. This change is for convenience on systems where these bits inherit from parents. Unfortunately other operating systems are not consistent here, and portable scripts cannot assume the bits are set, cleared, or preserved, even when the bits are explicitly mentioned. For example, OpenBSD 3.9 `mkdir -m 777 D' preserves D's setgid bit but `chmod 777 D' clears it. Conversely, Solaris 10 `mkdir -m 777 D', `mkdir -m g-s D', and `chmod 0777 D' all preserve D's setgid bit, and you must use something like `chmod g-s D' to clear it. Note that current F-10 coreutils version is coreutils-6.12-18.
Comment 7 Oscar Ferraro Nobile 2009-03-27 11:42:02 EDT
That's ok, I understand. Thanks for explaining to me!
Comment 13 Fedora Update System 2015-08-17 21:11:45 EDT
reposurgeon-3.28-1.fc23 has been submitted as an update for Fedora 23. https://admin.fedoraproject.org/updates/reposurgeon-3.28-1.fc23
Comment 14 Fedora Update System 2015-08-17 21:13:32 EDT
reposurgeon-3.28-1.fc22 has been submitted as an update for Fedora 22. https://admin.fedoraproject.org/updates/reposurgeon-3.28-1.fc22
Comment 15 Fedora Update System 2015-08-17 21:14:49 EDT
reposurgeon-3.28-1.el7 has been submitted as an update for Fedora EPEL 7. https://admin.fedoraproject.org/updates/reposurgeon-3.28-1.el7