Bug 801522
| Summary: | /usr/bin/install fails to explicitly set permissions when parent has sticky bit set | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 5 | Reporter: | Jason Bradley Nance <jbnance> |
| Component: | coreutils | Assignee: | Ondrej Vasik <ovasik> |
| Status: | CLOSED WONTFIX | QA Contact: | qe-baseos-daemons |
| Severity: | unspecified | Docs Contact: | |
| Priority: | unspecified | ||
| Version: | 5.8 | CC: | jbnance, meyering, prc |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2013-03-07 16:38:16 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Apparently OpenBSD considered this mkdir() behavior a bug and has resolved it within the call to mkdir(): http://www.openbsd.org/cgi-bin/cvsweb/src/bin/mkdir/mkdir.c?rev=1.24;content-type=text%2Fx-cvsweb-markup From mkdir.c: rv = mkdir(*argv, mode); /* * The mkdir() and umask() calls both honor only the * low nine bits, so if you try to set a mode including * the sticky, setuid, setgid bits you lose them. Don't * do this unless the user has specifically requested * a mode as chmod will (obviously) ignore the umask. */ if (rv == 0 && mode > 0777) rv = chmod(*argv, mode); I doubt this will get fixed in RHEL-5. There was a strong discussion about "enough explicit" mode and special bits handling. Openbsd implementation is very different from the GNU coreutils. Required changes (were done after discussion about similar problem in RHEL-6) were done upstream as http://git.savannah.gnu.org/gitweb/?p=gnulib.git;a=commitdiff;h=4730c3e3692b344effb72d46b3ff92db0bdb797a . More details and some discussion pointers are in https://bugzilla.redhat.com/show_bug.cgi?id=691466 (it is about chmod, but the install is using same gnulib functions, so technically the same issue). With install -m 00750 -d /tmp/foo/bar you can get this behaviour on RHEL-6.3+ . Just 0750 will not work anywhere - because of the risk of confusion with octals. If you have strong need for the fix in RHEL-5, please contact Red Hat support and discuss the posibilities with them. This may increase the chances for RHEL-5. RHEL-5.10 (the next RHEL-5 minor release) is going to be the first production phase 2 [1] release of RHEL-5. Since phase 2 we'll be addressing only security and critical issues. This bug report doesn't qualify for it. This one issue is already fixed (ok, at least somewhat) in RHEL-6 therefore I am closing the bug as WONTFIX for RHEL-5. [1] https://access.redhat.com/support/policy/updates/errata/ |
Description of problem: /usr/bin/install is failing to set the permissions specified by a "-m" when the parent directory has a group sticky bit set. Version-Release number of selected component (if applicable): coreutils-5.97-34.el5.x86_64 How reproducible: 100% Steps to Reproduce: install -m 2755 -d /tmp/foo install -m 0750 -d /tmp/foo/bar Actual results: drwxr-sr-x 3 root root 4096 Mar 8 17:49 /tmp/foo drwxr-s--- 2 root root 4096 Mar 8 17:49 /tmp/foo/bar Expected results: drwxr-sr-x 3 root root 4096 Mar 8 17:49 /tmp/foo drwxr-x--- 2 root root 4096 Mar 8 17:49 /tmp/foo/bar Additional info: The strace shows install calling mkdir() with the mode argument. ... umask(0) = 027 stat("/tmp/foo/bar", 0x7fffc90d8e10) = -1 ENOENT (No such file or directory) umask(0) = 0 open(".", O_RDONLY) = 3 chdir("/") = 0 mkdir("tmp", 0750) = -1 EEXIST (File exists) chdir("tmp") = 0 mkdir("foo", 0750) = -1 EEXIST (File exists) chdir("foo") = 0 umask(0) = 0 mkdir("bar", 0750) = 0 ... The documentation for install says the following regarding -m: -m, --mode=MODE set permission mode (as in chmod), instead of rwxr-xr-x To me this says "set the permissions to this explicitly". So I believe that install needs to do a chmod(), not just set the permissions in the call to mkdir().