Bug 471581 - how to restore advanced file permissions (Sticky, SUID, SGID)
Summary: how to restore advanced file permissions (Sticky, SUID, SGID)
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: rpm
Version: 9
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Panu Matilainen
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2008-11-14 13:38 UTC by Jan Huijbers
Modified: 2009-02-05 12:31 UTC (History)
4 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2009-02-05 12:31:39 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)

Description Jan Huijbers 2008-11-14 13:38:59 UTC
Description of problem:
advanced filepermissions gone

Version-Release number of selected component (if applicable):
all

How reproducible:
everytime

Steps to Reproduce:
1.
restore file permissions for fedora by:

rpm -qa | rmp --setperms --setugids 

2.
3.
  
Actual results:
i susspect that advanced file permissions like sticky bit, SUID and SGID are whiped because some commands behave different. For example:

when loggid in as an regular user isuing:
user$ su -
password:
authentication failed while using the correct root password

Expected results:


Additional info:

Is there a way to restore those permissions whitout re-installing the system, or is there an overview for fedora of files/directories using these filepermision so i can restore them by hand.

Comment 1 Phil Knirsch 2008-11-19 13:39:34 UTC
Moving to rpm component.

Comment 2 Panu Matilainen 2009-02-05 12:31:39 UTC
The order matters here, --setperms and --setugids are two different operations, and changing uid/gid causes suid/sgid bits to be reset, undoing part of the work of --setperms.

This'll do the trick (for all packages, to selectively reset replace -a with package names)
# rpm --setugids --setperms -a

No bug here, except perhaps insufficient documentation on these popt aliases.


Note You need to log in before you can comment on or make changes to this bug.