Prev: grub boot problem with md
Next: rsync to clone disk - Can it work? grub-install error
From: x_debian-user_x on 27 Nov 2007 23:00
Hi,

I wonder if someone can throw some light on this file-permissions
issue please?

It came to light as rsync complained:
rsync: failed to set times on "/var/www/mirror/foo/.": Operation not permitted (1)

An strace revealed the failure is effectively a result of:
cd /var/www/mirror/foo; touch -m .

The directory is group writable and with ownership root.staff, rysnc
is running as a user who is a member of group staff.

Now maybe there's a better way to manage the file permissions for
mirroring with rysnc, and maybe someone will comment on that as a side
discussion, but mainly I'm curious why the directory mtime cannot be
set in this way.

Some testing at the command line indeed confirms that it's not
possible to 'touch -m' or 'touch -a' a directory without direct
ownership, but plain 'touch' will succeed as long as group permissions
include write access.

My suspicion is this is a security feature, but I fail to see it
because the same as 'touch -m' can be achieved by simply creating and
then deleting a dummy file within the directory, as demonstrated
below.

This is also at http://pastebin.com/m6896ed8a for those who might
prefer to view it there.

Total respect due to any guru who can explain this... I've asked
around already and received no satisfactory explanation!

~$ ls -la /tmp/foo
total 8
drwxrwxr-x 4 root staff 1024 2007-11-26 22:53 .
drwxrwxrwt 17 root root 5120 2007-11-27 00:08 ..
drwxrwxr-x 2 gm gm 1024 2007-11-27 00:40 bar
drwxrwxr-x 2 root staff 1024 2007-11-27 00:40 baz
~$ groups
gm dialout cdrom floppy audio src video plugdev staff users powerdev ssh-login
~$ touch /tmp/foo/bar
~$ stat /tmp/foo/bar
File: `/tmp/foo/bar'
Size: 1024 Blocks: 2 IO Block: 4096 directory
Device: 308h/776d Inode: 132531 Links: 2
Access: (0775/drwxrwxr-x) Uid: ( 1000/ gm) Gid: ( 1000/ gm)
Access: 2007-11-27 00:40:36.000000000 +0000
Modify: 2007-11-27 00:40:36.000000000 +0000
Change: 2007-11-27 00:40:36.000000000 +0000
~$ touch -a /tmp/foo/bar
~$ touch -m /tmp/foo/bar
~$ stat /tmp/foo/bar
File: `/tmp/foo/bar'
Size: 1024 Blocks: 2 IO Block: 4096 directory
Device: 308h/776d Inode: 132531 Links: 2
Access: (0775/drwxrwxr-x) Uid: ( 1000/ gm) Gid: ( 1000/ gm)
Access: 2007-11-27 00:40:50.000000000 +0000
Modify: 2007-11-27 00:40:56.000000000 +0000
Change: 2007-11-27 00:40:56.000000000 +0000
~$ touch /tmp/foo/baz
~$ stat /tmp/foo/baz
File: `/tmp/foo/baz'
Size: 1024 Blocks: 2 IO Block: 4096 directory
Device: 308h/776d Inode: 132530 Links: 2
Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 50/ staff)
Access: 2007-11-27 00:41:08.000000000 +0000
Modify: 2007-11-27 00:41:08.000000000 +0000
Change: 2007-11-27 00:41:08.000000000 +0000
~$ touch -a /tmp/foo/baz
touch: setting times of `/tmp/foo/baz': Operation not permitted
~$ touch -m /tmp/foo/baz
touch: setting times of `/tmp/foo/baz': Operation not permitted
~$ stat /tmp/foo/baz
File: `/tmp/foo/baz'
Size: 1024 Blocks: 2 IO Block: 4096 directory
Device: 308h/776d Inode: 132530 Links: 2
Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 50/ staff)
Access: 2007-11-27 00:41:08.000000000 +0000
Modify: 2007-11-27 00:41:08.000000000 +0000
Change: 2007-11-27 00:41:08.000000000 +0000
~$ touch /tmp/foo/baz/file; rm /tmp/foo/baz/file
~$ stat /tmp/foo/baz
File: `/tmp/foo/baz'
Size: 1024 Blocks: 2 IO Block: 4096 directory
Device: 308h/776d Inode: 132530 Links: 2
Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 50/ staff)
Access: 2007-11-27 00:41:08.000000000 +0000
Modify: 2007-11-27 00:41:37.000000000 +0000
Change: 2007-11-27 00:41:37.000000000 +0000
~$
~$
~$

-grummund


--
To UNSUBSCRIBE, email to debian-user-REQUEST(a)lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster(a)lists.debian.org
 | 
Pages: 1
Prev: grub boot problem with md
Next: rsync to clone disk - Can it work? grub-install error