Hello, as reported in https://bugs.launchpad.net/ubuntu/+source/coreutils/+bug/187315 by Aaron Toponce , chmod could display confusing messages when used for SGID/SUID/sticky bits without permissions to change them.
e.g. with non-root sudoers user following scenario
mkdir tmp;sudo chown .root tmp;ls -ld tmp;chmod -v 2755 tmp;ls -ld tmp;
would lead to:
drwxrwxr-x 2 Reset root 4096 24. říj 17.33 tmp
mode of `tmp' changed to 2755 (rwxr-sr-x)
drwxr-xr-x 2 Reset root 4096 24. říj 17.33 tmp
So user is informed that sticky bit was set even if it was not.
After my patch output will be:
drwxrwxr-x 2 Reset root 4096 24. říj 17.35 tmp
can't change mode of `tmp' to 2755 (rwxr-sr-x), using 0755 (rwxr-xr-x)
mode of `tmp' changed to 0755 (rwxr-xr-x)
drwxr-xr-x 2 Reset root 4096 24. říj 17.35 tmp
That should reduce user's confusion and clarify what's really done by
chmod command.
Greetings,
Ondřej Vašík
From 4eaf35f250ab6eec036b7ab21a482a76289f8303 Mon Sep 17 00:00:00 2001
From: =?utf-8?q?Ond=C5=99ej=20Va=C5=A1=C3=ADk?= <[EMAIL PROTECTED]>
Date: Fri, 24 Oct 2008 17:24:09 +0200
Subject: [PATCH] chmod: inform in verbose if used mode for chmod was different than requested
* chmod (process_file): Display a message when SUID, SGID or sticky bit change
was requested but not performed. Suggested by Aaron Toponce
* NEWS: Mention that change.
---
NEWS | 3 +++
src/chmod.c | 37 +++++++++++++++++++++++++++++++++++--
2 files changed, 38 insertions(+), 2 deletions(-)
diff --git a/NEWS b/NEWS
index 3fc0349..86f415b 100644
--- a/NEWS
+++ b/NEWS
@@ -23,6 +23,9 @@ GNU coreutils NEWS -*- outline -*-
Rm was improved directly, while the others inherit the improvement
from the newer version of fts in gnulib.
+ chmod now displays a message when SUID, SGID or sticky bit change was
+ requested, but not performed.
+
comm now verifies that the inputs are in sorted order. This check can
be turned off with the --nocheck-order option.
diff --git a/src/chmod.c b/src/chmod.c
index 80fc363..87f8199 100644
--- a/src/chmod.c
+++ b/src/chmod.c
@@ -259,8 +259,41 @@ process_file (FTS *fts, FTSENT *ent)
if (verbosity != V_off)
{
- bool changed = (chmod_succeeded
- && mode_changed (file, old_mode, new_mode));
+ bool mode_change = mode_changed (file, old_mode, new_mode);
+ bool changed = (chmod_succeeded && mode change);
+
+ if (chmod_succeeded && ((old_mode ^ new_mode) & CHMOD_MODE_BITS))
+ {
+
+ /* Changed to another mode than requested */
+ struct stat new_stats;
+ char perms_requested[12];
+ char perms_actual[12];
+
+ if (stat (file, &new_stats) != 0)
+ {
+ if (!force_silent)
+ error (0, errno, _("getting new attributes of %s"),
+ quote (file));
+ ok = false;
+ }
+
+ strmode (new_mode, perms_requested);
+ perms_requested[10] = '\0';
+ strmode (new_stats.st_mode, perms_actual);
+ perms_actual[10] = '\0';
+ printf(
+ _("can't change mode of %s to %04lo (%s), using %04lo (%s)\n"),
+ quote (file),
+ (unsigned long int) (new_mode & CHMOD_MODE_BITS),
+ &perms_requested[1],
+ (unsigned long int) (new_stats.st_mode & CHMOD_MODE_BITS),
+ &perms_actual[1]);
+
+ /* Change mode to actual mode after change for verbose output */
+ new_mode = new_stats.st_mode;
+ }
+
if (changed || verbosity == V_high)
{
--
1.5.6.1.156.ge903b
signature.asc
Description: Toto je digitálně podepsaná část zprávy
_______________________________________________ Bug-coreutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-coreutils
