Debian Bug report logs - #402332
cp/mv do not respect default ACL set on the parent directory

version graph

Package: coreutils; Maintainer for coreutils is Michael Stone <mstone@debian.org>; Source for coreutils is src:coreutils.

Reported by: Julien Valroff <julien@kirya.net>

Date: Sat, 9 Dec 2006 15:48:52 UTC

Severity: normal

Found in version coreutils/6.0-1

Fixed in version 6.10-2

Done: Michael Stone <mstone@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#402332; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Julien Valroff <julien@kirya.net>:
New Bug report received and forwarded. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Julien Valroff <julien@kirya.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: coreutils: cp/mv do not respect setgid bit set on the parent directory
Date: Sat, 09 Dec 2006 16:19:13 +0100
Package: coreutils
Version: 6.0-1
Severity: normal

Hi,

When copying or moving a file into a directory with setgid bit set, the copied/moved file doesn't take this into account.

Even with '--no-preserve=mode,ownership', cp does not respect the parent's directory setgid bit.

This exception does not apply to directories, which lets me think it is rather a bug than a feature.

This does happen as standard user or as root.

Cheers,
Julien

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

Versions of packages coreutils depends on:
ii  libacl1                      2.2.41-1    Access control list shared library
ii  libc6                        2.3.6.ds1-9 GNU C Library: Shared libraries

coreutils recommends no packages.

-- no debconf information



Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#402332; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Julien Valroff <julien@kirya.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #10 received at 402332@bugs.debian.org (full text, mbox):

From: Julien Valroff <julien@kirya.net>
To: control@bugs.debian.org
Cc: 402332@bugs.debian.org
Subject: error in the diagnosis
Date: Sun, 10 Dec 2006 11:40:20 +0100
package coreutils
retitle 402332 cp/mv do not respect default ACL set on the parent directory
thanks

Hi,

I am sorry, but the previous explanation is really not the good one!

Actually, the setgid is ok, but the default ACL is not taken into
account when copying or moving a file. Let's take an example, where I
want all the files in music/ to be readable/writable by the members of
the group audio:

julien@hathor:~$ mkdir music
julien@hathor:~$ setfacl -m d:g:audio:rwx music/
julien@hathor:~$ touch music/song1
julien@hathor:~$ getfacl music/song1
# file: music/song1
# owner: julien
# group: julien
user::rw-
group::r-x                      #effective:r--
group:audio:rwx                 #effective:rw-
mask::rw-
other::r--

julien@hathor:~$ touch song2
julien@hathor:~$ getfacl song2
# file: song2
# owner: julien
# group: julien
user::rw-
group::r--
other::r--

julien@hathor:~$ cp song2 music/
julien@hathor:~$ getfacl music/song2
# file: music/song2
# owner: julien
# group: julien
user::rw-
group::r-x                      #effective:r--
group:audio:rwx                 #effective:r--
mask::r--
other::r--

julien@hathor:~$ touch song3
julien@hathor:~$ cp --no-preserve=all song3 music/
julien@hathor:~$ getfacl music/song3
# file: music/song3
# owner: julien
# group: julien
user::rw-
group::r-x                      #effective:r--
group:audio:rwx                 #effective:r--
mask::r--
other::r--

I would expect that song2, or at least song3 is writeable by the group
audio, as for the newly created file song1.

Changing the umask and putting all the users in a shared group would
help, but this solution is not flexible at all.

With mv, the results are even worse (at least to what I would expect):
julien@hathor:~$ touch song4
julien@hathor:~$ mv song4 music/
julien@hathor:~$ getfacl music/song4
# file: music/song4
# owner: julien
# group: julien
user::rw-
group::r--
other::r--

ie No ACL at all!

Well, bug or feature?
If feature, what are the steps to share a folder with specified groups?

Cheers,
Julien




Changed Bug title. Request was from Julien Valroff <julien@kirya.net> to control@bugs.debian.org. Full text and rfc822 format available.

Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#402332; Package coreutils. Full text and rfc822 format available.

Acknowledgement sent to Julien Valroff <julien@kirya.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. Full text and rfc822 format available.

Message #17 received at 402332@bugs.debian.org (full text, mbox):

From: Julien Valroff <julien@kirya.net>
To: 402332@bugs.debian.org
Subject: RE: [bug #402332] cp/mv do not respect default ACL set on the parent directory
Date: Thu, 15 Mar 2007 20:34:42 +0100
Hi,

After further enquiries, it seems that the behaviour described earlier
is normal for mv, which does preserve the permissions of the original
file. I do believe this is not the correct behaviour in case of a shared
folder especially when ACLs are present (see previous example). This
does not go in the way an end-user expect it to go.

Furthermore, as far as I understand, cp shouldn't behave this way, as
the permissions are, by default, inherited - which means the default
ACLs of the parent directory should apply when copying a file.

Cheers,
Julien





Reply sent to Michael Stone <mstone@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to Julien Valroff <julien@kirya.net>:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #22 received at 402332-done@bugs.debian.org (full text, mbox):

From: Michael Stone <mstone@debian.org>
To: 402332-done@bugs.debian.org
Subject: Re: cp/mv do not respect default ACL set on the parent directory
Date: Mon, 28 Jan 2008 20:42:31 -0500
Version: 6.10-2

It is normal for mv to retain the permissions on a file, not to change 
it in the process of moving it.




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 26 Feb 2008 07:28:07 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 10:11:44 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.