Debian Bug report logs - #402332
cp/mv do not respect default ACL set on the parent directory

version graph

Package: coreutils; Maintainer for coreutils is Michael Stone <mstone@debian.org>; Source for coreutils is src:coreutils (PTS, buildd, popcon).

Reported by: Julien Valroff <julien@kirya.net>

Date: Sat, 9 Dec 2006 15:48:52 UTC

Severity: normal

Found in version coreutils/6.0-1

Fixed in version 6.10-2

Done: Michael Stone <mstone@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#402332; Package coreutils. (full text, mbox, link).

Acknowledgement sent to Julien Valroff <julien@kirya.net>:
New Bug report received and forwarded. Copy sent to Michael Stone <mstone@debian.org>. (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Julien Valroff <julien@kirya.net>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: coreutils: cp/mv do not respect setgid bit set on the parent directory
Date: Sat, 09 Dec 2006 16:19:13 +0100
Package: coreutils
Version: 6.0-1
Severity: normal

Hi,

When copying or moving a file into a directory with setgid bit set, the copied/moved file doesn't take this into account.

Even with '--no-preserve=mode,ownership', cp does not respect the parent's directory setgid bit.

This exception does not apply to directories, which lets me think it is rather a bug than a feature.

This does happen as standard user or as root.

Cheers,
Julien

-- System Information:
Debian Release: 4.0
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-686
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)

Versions of packages coreutils depends on:
ii  libacl1                      2.2.41-1    Access control list shared library
ii  libc6                        2.3.6.ds1-9 GNU C Library: Shared libraries

coreutils recommends no packages.

-- no debconf information

Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#402332; Package coreutils. (full text, mbox, link).

Acknowledgement sent to Julien Valroff <julien@kirya.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (full text, mbox, link).

Message #10 received at 402332@bugs.debian.org (full text, mbox, reply):

From: Julien Valroff <julien@kirya.net>
To: control@bugs.debian.org
Cc: 402332@bugs.debian.org
Subject: error in the diagnosis
Date: Sun, 10 Dec 2006 11:40:20 +0100
package coreutils
retitle 402332 cp/mv do not respect default ACL set on the parent directory
thanks

Hi,

I am sorry, but the previous explanation is really not the good one!

Actually, the setgid is ok, but the default ACL is not taken into
account when copying or moving a file. Let's take an example, where I
want all the files in music/ to be readable/writable by the members of
the group audio:

julien@hathor:~$ mkdir music
julien@hathor:~$ setfacl -m d:g:audio:rwx music/
julien@hathor:~$ touch music/song1
julien@hathor:~$ getfacl music/song1
# file: music/song1
# owner: julien
# group: julien
user::rw-
group::r-x                      #effective:r--
group:audio:rwx                 #effective:rw-
mask::rw-
other::r--

julien@hathor:~$ touch song2
julien@hathor:~$ getfacl song2
# file: song2
# owner: julien
# group: julien
user::rw-
group::r--
other::r--

julien@hathor:~$ cp song2 music/
julien@hathor:~$ getfacl music/song2
# file: music/song2
# owner: julien
# group: julien
user::rw-
group::r-x                      #effective:r--
group:audio:rwx                 #effective:r--
mask::r--
other::r--

julien@hathor:~$ touch song3
julien@hathor:~$ cp --no-preserve=all song3 music/
julien@hathor:~$ getfacl music/song3
# file: music/song3
# owner: julien
# group: julien
user::rw-
group::r-x                      #effective:r--
group:audio:rwx                 #effective:r--
mask::r--
other::r--

I would expect that song2, or at least song3 is writeable by the group
audio, as for the newly created file song1.

Changing the umask and putting all the users in a shared group would
help, but this solution is not flexible at all.

With mv, the results are even worse (at least to what I would expect):
julien@hathor:~$ touch song4
julien@hathor:~$ mv song4 music/
julien@hathor:~$ getfacl music/song4
# file: music/song4
# owner: julien
# group: julien
user::rw-
group::r--
other::r--

ie No ACL at all!

Well, bug or feature?
If feature, what are the steps to share a folder with specified groups?

Cheers,
Julien

Changed Bug title. Request was from Julien Valroff <julien@kirya.net> to control@bugs.debian.org. (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Michael Stone <mstone@debian.org>:
Bug#402332; Package coreutils. (full text, mbox, link).

Acknowledgement sent to Julien Valroff <julien@kirya.net>:
Extra info received and forwarded to list. Copy sent to Michael Stone <mstone@debian.org>. (full text, mbox, link).

Message #17 received at 402332@bugs.debian.org (full text, mbox, reply):

From: Julien Valroff <julien@kirya.net>
To: 402332@bugs.debian.org
Subject: RE: [bug #402332] cp/mv do not respect default ACL set on the parent directory
Date: Thu, 15 Mar 2007 20:34:42 +0100
Hi,

After further enquiries, it seems that the behaviour described earlier
is normal for mv, which does preserve the permissions of the original
file. I do believe this is not the correct behaviour in case of a shared
folder especially when ACLs are present (see previous example). This
does not go in the way an end-user expect it to go.

Furthermore, as far as I understand, cp shouldn't behave this way, as
the permissions are, by default, inherited - which means the default
ACLs of the parent directory should apply when copying a file.

Cheers,
Julien

Reply sent to Michael Stone <mstone@debian.org>:
You have taken responsibility. (full text, mbox, link).

Notification sent to Julien Valroff <julien@kirya.net>:
Bug acknowledged by developer. (full text, mbox, link).

Message #22 received at 402332-done@bugs.debian.org (full text, mbox, reply):

From: Michael Stone <mstone@debian.org>
To: 402332-done@bugs.debian.org
Subject: Re: cp/mv do not respect default ACL set on the parent directory
Date: Mon, 28 Jan 2008 20:42:31 -0500
Version: 6.10-2

It is normal for mv to retain the permissions on a file, not to change 
it in the process of moving it.

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 26 Feb 2008 07:28:07 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Jan 6 02:13:13 2018; Machine Name: beach

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.