[Bug 396996] New: acl default mask not honoured correctly
https://bugzilla.novell.com/show_bug.cgi?id=396996 Summary: acl default mask not honoured correctly Product: openSUSE 10.3 Version: Final Platform: 64bit OS/Version: openSUSE 10.3 Status: NEW Severity: Major Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: reitenbach@rapideye.de QAContact: qa@suse.de Found By: Customer I created a directory, with the following default acl's: user1@host1:~> getfacl target/ # file: target # owner: user1 # group: grp1 user::rwx group::--- group:grp1:rwx mask::rwx other::--- default:user::rwx default:group::--- default:group:grp1:rwx default:mask::rwx default:other::--- Then I copied the following file into it: user1@host1:~> getfacl source/test1 # file: source/test1 # owner: user1 # group: grp1 user::rw- group::r-- other::r-- user1@host1:~> cp source/test1 target/ and then the mask of the file was not as expected: user1@host1:~> getfacl target/test1 # file: target/test1 # owner: user1 # group: grp1 user::rw- group::--- group:grp1:rwx #effective:r-- mask::r-- other::--- This also happens when you copy the file with konqueror, or use rsync. readng the man page, I expected the mask of the copied file to be the same as the default mask of the target directory. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=396996
User rvojcik@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=396996#c1
Robert Vojcik
https://bugzilla.novell.com/show_bug.cgi?id=396996
User bphilips@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=396996#c2
Brandon Philips
From www.suse.de/~agruen/acl/chapter/fs_acl-en.pdf
"Default ACLs can only be applied to directories. They determine the permissions a file system object inherits from its parent directory when it is created." So, not inheriting the default ACL on a cp seems like the right behavior. CC'ing Andreas just in case I am wrong. Andreas? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=396996
User agruen@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=396996#c3
Andreas Gruenbacher
If dest_file does not exist, a file descriptor shall be obtained by performing actions equivalent to the open( ) function defined in the System Interfaces volume of IEEE Std 1003.1-2001 called using dest_file as the path argument, and the bitwise-inclusive OR of O_WRONLY and O_CREAT as the oflag argument. The file permission bits of source_file shall be the mode argument.
POSIX 1003.2c draft 17 further clarifies:
Note that in the absence of the ‘‘−p’’ option, the cp utility already specifies that new files are created using open(), specifying the file permission bits of the source file in the mode argument, and POSIX1e specifies the impact of default ACLs on open(). The result being that if there is a default ACL on the destination directory, the resulting ACL on the destination file will be the default ACL modified by the permission bits of the source file. This effectively will limit access to the newly created file to the minimum of accesses specified in the default ACL and the source file permissions. If the destination directory does not have a default ACL, then the permission bits of the newly created file will be the source file permission bits as modified by the umask.
In other words, the behavior is as expected. Use ‘‘cp -p’’ if you want to preserve ACLs. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com