Carlos, On Wednesday 13 September 2006 03:24, Carlos E. R. wrote:
The Tuesday 2006-09-12 at 03:42 -0500, Jon Nelson wrote:
Always do --setugids *before* --setperms.
Why is that? :-?
Because changing a file's ownership (including it's group ID) clears the setuid and / or setgid bits. This happens at the kernel level, so it's not just the chown and chgrp commands that require this treatment. An excerpt from "man 2 chown": -==--==--==--==--==--==--==--==--==--==--==--==--==--==--==- When the owner or group of an executable file are changed by a non- superuser, the S_ISUID and S_ISGID mode bits are cleared. POSIX does not specify whether this also should happen when root does the chown; the Linux behaviour depends on the kernel version. In case of a non- group-executable file (with clear S_IXGRP bit) the S_ISGID bit indi- cates mandatory locking, and is not cleared by a chown. -==--==--==--==--==--==--==--==--==--==--==--==--==--==--==-
-- Cheers, Carlos E. R.
Randall Schulz