From: Carlos Maiolino <cmaiolino@redhat.com>
To: Dave Chinner <david@fromorbit.com>
Cc: xfs@oss.sgi.com
Subject: Re: [PATCH] xfs: fix sgid inheritance for subdirectories inheriting default acls [V2]
Date: Wed, 19 Jun 2013 10:29:22 -0300 [thread overview]
Message-ID: <20130619132921.GA5200@andromeda.usersys.redhat.com> (raw)
In-Reply-To: <20130618224351.GB29338@dastard>
Hi Dave,
> > @@ -594,9 +594,10 @@ xfs_setattr_nonsize(
> > * The set-user-ID and set-group-ID bits of a file will be
> > * cleared upon successful return from chown()
> > */
> > - if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) &&
> > - !capable(CAP_FSETID))
> > - ip->i_d.di_mode &= ~(S_ISUID|S_ISGID);
> > + if (!S_ISDIR(inode->i_mode))
> > + if ((ip->i_d.di_mode & (S_ISUID|S_ISGID)) &&
> > + !capable(CAP_FSETID))
> > + ip->i_d.di_mode &= ~(S_ISUID|S_ISGID);
>
> I'm not sure I understand why this is part of this patch - the ACL
> path does not enter this code branch (ATTR_UID/GID) so it doesn't
> affect ACL inheritence. So this is some other behavioural change?
>
My apologies to have not commented it.
During my code surfing to understand the problem, and what places we revoked
sgid, I found this one, and, based on chmod specifications, we should keep sgid
on the directory while chmoding it, unless the user explicitly ask for sgid
removal, otherwise, if chmoding a file, we remove sgid if this isn't specified
in the new mode. So, I've added a check here to ensure the inode isn't a dir
before remove the sgid bit.
Should I remove it from the patch?
> Cheers,
>
> Dave.
> --
> Dave Chinner
> david@fromorbit.com
--
Carlos
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2013-06-19 13:29 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-06-18 15:32 [PATCH] xfs: fix sgid inheritance for subdirectories inheriting default acls [V2] Carlos Maiolino
2013-06-18 22:43 ` Dave Chinner
2013-06-19 13:29 ` Carlos Maiolino [this message]
2013-06-19 23:39 ` Dave Chinner
2013-06-21 17:48 ` Carlos Maiolino
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130619132921.GA5200@andromeda.usersys.redhat.com \
--to=cmaiolino@redhat.com \
--cc=david@fromorbit.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.