GNU bug report logs - #14371
Argument --parents ignores default ACLs

Previous Next

Package: coreutils;

Reported by: Killer Bassist <killer.bassist <at> gmail.com>

Date: Wed, 8 May 2013 18:20:03 UTC

Severity: normal

Done: Paul Eggert <eggert <at> cs.ucla.edu>

Bug is archived. No further changes may be made.

To add a comment to this bug, you must first unarchive it, by sending
a message to control AT debbugs.gnu.org, with unarchive 14371 in the body.
You can then email your comments to 14371 AT debbugs.gnu.org in the normal way.

Toggle the display of automated, internal messages from the tracker.

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to bug-coreutils <at> gnu.org:
bug#14371; Package coreutils. (Wed, 08 May 2013 18:20:03 GMT) Full text and rfc822 format available.

Acknowledgement sent to Killer Bassist <killer.bassist <at> gmail.com>:
New bug report received and forwarded. Copy sent to bug-coreutils <at> gnu.org. (Wed, 08 May 2013 18:20:03 GMT) Full text and rfc822 format available.

Message #5 received at submit <at> debbugs.gnu.org (full text, mbox):

From: Killer Bassist <killer.bassist <at> gmail.com>
To: bug-coreutils <at> gnu.org
Subject: Argument --parents ignores default ACLs
Date: Wed, 8 May 2013 10:41:29 -0700
[Message part 1 (text/plain, inline)]
Hello there,
Stumbled on to this when I discovered permissions issues on directories
created from a script.  The -p option ignores default ACLs set on the
parent directory.

Note that the mkdir -p command does not seem to give the g+w attribute to
new directories. Even the bar directory is missing it.

[root <at> server mirror_crop]# mkdir -p foo/bar
[root <at> server mirror_crop]# mkdir foobar

[root <at> server mirror_crop]# ll -d foobar
drwxrws---+ 2 root apache 4096 May  8 09:37 foobar
[root <at> server mirror_crop]# ll -d foo
drwxr-s---+ 3 root apache 4096 May  8 09:36 foo

[root <at> server mirror_crop]# getfacl foo
# file: foo
# owner: root
# group: apache
# flags: -s-
user::rwx
group::r-x
other::---
default:user::rwx
default:group::rwx
default:other::---

[root <at> server mirror_crop]# getfacl foobar
# file: foobar
# owner: root
# group: apache
# flags: -s-
user::rwx
group::rwx
other::---
default:user::rwx
default:group::rwx
default:other::---

And to show the default...
[root <at> server virtualmirror]# getfacl mirror_crop/
# file: mirror_crop/
# owner: root
# group: apache
# flags: -s-
user::rwx
group::rwx
other::---
default:user::rwx
default:group::rwx
default:other::---

It appears that -p is actually using the umask where without -p it uses the
defaults =)



-- 
Thank you for your time,
Dylan

-With all due respect, please do not enter this email address into any mass
CC mailings, web forms, eCards, friends networks (facebook/myspace), joke
pages or the like.
[Message part 2 (text/html, inline)]

Reply sent to Bernhard Voelker <mail <at> bernhard-voelker.de>:
You have taken responsibility. (Thu, 09 May 2013 19:38:02 GMT) Full text and rfc822 format available.

Notification sent to Killer Bassist <killer.bassist <at> gmail.com>:
bug acknowledged by developer. (Thu, 09 May 2013 19:38:02 GMT) Full text and rfc822 format available.

Message #10 received at 14371-done <at> debbugs.gnu.org (full text, mbox):

From: Bernhard Voelker <mail <at> bernhard-voelker.de>
To: Killer Bassist <killer.bassist <at> gmail.com>
Cc: 14371-done <at> debbugs.gnu.org
Subject: Re: bug#14371: Argument --parents ignores default ACLs
Date: Thu, 09 May 2013 21:36:53 +0200
tag 14371 notabug
thanks

On 05/08/2013 07:41 PM, Killer Bassist wrote:
> It appears that -p is actually using the umask where without -p it uses the
> defaults =)

Thanks for the bug report.  However we've seen a very similar one
just a few days ago (http://bugs.gnu.org/14249).

This is the behavior required by POSIX:

http://pubs.opengroup.org/onlinepubs/9699919799/utilities/mkdir.html

You can read more in the above mentioned bug report.  Meanwhile,
I'm closing this bug, but you're free to continue discussion if
you have further questions.

Have a nice day,
Berny




Did not alter fixed versions and reopened. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Thu, 09 May 2013 19:45:02 GMT) Full text and rfc822 format available.

Information forwarded to bug-coreutils <at> gnu.org:
bug#14371; Package coreutils. (Thu, 09 May 2013 19:57:02 GMT) Full text and rfc822 format available.

Message #15 received at 14371 <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: 14371 <at> debbugs.gnu.org, mail <at> bernhard-voelker.de, killer.bassist <at> gmail.com
Subject: Re: bug#14371: Argument --parents ignores default ACLs
Date: Thu, 09 May 2013 12:56:18 -0700
On 05/09/13 12:36, Bernhard Voelker wrote:
> we've seen a very similar one
> just a few days ago (http://bugs.gnu.org/14249).

That was a similar bug report, but it's not the same thing.
I think this one is a new one.  The problem here is that
the operating system ignores the umask when creating files
in a directory that has a default mask, whereas coreutils
is assuming that the umask is respected.

For now I'm reopening the bug.




Reply sent to Paul Eggert <eggert <at> cs.ucla.edu>:
You have taken responsibility. (Sun, 12 May 2013 02:27:04 GMT) Full text and rfc822 format available.

Notification sent to Killer Bassist <killer.bassist <at> gmail.com>:
bug acknowledged by developer. (Sun, 12 May 2013 02:27:05 GMT) Full text and rfc822 format available.

Message #20 received at 14371-done <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Killer Bassist <killer.bassist <at> gmail.com>
Cc: 14371-done <at> debbugs.gnu.org
Subject: Re: bug#14371: Argument --parents ignores default ACLs
Date: Sat, 11 May 2013 19:25:53 -0700
Thanks for reporting the bug.

I installed the following patches into the coreutils master branch
and am marking this as done.

From 10287448997642ea04d27372f9283e477a070a70 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert <at> cs.ucla.edu>
Date: Sat, 11 May 2013 18:29:47 -0700
Subject: [PATCH 1/3] build: update gnulib submodule to latest

---
 gl/lib/regex_internal.h.diff | 6 +++---
 gl/modules/tempname.diff     | 7 ++++---
 gnulib                       | 2 +-
 3 files changed, 8 insertions(+), 7 deletions(-)

diff --git a/gl/lib/regex_internal.h.diff b/gl/lib/regex_internal.h.diff
index fe0f2b7..f410882 100644
--- a/gl/lib/regex_internal.h.diff
+++ b/gl/lib/regex_internal.h.diff
@@ -1,11 +1,11 @@
 diff --git a/lib/regex_internal.h b/lib/regex_internal.h
-index 2b9f697..7f4e349 100644
+index 439444c..7242084 100644
 --- a/lib/regex_internal.h
 +++ b/lib/regex_internal.h
-@@ -823,7 +823,8 @@ re_string_wchar_at (const re_string_t *pstr, Idx idx)
+@@ -827,7 +827,8 @@ re_string_wchar_at (const re_string_t *pstr, Idx idx)
  # ifndef NOT_IN_libc
  static int
- internal_function __attribute ((pure))
+ internal_function __attribute__ ((pure, unused))
 -re_string_elem_size_at (const re_string_t *pstr, Idx idx)
 +re_string_elem_size_at (const re_string_t *pstr _UNUSED_PARAMETER_,
 +			Idx idx _UNUSED_PARAMETER_)
diff --git a/gl/modules/tempname.diff b/gl/modules/tempname.diff
index 3603a59..219deed 100644
--- a/gl/modules/tempname.diff
+++ b/gl/modules/tempname.diff
@@ -1,19 +1,20 @@
 diff --git a/modules/tempname b/modules/tempname
-index b4708d9..e003c41 100644
+index 7fafd72..4703517 100644
 --- a/modules/tempname
 +++ b/modules/tempname
-@@ -1,5 +1,5 @@
+@@ -1,2 +1,2 @@
  Description:
 -gen_tempname() function: create a private temporary file or directory.
 +gen_tempname, gen_tempname_len: create a private temporary file or directory.
 
  Files:
  lib/tempname.c
-@@ -11,6 +11,8 @@ extensions
+@@ -11,7 +11,9 @@ extensions
  fcntl-h
  gettimeofday
  lstat
 +randint
+ secure_getenv
 +stdbool
  stdint
  sys_stat
diff --git a/gnulib b/gnulib
index 4a82904..cda5c90 160000
--- a/gnulib
+++ b/gnulib
@@ -1 +1 @@
-Subproject commit 4a82904680e6974db7b9eed6a3ed4c6eb24ecbe4
+Subproject commit cda5c90820d55b4b1f52d6a6f5329a10668bd720
-- 
1.7.11.7

From 26927c7266c1194c77a50abc49bc9cbd3854db14 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert <at> cs.ucla.edu>
Date: Sat, 11 May 2013 19:17:10 -0700
Subject: [PATCH 2/3] mkdir: don't assume umask equals POSIX default ACL mask

This fixes Bug#14371, reported by Killer Bassist.
* NEWS: Document this.
* src/mkdir.c (struct mkdir_options): Remove member ancestor_mode.
New member umask_value.  All uses changed.
* src/mkdir.c (make_ancestor): Fix umask assumption.
* src/mkdir.c, src/mkfifo.c, src/mknod.c (main):
Leave umask alone.  This requires invoking lchmod after creating
the file, which introduces a race condition, but this can't be
avoided on hosts with "POSIX" default ACLs, and there's no easy
way with network file systems to tell what kind of host the
directory is on.
* tests/local.mk (all_tests): Add tests/mkdir/p-acl.sh.
* tests/mkdir/p-acl.sh: New file.
---
 NEWS                 |  5 +++++
 src/mkdir.c          | 25 ++++++++++++++++++-------
 src/mkfifo.c         | 11 ++++++++++-
 src/mknod.c          |  9 ++++++++-
 tests/local.mk       |  1 +
 tests/mkdir/p-acl.sh | 35 +++++++++++++++++++++++++++++++++++
 6 files changed, 77 insertions(+), 9 deletions(-)
 create mode 100755 tests/mkdir/p-acl.sh

diff --git a/NEWS b/NEWS
index ae6251d..eec93df 100644
--- a/NEWS
+++ b/NEWS
@@ -13,6 +13,11 @@ GNU coreutils NEWS                                    -*- outline -*-
   the relative link on the dereferenced path of an existing link.
   [This bug was introduced when --relative was added in coreutils-8.16.]
 
+  mkdir, mkfifo, and mknod now work better when creating a file in a directory
+  with a default ACL whose umask disagrees with the process's umask, on a
+  system such as GNU/Linux where directory ACL umasks override process umasks.
+  [bug introduced in coreutils-6.0]
+
   tail --retry -f now waits for the files specified to appear.  Before, tail
   would immediately exit when such a file is inaccessible during the initial
   open.
diff --git a/src/mkdir.c b/src/mkdir.c
index a94f96e..b36237a 100644
--- a/src/mkdir.c
+++ b/src/mkdir.c
@@ -81,8 +81,8 @@ struct mkdir_options
      made.  */
   int (*make_ancestor_function) (char const *, char const *, void *);
 
-  /* Mode for ancestor directory.  */
-  mode_t ancestor_mode;
+  /* Umask value in effect.  */
+  mode_t umask_value;
 
   /* Mode for directory itself.  */
   mode_t mode;
@@ -112,10 +112,21 @@ static int
 make_ancestor (char const *dir, char const *component, void *options)
 {
   struct mkdir_options const *o = options;
-  int r = mkdir (component, o->ancestor_mode);
+  int r;
+  mode_t user_wx = S_IWUSR | S_IXUSR;
+  bool self_denying_umask = (o->umask_value & user_wx) != 0;
+  if (self_denying_umask)
+    umask (o->umask_value & ~user_wx);
+  r = mkdir (component, S_IRWXUGO);
+  if (self_denying_umask)
+    {
+      int mkdir_errno = errno;
+      umask (o->umask_value);
+      errno = mkdir_errno;
+    }
   if (r == 0)
     {
-      r = ! (o->ancestor_mode & S_IRUSR);
+      r = (o->umask_value & S_IRUSR) != 0;
       announce_mkdir (dir, options);
     }
   return r;
@@ -191,8 +202,8 @@ main (int argc, char **argv)
   if (options.make_ancestor_function || specified_mode)
     {
       mode_t umask_value = umask (0);
-
-      options.ancestor_mode = (S_IRWXUGO & ~umask_value) | (S_IWUSR | S_IXUSR);
+      umask (umask_value);
+      options.umask_value = umask_value;
 
       if (specified_mode)
         {
@@ -205,7 +216,7 @@ main (int argc, char **argv)
           free (change);
         }
       else
-        options.mode = S_IRWXUGO & ~umask_value;
+        options.mode = S_IRWXUGO;
     }
 
   exit (savewd_process_files (argc - optind, argv + optind,
diff --git a/src/mkfifo.c b/src/mkfifo.c
index 76291e5..78ff909 100644
--- a/src/mkfifo.c
+++ b/src/mkfifo.c
@@ -116,10 +116,13 @@ main (int argc, char **argv)
   newmode = MODE_RW_UGO;
   if (specified_mode)
     {
+      mode_t umask_value;
       struct mode_change *change = mode_compile (specified_mode);
       if (!change)
         error (EXIT_FAILURE, 0, _("invalid mode"));
-      newmode = mode_adjust (newmode, false, umask (0), change, NULL);
+      umask_value = umask (0);
+      umask (umask_value);
+      newmode = mode_adjust (newmode, false, umask_value, change, NULL);
       free (change);
       if (newmode & ~S_IRWXUGO)
         error (EXIT_FAILURE, 0,
@@ -132,6 +135,12 @@ main (int argc, char **argv)
         error (0, errno, _("cannot create fifo %s"), quote (argv[optind]));
         exit_status = EXIT_FAILURE;
       }
+    else if (specified_mode && lchmod (argv[optind], newmode) != 0)
+      {
+        error (0, errno, _("cannot set permissions of `%s'"),
+               quote (argv[optind]));
+        exit_status = EXIT_FAILURE;
+      }
 
   exit (exit_status);
 }
diff --git a/src/mknod.c b/src/mknod.c
index 7cfc708..a384ad3 100644
--- a/src/mknod.c
+++ b/src/mknod.c
@@ -122,10 +122,13 @@ main (int argc, char **argv)
   newmode = MODE_RW_UGO;
   if (specified_mode)
     {
+      mode_t umask_value;
       struct mode_change *change = mode_compile (specified_mode);
       if (!change)
         error (EXIT_FAILURE, 0, _("invalid mode"));
-      newmode = mode_adjust (newmode, false, umask (0), change, NULL);
+      umask_value = umask (0);
+      umask (umask_value);
+      newmode = mode_adjust (newmode, false, umask_value, change, NULL);
       free (change);
       if (newmode & ~S_IRWXUGO)
         error (EXIT_FAILURE, 0,
@@ -226,5 +229,9 @@ main (int argc, char **argv)
       usage (EXIT_FAILURE);
     }
 
+  if (specified_mode && lchmod (argv[optind], newmode) != 0)
+    error (EXIT_FAILURE, errno, _("cannot set permissions of `%s'"),
+           quote (argv[optind]));
+
   exit (EXIT_SUCCESS);
 }
diff --git a/tests/local.mk b/tests/local.mk
index fb5cc63..5ec7d98 100644
--- a/tests/local.mk
+++ b/tests/local.mk
@@ -555,6 +555,7 @@ all_tests =					\
   tests/mkdir/p-1.sh				\
   tests/mkdir/p-2.sh				\
   tests/mkdir/p-3.sh				\
+  tests/mkdir/p-acl.sh				\
   tests/mkdir/p-slashdot.sh			\
   tests/mkdir/p-thru-slink.sh			\
   tests/mkdir/p-v.sh				\
diff --git a/tests/mkdir/p-acl.sh b/tests/mkdir/p-acl.sh
new file mode 100755
index 0000000..f1be628
--- /dev/null
+++ b/tests/mkdir/p-acl.sh
@@ -0,0 +1,35 @@
+#!/bin/sh
+# Test "mkdir -p" with default ACLs.
+
+# Copyright (C) 1997-2013 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
+print_ver_ mkdir
+
+require_setfacl_
+
+mkdir d || framework_failure_
+setfacl -d -m group::rwx d || framework_failure_
+umask 077
+
+mkdir --parents d/e || fail=1
+ls_l=$(ls -ld d/e) || fail=1
+case $ls_l in
+  d???rw[sx]*) ;;
+  *) fail=1 ;;
+esac
+
+Exit $fail
-- 
1.7.11.7

From 7a4d509292c62704c265254eb702321f7e533277 Mon Sep 17 00:00:00 2001
From: Paul Eggert <eggert <at> cs.ucla.edu>
Date: Sat, 11 May 2013 19:21:06 -0700
Subject: [PATCH 3/3] maint: add FIXME comment

---
 src/copy.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/copy.c b/src/copy.c
index 5c0ee1e..c1c8273 100644
--- a/src/copy.c
+++ b/src/copy.c
@@ -2747,8 +2747,12 @@ owner_failure_ok (struct cp_options const *x)
   return ((errno == EPERM || errno == EINVAL) && !x->owner_privileges);
 }
 
-/* Return the user's umask, caching the result.  */
+/* Return the user's umask, caching the result.
 
+   FIXME: If the destination's parent directory has has a default ACL,
+   some operating systems (e.g., GNU/Linux's "POSIX" ACLs) use that
+   ACL's mask rather than the process umask.  Currently, the callers
+   of cached_umask incorrectly assume that this situation cannot occur.  */
 extern mode_t
 cached_umask (void)
 {
-- 
1.7.11.7





Information forwarded to bug-coreutils <at> gnu.org:
bug#14371; Package coreutils. (Sun, 12 May 2013 02:44:01 GMT) Full text and rfc822 format available.

Message #23 received at 14371 <at> debbugs.gnu.org (full text, mbox):

From: Jim Meyering <jim <at> meyering.net>
To: 14371 <at> debbugs.gnu.org
Cc: eggert <at> cs.ucla.edu, killer.bassist <at> gmail.com
Subject: Re: bug#14371: Argument --parents ignores default ACLs
Date: Sun, 12 May 2013 04:43:34 +0200
Paul Eggert wrote:
> Thanks for reporting the bug.
>
> I installed the following patches into the coreutils master branch
> and am marking this as done.
>
>>From 10287448997642ea04d27372f9283e477a070a70 Mon Sep 17 00:00:00 2001
> From: Paul Eggert <eggert <at> cs.ucla.edu>
> Date: Sat, 11 May 2013 18:29:47 -0700
> Subject: [PATCH 1/3] build: update gnulib submodule to latest
>
> ---
>  gl/lib/regex_internal.h.diff | 6 +++---
>  gl/modules/tempname.diff     | 7 ++++---
>  gnulib                       | 2 +-
>  3 files changed, 8 insertions(+), 7 deletions(-)

Hi Paul,

Thanks for fixing that and for adapting to newer gnulib.
I've pushed this additional change so that "make syntax-check"
continues to pass:

From 7c0191e1456d38e7d5b64f21a06711de728cee54 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering <at> fb.com>
Date: Sat, 11 May 2013 18:28:32 +0200
Subject: [PATCH] build: avoid new syntax-check failure

* po/POTFILES.in: Reflect renaming.
---
 po/POTFILES.in | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/po/POTFILES.in b/po/POTFILES.in
index 21617cc..39de91b 100644
--- a/po/POTFILES.in
+++ b/po/POTFILES.in
@@ -18,7 +18,7 @@ lib/randread.c
 lib/regcomp.c
 lib/root-dev-ino.h
 lib/rpmatch.c
-lib/set-mode-acl.c
+lib/set-acl.c
 lib/siglist.h
 lib/spawn-pipe.c
 lib/strsignal.c
--
1.8.3.rc1.44.gb387c77




bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Sun, 09 Jun 2013 11:24:04 GMT) Full text and rfc822 format available.

bug unarchived. Request was from Paul Eggert <eggert <at> cs.ucla.edu> to control <at> debbugs.gnu.org. (Fri, 15 Jan 2021 10:58:02 GMT) Full text and rfc822 format available.

Information forwarded to bug-coreutils <at> gnu.org:
bug#14371; Package coreutils. (Fri, 15 Jan 2021 11:04:02 GMT) Full text and rfc822 format available.

Message #30 received at 14371 <at> debbugs.gnu.org (full text, mbox):

From: Paul Eggert <eggert <at> cs.ucla.edu>
To: Davin McCall <davmac <at> davmac.org>
Cc: 14371 <at> debbugs.gnu.org, 45886-done <at> debbugs.gnu.org
Subject: Re: bug#45886: mkdir -m argument does not work correctly, applies
 incorrect permissions
Date: Fri, 15 Jan 2021 03:03:03 -0800
[Message part 1 (text/plain, inline)]
Thanks for the bug report. I reproduced the problem and installed the 
attached patch to fix it.
[0001-mkdir-fix-bug-when-m-s-more-generous-than-umask.patch (text/x-patch, attachment)]

bug archived. Request was from Debbugs Internal Request <help-debbugs <at> gnu.org> to internal_control <at> debbugs.gnu.org. (Fri, 12 Feb 2021 12:24:06 GMT) Full text and rfc822 format available.

This bug report was last modified 3 years and 46 days ago.

Previous Next


GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.