Jim Meyering <[EMAIL PROTECTED]> writes: >> If we remove this feature, I'd like to change things to be 100% >> consistent with Solaris, and to preserve the setgid bit even if the >> user says "chmod 0755 DIR". > > I think that is the right approach.
I started to implement this, but oops! I now see that I mischaracterized the behavior of Solaris chmod and octal modes. Here's the problem. If DIR is a directory, Solaris 10 "chmod NNNN DIR" ignores the setgid bit in NNNN entirely. For example, "chmod 2755 DIR" ignores the "2", just as "chmod 0755 DIR" ignores the "0": 1037-moa $ ls -ld d drwxr-xr-x 2 eggert faculty 512 Jul 26 22:17 d 1038-moa $ chmod 2755 d 1039-moa $ ls -ld d drwxr-xr-x 2 eggert faculty 512 Jul 26 22:17 d 1040-moa $ chmod g+s d 1041-moa $ ls -ld d drwxr-sr-x 2 eggert faculty 512 Jul 26 22:17 d 1042-moa $ chmod 0755 d 1043-moa $ ls -ld d drwxr-sr-x 2 eggert faculty 512 Jul 26 22:17 d To me, this behavior violates the principle of least surprise at least as much as the CVS coreutils behavior does, since I was surprised that "chmod 2755 DIR" silently ignores the "2" on Solaris. Here's a possible workaround. I could change coreutils to ignore leading zeros on octal modes (this satisfies Jim's criterion that "chmod 0755 DIR" act like "chmod 755 DIR"). I could also change the underlying code so that requests to clear the setgid bit on a directory via an octal mode are ignored, but requsts to set the bit are obeyed. Under this possible workaround, "chmod 755 DIR" and "chmod 0755 DIR" would both preserve the setgid bit, but "chmod 2755 DIR" would set it. The only way to clear it would be via a symbolic mode, e.g., "chmod g-s DIR". This is biased towards keeping the setgid set. It is not 100% compatible with Solaris, because the behavior differs for "chmod 2755 DIR". A downside of this possible workaround is complexity. It would be a bit simpler to go back to the previous rule that "chmod 755 DIR" clears DIR's setgid bit. That is biased towards clearing the setgid bit though, which I find less convenient in practice. So we have the following possibilities: 1) CVS coreutils. chmod preserves setgid on directories unless you use 4 or more octal digits, or a symbolic mode that mentions setgid. 2) The possible workaround in this email. chmod preserves setgid on directories unless you use an octal mode that sets setgid, or a symbolic mode that mentions setgid. 3) Solaris. chmod preserves setgid on directories unless you use a symbolic mode that mentions setgid. 4) Previous CVS coreutils (before July 16). chmod preserves setgid on directories only if you use a symbolic mode like 'u+r' where POSIX requires that setgid be preserved. Symbolic modes like 'a=rwx' clear setgid even if they don't mention setgid. After thinking about the above issues I slightly prefer (1) to (2), and prefer (2) to (3). I dislike (4) because it is too biased against setgid bits: in practice this makes it harder to share directories among users who wish to cooperate. Perhaps you can think of more possibilities, but it's late and I'm tired. Anyway, just let me know and I can implement any of them (though I hope you don't pick (4) :-). _______________________________________________ Bug-coreutils mailing list [email protected] http://lists.gnu.org/mailman/listinfo/bug-coreutils
