Dan:
> Gid inherits top level directory GID?
Wietse:
> Turn off the SETGID bit in the PARENT directory.
Dan:
> There is no setgid bit set.
Apparently, FreeBSD copies the GID of a new directory from its
parent, even when the parent does not have sticky/setwhatever
bits set.
bristle# mkdir /var/spool/wietse
bristle# chown wietse /var/spool/wietse
bristle# ls -la /var/spool/wietse
total 4
drwxr-xr-x 2 wietse wheel 512 Dec 1 09:02 .
drwxr-xr-x 12 root wheel 512 Dec 1 09:02 ..
bristle# su wietse -c 'mkdir /var/spool/wietse/test1'
bristle# ls -la /var/spool/wietse
total 6
drwxr-xr-x 3 wietse wheel 512 Dec 1 09:03 .
drwxr-xr-x 12 root wheel 512 Dec 1 09:02 ..
drwxr-xr-x 2 wietse wheel 512 Dec 1 09:03 test1
The test1 directory has group wietse, even though my process
has GID 'wietse'.
Now, I change the parent directory group to 'wietse'
and create a new directory:
bristle# chgrp wietse /var/spool/wietse
bristle# su wietse -c 'mkdir /var/spool/wietse/test2'
bristle# ls -la /var/spool/wietse
total 8
drwxr-xr-x 4 wietse wietse 512 Dec 1 09:03 .
drwxr-xr-x 12 root wheel 512 Dec 1 09:02 ..
drwxr-xr-x 2 wietse wheel 512 Dec 1 09:03 test1
drwxr-xr-x 2 wietse wietse 512 Dec 1 09:03 test2
And test2 has the group of 'wietse'.
bristle# su wietse -c 'chgrp wietse /var/spool/wietse/test1'
bristle# ls -la /var/spool/wietse
total 8
drwxr-xr-x 4 wietse wietse 512 Dec 1 09:03 .
drwxr-xr-x 12 root wheel 512 Dec 1 09:02 ..
drwxr-xr-x 2 wietse wietse 512 Dec 1 09:03 test1
drwxr-xr-x 2 wietse wietse 512 Dec 1 09:03 test2
To force the group, change the group after mkdir. This
does not require switching euid to root.
Wietse
In src/util/make_dirs.c:
if ((ret = mkdir(saved_path, perms)) < 0) {
if (errno != EEXIST)
break;
/* Race condition? */
if ((ret = stat(saved_path, &st)) < 0)
break;
if (!S_ISDIR(st.st_mode)) {
errno = ENOTDIR;
ret = -1;
break;
}
}
===> if ((ret = chown(saved_path, -1, getegid())) < 0)
===> break;
Wietse
