Package: coreutils Version: 8.30-3 Severity: normal Tags: upstream GNU chmod/chgrp/chown have an issue that causes the ctime to change on every file, even when no change to the mode/ownership was made. This is a problem for backup and file-integrity checking software that uses the ctime (since it cannot be trivially reset to hide a file change, unlike mtime) to detect if changes might have been made to a file.
> stat test File: test Size: 0 Blocks: 0 IO Block: 4096 regular empty file Device: fd05h/64773d Inode: 10424846 Links: 1 Access: (0640/-rw-r-----) Uid: ( 1000/ user) Gid: ( 1000/ user) Access: 2020-08-01 02:06:51.555950597 -0500 Modify: 2020-08-01 02:06:51.555950597 -0500 Change: 2020-08-01 02:32:00.176824460 -0500 Birth: - > chmod -c g+r test > stat test File: test Size: 0 Blocks: 0 IO Block: 4096 regular empty file Device: fd05h/64773d Inode: 10424846 Links: 1 Access: (0640/-rw-r-----) Uid: ( 1000/ user) Gid: ( 1000/ user) Access: 2020-08-01 02:06:51.555950597 -0500 Modify: 2020-08-01 02:06:51.555950597 -0500 Change: 2020-08-01 02:34:09.273579189 -0500 Birth: - You can see that the -c option did not report that the file was changed, since the g+r bit was already set, however the ctime still did change. Similar results occur when using chown and chgrp. chmod/chown/chgrp are very commonly used with -R to ensure that an entire directory tree has ownership and permissions set correctly, but with this bug also causes every file in that tree to now be considered "changed" even when most or all may not actually have been. If these utilities were just blindly setting the mode/owner of files, then this behavior might be able to be justified. But since these utilities already have a -c flag, and actually do the necessary work/stat beforehand to see if a change is needed, I can't see any reason why it should still be causing a ctime change on files that do not require any changes. -- System Information: Debian Release: 10.4 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 4.19.0-9-amd64 (SMP w/4 CPU cores) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE= (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages coreutils depends on: ii libacl1 2.2.53-4 ii libattr1 1:2.4.48-4 ii libc6 2.28-10 ii libselinux1 2.8-1+b1 coreutils recommends no packages. coreutils suggests no packages. -- no debconf information
