Public bug reported: I got locked out of my server via SSH, simply by extracting a tar file. No matter how crazy it sounds, it is reproducible.
1. login as root 2. wget https://github.com/aristocratos/btop/releases/download/v1.0.9/btop-1.0.9-linux-x86_64.tbz` 3. tar -xjvf btop-1.0.9-linux-x86_64.tbz` At this point the /root folder has ownership of user:user (1000:1000) and the root is locked out from SSH login. I had to fix the server via KVM. auth.log contained the following: "Authentication refused: bad ownership or modes for directory /root" This seems to be a bug in tar, as the above behaviour doesn't happen when logged in under any non-root user. With non-root users the directory does not change ownership. With root user, no matter where I extract the tar file, the directory changes ownership. --- lsb_release -rd Description: Ubuntu 18.04.6 LTS Release: 18.04 apt-cache policy tar tar: Installed: 1.29b-2ubuntu0.2 Candidate: 1.29b-2ubuntu0.2 ** Affects: tar (Ubuntu) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to tar in Ubuntu. https://bugs.launchpad.net/bugs/1945202 Title: Tar changes folder ownership when run under root Status in tar package in Ubuntu: New Bug description: I got locked out of my server via SSH, simply by extracting a tar file. No matter how crazy it sounds, it is reproducible. 1. login as root 2. wget https://github.com/aristocratos/btop/releases/download/v1.0.9/btop-1.0.9-linux-x86_64.tbz` 3. tar -xjvf btop-1.0.9-linux-x86_64.tbz` At this point the /root folder has ownership of user:user (1000:1000) and the root is locked out from SSH login. I had to fix the server via KVM. auth.log contained the following: "Authentication refused: bad ownership or modes for directory /root" This seems to be a bug in tar, as the above behaviour doesn't happen when logged in under any non-root user. With non-root users the directory does not change ownership. With root user, no matter where I extract the tar file, the directory changes ownership. --- lsb_release -rd Description: Ubuntu 18.04.6 LTS Release: 18.04 apt-cache policy tar tar: Installed: 1.29b-2ubuntu0.2 Candidate: 1.29b-2ubuntu0.2 To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/tar/+bug/1945202/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
