Public bug reported: There is a bug in the uutils/coreutils implementation of `mkdir` currently shipping in Ubuntu 26.04. When `mkdir` is executed inside a directory that has a default POSIX ACL applied, it miscalculates the mask and fires a fallback `chmod` syscall that forcefully applies the SetGID and Sticky bits to the new directory.
Environment: OS: Ubuntu 26.04 (Resolute) Package: rust-coreutils (via /bin/mkdir symlink) Filesystem: ext4 Steps to Reproduce: 1. Create a parent directory: `mkdir parent` 2. Apply a default ACL: `setfacl -m d:u:$USER:rwx parent` 3. Create a child directory: `/bin/mkdir parent/child` 4. Check permissions: `ls -ld parent/child` Expected Behavior: The child directory should inherit standard permissions and the ACL mask (e.g., `drwxrwxr-x+`). Actual Behavior: The child directory is created with forced SetGID and Sticky bits (e.g., `drwxrwsr-t+`). Evidence (Audit Log): Using `auditd` to watch the directory creation, the audit log reveals that the `mkdir` binary successfully creates the folder, but immediately executes a flawed `chmod` (syscall 90) using the corrupted hex argument `a1=3f7fd` (which translates to octal 03775). type=SYSCALL msg=audit(...): arch=c000003e syscall=90 success=yes exit=0 a0=7ffe4b7d6188 a1=3f7fd a2=20 a3=0 items=1 ppid=... pid=... auid=1000 uid=0 gid=0 euid=0 suid=0 fsuid=0 egid=0 sgid=0 fsgid=0 tty=pts5 ses=400 comm="mkdir" exe="/usr/lib/cargo/bin/coreutils/mkdir" subj=unconfined key="catch_ghost" Root Cause & Upstream Fix: This is a known bug in upstream `uutils/coreutils` where it misinterprets default ACLs in `ext4`. Upstream Bug: https://github.com/uutils/coreutils/issues/11036 Upstream Fix: It has been patched upstream in commit `6b044bb0d5e6`. Please consider backporting this patch to the 26.04 LTS package, as this bug severely disrupts containerized workloads (like rootless Docker) and shared media directories that rely on ACLs and standard POSIX inheritance. ProblemType: Bug DistroRelease: Ubuntu 26.04 Package: rust-coreutils 0.8.0-0ubuntu3 ProcVersionSignature: Ubuntu 7.0.0-22.22-generic 7.0.0 Uname: Linux 7.0.0-22-generic x86_64 ApportVersion: 2.34.0-0ubuntu2 Architecture: amd64 CasperMD5CheckResult: pass Date: Tue Jun 16 10:46:21 2026 InstallationDate: Installed on 2026-05-07 (41 days ago) InstallationMedia: Ubuntu-Server 26.04 "Resolute Raccoon" - Release amd64 (20260420.1) ProcEnviron: LANG=en_US.UTF-8 PATH=(custom, no user) SHELL=/bin/bash TERM=xterm-256color XDG_RUNTIME_DIR=<set> SourcePackage: rust-coreutils UpgradeStatus: No upgrade log present (probably fresh install) ** Affects: rust-coreutils (Ubuntu) Importance: Undecided Status: New ** Tags: amd64 apport-bug resolute -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/2156902 Title: rust-coreutils: mkdir applies setgid/sticky bits (03775) with default ACLs To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/rust-coreutils/+bug/2156902/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
