Skip site navigation (1)Skip section navigation (2)
Date:      Mon, 17 Oct 2005 09:25:43 +0200
From:      Heinrich Rebehn <rebehn@ant.uni-bremen.de>
To:        Robert Watson <rwatson@FreeBSD.org>
Cc:        freebsd-fs@freebsd.org
Subject:   Re: Problem with default ACLs and mask
Message-ID:  <435351F7.10101@ant.uni-bremen.de>
In-Reply-To: <20051014203021.L66014@fledge.watson.org>
References:  <434F4FF8.9050903@ant.uni-bremen.de> <20051014064145.GA40856@admin.sibptus.tomsk.ru> <434F9DAE.6070607@ant.uni-bremen.de> <20051014134820.GA43849@admin.sibptus.tomsk.ru> <20051014203021.L66014@fledge.watson.org>

next in thread | previous in thread | raw e-mail | index | archive | help
Robert Watson wrote:
> 
> On Fri, 14 Oct 2005, Victor Sudakov wrote:
> 
>> Heinrich Rebehn wrote:
>>
>>>
>>> As you can see, it works for the dirs created by hand, but not for
>>> the dir created by tar.
>>
>>
>> I think tar does a chmod on extracted files because it stores and
>> extracts permission information. I really see no way of working around
>> this.
>>
>> However, I think those people who designed POSIX ACLs might have had a
>> solution for this problem, it is too common.
> 
> 
> Our tar speaks ACLs, but I'm not sure what model it uses to decide what
> to do with the default ACL of the directory where the tar is extracted. 
> It could well be that tar specifically restores ACLs, overriding the
> default ACL where the files are untar'd.
> 
> Robert N M Watson

It happens even when the tar is extracted on a Linux system via NFS, so
i do not think that tar restores ACL's here.
However it does restore file permissions looking into the archive shows:

-bash-2.05b$ tar tzvf \
/export/linux/root/debian/usr/local/src/TARS/STonX-0.6.5.tar.gz |more
drwx--x--x  0 root   root        0 Feb  9  1996 STonX-0.6.5/
...

So there is in fact no write permission for group.
Doing this by hand:

-bash-2.05b$ umask 0
-bash-2.05b$ mkdir D3
-bash-2.05b$ ls -lod D3
drwxrwx---+ 2 a1  ntlab  - 512 Oct 17 09:22 D3
-bash-2.05b$ getfacl D3
#file:D3
#owner:624
#group:1022
user::rwx
group::---
group:wiss:rwx
mask::rwx
other::---
-bash-2.05b$ chmod g-w D3
-bash-2.05b$ ls -lod D3
drwxr-x---+ 2 a1  ntlab  - 512 Oct 17 09:22 D3
-bash-2.05b$ getfacl D3
#file:D3
#owner:624
#group:1022
user::rwx
group::---
group:wiss:rwx          # effective: r-x
mask::r-x
other::---

Why is the write bit of the mask reset when removing write perms for
group? Is this really intended? This does not make sense to me, because
both permissions pertain to different groups.

--Heinrich




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?435351F7.10101>