Date: Mon, 14 Jan 2002 17:27:15 +0100 (CET) From: Hartmut Brandt <brandt@fokus.gmd.de> To: FreeBSD-gnats-submit@freebsd.org Cc: schilling@fokus.gmd.de Subject: docs/33877: Documentet behaviour of SF_flags for non-SU is wrong Message-ID: <200201141627.g0EGRFO21809@fokus.gmd.de>
next in thread | raw e-mail | index | archive | help
>Number: 33877 >Category: docs >Synopsis: Documentet behaviour of SF_flags for non-SU is wrong >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Mon Jan 14 08:30:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Hartmut Brandt >Release: FreeBSD 5.0-CURRENT i386 >Organization: FhG Fokus >Environment: System: FreeBSD beagle.fokus.gmd.de 5.0-CURRENT FreeBSD 5.0-CURRENT #7: Fri Jan 11 13:15:44 CET 2002 hbb@beagle.fokus.gmd.de:/opt/obj/usr/src/sys/BEAGLE i386 >Description: The man 2 chflags man page is wrong in its description how the flags are handled in some cases: 1. The non-superuser is not allowed to change any flag if one of SF_IMMUTABLE, SF_APPEND, SF_NOUNLINK are set. While the first is abvious the other two cases are not and should be documentet. 2. The non-superuser is not allowed to SET any SF_* flag. Doing so results in EPERM returned (this is contrary to the man page). 3. Clearing a SF_* flag by the superuser is silently ignored. 4. The superuser cannot change any flag if one of SF_IMMUTABLE, SF_APPEND, SF_NOUNLINK is set if securelevel is greater than 0. See comment 1. 5. The SF_SNAPSHOT flag is not documentet. 6. The SF_SNAPSHOT flag cannot be set or cleared by any user. >How-To-Repeat: Construct one of the above cases and try chflags and ls -lo. For 1. the sequence would be (as joe:user): # sudo touch /var/tmp/foo # sudo chown joe:user /var/tmp/foo # chflags schg /var/tmp/foo chflags: /var/tmp/foo: Operation not permitted # sudo chflags schg /var/tmp/foo # chflags noschg /var/tmp/foo chflags: /var/tmp/foo: Operation not permitted For cases 2 and 3: # sudo touch /var/tmp/foo # sudo chown joe:user /var/tmp/foo # chflags arch /var/tmp/foo chflags: /var/tmp/foo: Operation not permitted # sudo chflags arch /var/tmp/foo # chflags noarch /var/tmp/foo # ls -lo /var/tmp/foo -rw-r--r-- 1 joe user arch 0 Jan 14 16:01 /var/tmp/foo >Fix: Index: chflags.2 =================================================================== RCS file: /usr/ncvs/src/lib/libc/sys/chflags.2,v retrieving revision 1.19 diff -c -r1.19 chflags.2 *** chflags.2 1 Oct 2001 16:09:01 -0000 1.19 --- chflags.2 14 Jan 2002 16:25:21 -0000 *************** *** 80,87 **** --- 80,100 ---- The file may only be appended to. .It SF_NOUNLINK The file may not be renamed or deleted. + .It SF_SNAPSHOT + The file is a snapshot file. .El .Pp + If one of + .Dq SF_IMMUTABLE , + .Dq SF_APPEND , + or + .Dq SF_NOUNLINK + is set a non-super-user cannot change any flags and even the super-user + can change flags only if securelevel is greater than 0. + (See + .Xr init 8 + for details.) + .Pp The .Dq UF_IMMUTABLE , .Dq UF_APPEND , *************** *** 98,110 **** and .Dq SF_ARCHIVED flags may only be set or unset by the super-user. ! Attempts by the non-super-user to set the super-user only flags ! are silently ignored. ! These flags may be set at any time, but normally may only be unset when ! the system is in single-user mode. ! (See ! .Xr init 8 ! for details.) .Sh RETURN VALUES .Rv -std .Sh ERRORS --- 111,121 ---- and .Dq SF_ARCHIVED flags may only be set or unset by the super-user. ! Attempts to set these flags by non-super-users are rejected, attempts to ! clear flags, that are already set, by non-super-users are silently ignored. ! The ! .Dq SF_SNAPSHOT ! flag is maintained by the system and cannot be changed by any user. .Sh RETURN VALUES .Rv -std .Sh ERRORS *************** *** 125,130 **** --- 136,148 ---- .It Bq Er EPERM The effective user ID does not match the owner of the file and the effective user ID is not the super-user. + One of + .Dq SF_IMMUTABLE , + .Dq SF_APPEND , + or + .Dq SF_NOUNLINK + is set and the user is either not the super-user or securelevel is greater + than 0. A non-super-user tries to set one of the system flags. .It Bq Er EROFS The named file resides on a read-only file system. .It Bq Er EFAULT *************** *** 149,154 **** --- 167,179 ---- .It Bq Er EPERM The effective user ID does not match the owner of the file and the effective user ID is not the super-user. + One of + .Dq SF_IMMUTABLE , + .Dq SF_APPEND , + or + .Dq SF_NOUNLINK + is set and the user is either not the super-user or securelevel is greater + than 0. A non-super-user tries to set one of the system flags. .It Bq Er EROFS The file resides on a read-only file system. .It Bq Er EIO >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200201141627.g0EGRFO21809>