From owner-freebsd-doc Mon Jan 14 8:30:56 2002 Delivered-To: freebsd-doc@freebsd.org Received: from freefall.freebsd.org (freefall.FreeBSD.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id D8FA437B422 for ; Mon, 14 Jan 2002 08:30:01 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.11.6/8.11.6) id g0EGU1w60342; Mon, 14 Jan 2002 08:30:01 -0800 (PST) (envelope-from gnats) Received: from mailhub.fokus.gmd.de (mailhub.fokus.gmd.de [193.174.154.14]) by hub.freebsd.org (Postfix) with ESMTP id C4DB737B41E for ; Mon, 14 Jan 2002 08:27:19 -0800 (PST) Received: from fokus.gmd.de (beagle [193.175.132.100]) by mailhub.fokus.gmd.de (8.11.6/8.11.6) with ESMTP id g0EGRGh03268; Mon, 14 Jan 2002 17:27:16 +0100 (MET) Received: (from root@localhost) by fokus.gmd.de (8.11.6/8.11.0) id g0EGRFO21809; Mon, 14 Jan 2002 17:27:15 +0100 (CET) (envelope-from hbb) Message-Id: <200201141627.g0EGRFO21809@fokus.gmd.de> Date: Mon, 14 Jan 2002 17:27:15 +0100 (CET) From: Hartmut Brandt Reply-To: Hartmut Brandt To: FreeBSD-gnats-submit@freebsd.org Cc: schilling@fokus.gmd.de X-Send-Pr-Version: 3.113 Subject: docs/33877: Documentet behaviour of SF_flags for non-SU is wrong Sender: owner-freebsd-doc@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org >Number: 33877 >Category: docs >Synopsis: Documentet behaviour of SF_flags for non-SU is wrong >Confidential: no >Severity: non-critical >Priority: medium >Responsible: freebsd-doc >State: open >Quarter: >Keywords: >Date-Required: >Class: doc-bug >Submitter-Id: current-users >Arrival-Date: Mon Jan 14 08:30:01 PST 2002 >Closed-Date: >Last-Modified: >Originator: Hartmut Brandt >Release: FreeBSD 5.0-CURRENT i386 >Organization: FhG Fokus >Environment: System: FreeBSD beagle.fokus.gmd.de 5.0-CURRENT FreeBSD 5.0-CURRENT #7: Fri Jan 11 13:15:44 CET 2002 hbb@beagle.fokus.gmd.de:/opt/obj/usr/src/sys/BEAGLE i386 >Description: The man 2 chflags man page is wrong in its description how the flags are handled in some cases: 1. The non-superuser is not allowed to change any flag if one of SF_IMMUTABLE, SF_APPEND, SF_NOUNLINK are set. While the first is abvious the other two cases are not and should be documentet. 2. The non-superuser is not allowed to SET any SF_* flag. Doing so results in EPERM returned (this is contrary to the man page). 3. Clearing a SF_* flag by the superuser is silently ignored. 4. The superuser cannot change any flag if one of SF_IMMUTABLE, SF_APPEND, SF_NOUNLINK is set if securelevel is greater than 0. See comment 1. 5. The SF_SNAPSHOT flag is not documentet. 6. The SF_SNAPSHOT flag cannot be set or cleared by any user. >How-To-Repeat: Construct one of the above cases and try chflags and ls -lo. For 1. the sequence would be (as joe:user): # sudo touch /var/tmp/foo # sudo chown joe:user /var/tmp/foo # chflags schg /var/tmp/foo chflags: /var/tmp/foo: Operation not permitted # sudo chflags schg /var/tmp/foo # chflags noschg /var/tmp/foo chflags: /var/tmp/foo: Operation not permitted For cases 2 and 3: # sudo touch /var/tmp/foo # sudo chown joe:user /var/tmp/foo # chflags arch /var/tmp/foo chflags: /var/tmp/foo: Operation not permitted # sudo chflags arch /var/tmp/foo # chflags noarch /var/tmp/foo # ls -lo /var/tmp/foo -rw-r--r-- 1 joe user arch 0 Jan 14 16:01 /var/tmp/foo >Fix: Index: chflags.2 =================================================================== RCS file: /usr/ncvs/src/lib/libc/sys/chflags.2,v retrieving revision 1.19 diff -c -r1.19 chflags.2 *** chflags.2 1 Oct 2001 16:09:01 -0000 1.19 --- chflags.2 14 Jan 2002 16:25:21 -0000 *************** *** 80,87 **** --- 80,100 ---- The file may only be appended to. .It SF_NOUNLINK The file may not be renamed or deleted. + .It SF_SNAPSHOT + The file is a snapshot file. .El .Pp + If one of + .Dq SF_IMMUTABLE , + .Dq SF_APPEND , + or + .Dq SF_NOUNLINK + is set a non-super-user cannot change any flags and even the super-user + can change flags only if securelevel is greater than 0. + (See + .Xr init 8 + for details.) + .Pp The .Dq UF_IMMUTABLE , .Dq UF_APPEND , *************** *** 98,110 **** and .Dq SF_ARCHIVED flags may only be set or unset by the super-user. ! Attempts by the non-super-user to set the super-user only flags ! are silently ignored. ! These flags may be set at any time, but normally may only be unset when ! the system is in single-user mode. ! (See ! .Xr init 8 ! for details.) .Sh RETURN VALUES .Rv -std .Sh ERRORS --- 111,121 ---- and .Dq SF_ARCHIVED flags may only be set or unset by the super-user. ! Attempts to set these flags by non-super-users are rejected, attempts to ! clear flags, that are already set, by non-super-users are silently ignored. ! The ! .Dq SF_SNAPSHOT ! flag is maintained by the system and cannot be changed by any user. .Sh RETURN VALUES .Rv -std .Sh ERRORS *************** *** 125,130 **** --- 136,148 ---- .It Bq Er EPERM The effective user ID does not match the owner of the file and the effective user ID is not the super-user. + One of + .Dq SF_IMMUTABLE , + .Dq SF_APPEND , + or + .Dq SF_NOUNLINK + is set and the user is either not the super-user or securelevel is greater + than 0. A non-super-user tries to set one of the system flags. .It Bq Er EROFS The named file resides on a read-only file system. .It Bq Er EFAULT *************** *** 149,154 **** --- 167,179 ---- .It Bq Er EPERM The effective user ID does not match the owner of the file and the effective user ID is not the super-user. + One of + .Dq SF_IMMUTABLE , + .Dq SF_APPEND , + or + .Dq SF_NOUNLINK + is set and the user is either not the super-user or securelevel is greater + than 0. A non-super-user tries to set one of the system flags. .It Bq Er EROFS The file resides on a read-only file system. .It Bq Er EIO >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-doc" in the body of the message