Date: Thu, 15 Jul 1999 15:33:48 -0700 From: Jerry Preeper <preeper@cts.com> To: freebsd-questions@freebsd.org Subject: file permissions - setgid? Message-ID: <3.0.5.32.19990715153348.041ffdb0@crash.cts.com>
next in thread | raw e-mail | index | archive | help
I have a question about file permissions and how to allow a drive-to-drive backup program to copy everything (before I start working with my offsite backup program). I have 28 files that produce an operation not permitted error when it tries to copy them. This usually only happens after recompiling or upgrading FreeBSD. For example, mirrordir: unable to open file for writing: /mnt/bin/rcp: Operation not permitted # ls -la /bin/rcp -r-sr-xr-x 1 root bin 192512 May 11 21:52 /bin/rcp From what I have read in the FreeBSD book and searching the archives, etc... I should be able to chmod each file just before the first backup after recompiling like thus: chmod u+s /bin/rcp for each of the files substituting names then after the backup, I'm guessing I would do chmod u-s /bin/rcp for each of the files substituting names (assuming of course it is the user flag that is setgid) Does this sound right? Will it break anything on the web server if everything is running while I change this stuff? I also was looking at the man page for chflags - does this accomplish the same thing as the chmod above, ie. chflags nouchg /bin/rcp (before the backup) chflags uchg /bin/rcp (after the backup) Also, would I have to do this on both / and /mnt - /mnt is umounted until the backup program run and mounts the backup hard drive, when it's done it umounts it? I doubt I want to leave it in the backup program, since once it's done, it won't need to be changed again until the system is recompiled or upgraded. Does it pose any security risk if I did leave it in the bkup program (I'm using a perl script owned by root to run my backup that calls out mirrordir in case that matters). Jerry To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?3.0.5.32.19990715153348.041ffdb0>