From owner-freebsd-fs@freebsd.org Fri Apr 6 14:07:58 2018 Return-Path: Delivered-To: freebsd-fs@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id D8D14F88826 for ; Fri, 6 Apr 2018 14:07:57 +0000 (UTC) (envelope-from agapon@gmail.com) Received: from mail-lf0-f41.google.com (mail-lf0-f41.google.com [209.85.215.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 30C5F7D543 for ; Fri, 6 Apr 2018 14:07:56 +0000 (UTC) (envelope-from agapon@gmail.com) Received: by mail-lf0-f41.google.com with SMTP id m200-v6so738574lfm.4 for ; Fri, 06 Apr 2018 07:07:56 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:cc:references:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=3CKWnpEv/2LnTCdohJv2wqf6boU3+uRLwXQA971cDgQ=; b=IRBvJh+dOUduJ2UR7ta1XMSZXph60DvU5V16NGaZ+ZeYr9xBMEjBMtpIZydtX9SmiR 9phIWJTjXBhAjU0lDZWhqzeP8Vs81oxrKHQgfaKXUuKsnJoyhKDMXg5sAhAu/jF7uW2W gY1DD6l7NPb7cA1Js+V0cMUbyw9voW2YQHeoQJQMq8DbrsDWwFQz2MbObncB1DkW+POW VGRqNLB1047c012OYJsbexq/lyVmq7wSLj4DtgRV7zPatxcqZhYByJb3wxivWKIUcEhg 6Uc+fNNp5+hOcM4skezgSH3jFy29/CEs5+BTCi4Ei+rTbKAQspM/dDDXZjs+LT+nLRuy tQsQ== X-Gm-Message-State: AElRT7FyyRGMkhwteGB2vncYT+gZR5TfVSVHcTQ2OmLvJ6JQZoHKtBtK CJLCJZtLaRFNx9Cb+i2DQnR71CXC X-Google-Smtp-Source: AIpwx4+iIARMTHliuahqBwgWGwg5zJVAVb+hOMpU2gOXcu+Vt2OKHnUyaEZ4eE6nLjPH0Gu3l8jyZQ== X-Received: by 10.46.156.132 with SMTP id x4mr16632303lji.19.1523023291132; Fri, 06 Apr 2018 07:01:31 -0700 (PDT) Received: from [192.168.0.88] (east.meadow.volia.net. [93.72.151.96]) by smtp.googlemail.com with ESMTPSA id x17sm1765566ljx.80.2018.04.06.07.01.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 06 Apr 2018 07:01:28 -0700 (PDT) Subject: Re: Does setuid=on work on ZFS datasets, or is the man page for zfs misleading? To: Stilez Stilezy Cc: freebsd-fs References: <7eba73db-3097-5c8a-eb2c-e3880fb5b501@FreeBSD.org> From: Andriy Gapon Openpgp: preference=signencrypt Autocrypt: addr=avg@FreeBSD.org; prefer-encrypt=mutual; keydata= xsFNBFm4LIgBEADNB/3lT7f15UKeQ52xCFQx/GqHkSxEdVyLFZTmY3KyNPQGBtyvVyBfprJ7 mAeXZWfhat6cKNRAGZcL5EmewdQuUfQfBdYmKjbw3a9GFDsDNuhDA2QwFt8BmkiVMRYyvI7l N0eVzszWCUgdc3qqM6qqcgBaqsVmJluwpvwp4ZBXmch5BgDDDb1MPO8AZ2QZfIQmplkj8Y6Z AiNMknkmgaekIINSJX8IzRzKD5WwMsin70psE8dpL/iBsA2cpJGzWMObVTtCxeDKlBCNqM1i gTXta1ukdUT7JgLEFZk9ceYQQMJJtUwzWu1UHfZn0Fs29HTqawfWPSZVbulbrnu5q55R4PlQ /xURkWQUTyDpqUvb4JK371zhepXiXDwrrpnyyZABm3SFLkk2bHlheeKU6Yql4pcmSVym1AS4 dV8y0oHAfdlSCF6tpOPf2+K9nW1CFA8b/tw4oJBTtfZ1kxXOMdyZU5fiG7xb1qDgpQKgHUX8 7Rd2T1UVLVeuhYlXNw2F+a2ucY+cMoqz3LtpksUiBppJhw099gEXehcN2JbUZ2TueJdt1FdS ztnZmsHUXLxrRBtGwqnFL7GSd6snpGIKuuL305iaOGODbb9c7ne1JqBbkw1wh8ci6vvwGlzx rexzimRaBzJxlkjNfMx8WpCvYebGMydNoeEtkWldtjTNVsUAtQARAQABzR5BbmRyaXkgR2Fw b24gPGF2Z0BGcmVlQlNELm9yZz7CwZQEEwEIAD4WIQS+LEO7ngQnXA4Bjr538m7TUc1yjwUC WbgsiAIbIwUJBaOagAULCQgHAgYVCAkKCwIEFgIDAQIeAQIXgAAKCRB38m7TUc1yj+JAEACV l9AK/nOWAt/9cufV2fRj0hdOqB1aCshtSrwHk/exXsDa4/FkmegxXQGY+3GWX3deIyesbVRL rYdtdK0dqJyT1SBqXK1h3/at9rxr9GQA6KWOxTjUFURsU7ok/6SIlm8uLRPNKO+yq0GDjgaO LzN+xykuBA0FlhQAXJnpZLcVfPJdWv7sSHGedL5ln8P8rxR+XnmsA5TUaaPcbhTB+mG+iKFj GghASDSfGqLWFPBlX/fpXikBDZ1gvOr8nyMY9nXhgfXpq3B6QCRYKPy58ChrZ5weeJZ29b7/ QdEO8NFNWHjSD9meiLdWQaqo9Y7uUxN3wySc/YUZxtS0bhAd8zJdNPsJYG8sXgKjeBQMVGuT eCAJFEYJqbwWvIXMfVWop4+O4xB+z2YE3jAbG/9tB/GSnQdVSj3G8MS80iLS58frnt+RSEw/ psahrfh0dh6SFHttE049xYiC+cM8J27Aaf0i9RflyITq57NuJm+AHJoU9SQUkIF0nc6lfA+o JRiyRlHZHKoRQkIg4aiKaZSWjQYRl5Txl0IZUP1dSWMX4s3XTMurC/pnja45dge/4ESOtJ9R 8XuIWg45Oq6MeIWdjKddGhRj3OohsltKgkEU3eLKYtB6qRTQypHHUawCXz88uYt5e3w4V16H lCpSTZV/EVHnNe45FVBlvK7k7HFfDDkryM7BTQRZuCyIARAAlq0slcsVboY/+IUJdcbEiJRW be9HKVz4SUchq0z9MZPX/0dcnvz/gkyYA+OuM78dNS7Mbby5dTvOqfpLJfCuhaNYOhlE0wY+ 1T6Tf1f4c/uA3U/YiadukQ3+6TJuYGAdRZD5EqYFIkreARTVWg87N9g0fT9BEqLw9lJtEGDY EWUE7L++B8o4uu3LQFEYxcrb4K/WKmgtmFcm77s0IKDrfcX4doV92QTIpLiRxcOmCC/OCYuO jB1oaaqXQzZrCutXRK0L5XN1Y1PYjIrEzHMIXmCDlLYnpFkK+itlXwlE2ZQxkfMruCWdQXye syl2fynAe8hvp7Mms9qU2r2K9EcJiR5N1t1C2/kTKNUhcRv7Yd/vwusK7BqJbhlng5ZgRx0m WxdntU/JLEntz3QBsBsWM9Y9wf2V4tLv6/DuDBta781RsCB/UrU2zNuOEkSixlUiHxw1dccI 6CVlaWkkJBxmHX22GdDFrcjvwMNIbbyfQLuBq6IOh8nvu9vuItup7qemDG3Ms6TVwA7BD3j+ 3fGprtyW8Fd/RR2bW2+LWkMrqHffAr6Y6V3h5kd2G9Q8ZWpEJk+LG6Mk3fhZhmCnHhDu6CwN MeUvxXDVO+fqc3JjFm5OxhmfVeJKrbCEUJyM8ESWLoNHLqjywdZga4Q7P12g8DUQ1mRxYg/L HgZY3zfKOqcAEQEAAcLBfAQYAQgAJhYhBL4sQ7ueBCdcDgGOvnfybtNRzXKPBQJZuCyIAhsM BQkFo5qAAAoJEHfybtNRzXKPBVwQAKfFy9P7N3OsLDMB56A4Kf+ZT+d5cIx0Yiaf4n6w7m3i ImHHHk9FIetI4Xe54a2IXh4Bq5UkAGY0667eIs+Z1Ea6I2i27Sdo7DxGwq09Qnm/Y65ADvXs 3aBvokCcm7FsM1wky395m8xUos1681oV5oxgqeRI8/76qy0hD9WR65UW+HQgZRIcIjSel9vR XDaD2HLGPTTGr7u4v00UeTMs6qvPsa2PJagogrKY8RXdFtXvweQFz78NbXhluwix2Tb9ETPk LIpDrtzV73CaE2aqBG/KrboXT2C67BgFtnk7T7Y7iKq4/XvEdDWscz2wws91BOXuMMd4c/c4 OmGW9m3RBLufFrOag1q5yUS9QbFfyqL6dftJP3Zq/xe+mr7sbWbhPVCQFrH3r26mpmy841ym dwQnNcsbIGiBASBSKksOvIDYKa2Wy8htPmWFTEOPRpFXdGQ27awcjjnB42nngyCK5ukZDHi6 w0qK5DNQQCkiweevCIC6wc3p67jl1EMFY5+z+zdTPb3h7LeVnGqW0qBQl99vVFgzLxchKcl0 R/paSFgwqXCZhAKMuUHncJuynDOP7z5LirUeFI8qsBAJi1rXpQoLJTVcW72swZ42IdPiboqx NbTMiNOiE36GqMcTPfKylCbF45JNX4nF9ElM0E+Y8gi4cizJYBRr2FBJgay0b9Cp Message-ID: <672e2c84-b906-4073-0206-7eb1720adc7e@FreeBSD.org> Date: Fri, 6 Apr 2018 17:01:27 +0300 User-Agent: Mozilla/5.0 (X11; FreeBSD amd64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-BeenThere: freebsd-fs@freebsd.org X-Mailman-Version: 2.1.25 Precedence: list List-Id: Filesystems List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Apr 2018 14:07:58 -0000 On 06/04/2018 16:12, Stilez Stilezy wrote: > Thanks Andriy, > > Please read in the manual what ZFS setuid property means. > By the way, it's on by default, so you would typically turn it off if you don't > want suid binaries.  And, of course, suiddir != setuid and ZFS does not support > it, afaict. > TLDR: yes, setuid works; no, it's not suiddir.  > >   > I did look up the ZFS setuid property in the man pages. If there are there pages > I missed, can you point me to them (and sorry for not finding them!) >   > > *[man zfs]:* > >      setuid=on | off >        Controls whether the set-UID bit is respected for the file system. >      >        [Does not say anything else, seems perfectly clear] >   Except that the original, conventional and default meaning for set-UID is for executable files. Also, don't forget that this manual page originated on illumos (!= FreeBSD). E.g., see POSIX: http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_stat.h.html S_ISUID 04000 Set-user-ID on execution. S_ISGID 02000 Set-group-ID on execution. > *[man chmod]* - where it's documented what the set-UID bit does when set on > a file system: >   >     4000 (the setuid bit). >       Directories with this bit set will force all files and sub- >       directories created in them to be owned by the directory >       owner and not by the uid of the creating process, if the >       underlying file system supports this feature... Right. The last clause is very important.      >       [Does **not** say that mount -o suiddir is/isn't required, or is/isn't > a "blocker". >        Just says "see suiddir mounting option". But zfs man page has already > said >        the bit **will** be respected. It's a bit conflicting.] Yes, ZFS respects the bit in the standard compliant sense. Not in a FreeBSD-specific optional extension sense. > Like I said, the man pages seem a bit conflicted. *[man zfs]* definitely says it > provides an option for the setuid bit to be respected for the file system - it > doesn't say "for files only" or any other limitation. It just says that setuid > will be "respected for the file system" if the flag is enabled on the dataset.  > *[man chmod]* describes what happens if setuid is "respected on a file system". > It's clear that this will force+inherit directory ownership "if the underlying > file system supports this feature". As [man zfs] already says set_UID will be > "respected", set-UID is clearly supported by ZFS. > > As you can see, I did read the man pages carefully. That's why I asked help to > understand if it was documentation, implementation, or invocation, which was the > issue. > > If the zfs setuid property _doesn't_ mean the same as normal enabling of the > setuid bit functionality, then the [man zfs] page is misleading. If it works > only for files but not for directories, it's also misleading. No, it is not misleading. You just have wrong default expectations :-) This wikipedia page seems to be surprisingly correct: https://en.wikipedia.org/wiki/Setuid > So I hope you can > see, I'm not asking because of failure to read the man pages. I really did read, > and followed them carefully, before asking. >   > So your answer was helpful (thank you!), even if I don't understand what info I > didn't read in the man pages. I have 2 quick points arising: >   > > 1. I gather from your reply that even with this flag set, set-UID for ZFS based > directories' ownership/inheritance is not "respected for the file system" - > or not fully respected in the sense normally understood as in [man chmod]?  > If that's the case then [man zfs] is incorrect - please can you confirm > exactly what is this flag's functionality, since it's unclear? Just to repeat what I said above. It is respected in the normally understood sense. The FreeBSD extension (that has to be enabled via a special non-default kernel option and that works only for a small set of filesystems) is not supported. > 2. Returning to the original issue, is there any way one can automatically > force owner+owner inheritance, for data in a zfs dataset? This is 21st century. Access control lists. > Thank you for your help, even if not the ideal answer. > I hope these last couple of points are easy to clear up, and not annoying :) -- Andriy Gapon