Skip site navigation (1)Skip section navigation (2)
Date:      Fri, 6 Apr 2018 17:01:27 +0300
From:      Andriy Gapon <avg@FreeBSD.org>
To:        Stilez Stilezy <stilezy@gmail.com>
Cc:        freebsd-fs <freebsd-fs@freebsd.org>
Subject:   Re: Does setuid=on work on ZFS datasets, or is the man page for zfs misleading?
Message-ID:  <672e2c84-b906-4073-0206-7eb1720adc7e@FreeBSD.org>
In-Reply-To: <CAFwhr77WP_rDb1%2BAW-hbe8vcWdnpa-KXU0xjMryvmX-isa5W7g@mail.gmail.com>
References:  <CAFwhr76YOacX7kS87M-xRhcnkQGYGcmpYz%2BKU6rok2b-Wt_GHA@mail.gmail.com> <7eba73db-3097-5c8a-eb2c-e3880fb5b501@FreeBSD.org> <CAFwhr77WP_rDb1%2BAW-hbe8vcWdnpa-KXU0xjMryvmX-isa5W7g@mail.gmail.com>

next in thread | previous in thread | raw e-mail | index | archive | help
On 06/04/2018 16:12, Stilez Stilezy wrote:
> Thanks Andriy,
> 
>     Please read in the manual what ZFS setuid property means.
>     By the way, it's on by default, so you would typically turn it off if you don't
>     want suid binaries.  And, of course, suiddir != setuid and ZFS does not support
>     it, afaict.
>     TLDR: yes, setuid works; no, it's not suiddir. 
> 
>  
> I did look up the ZFS setuid property in the man pages. If there are there pages
> I missed, can you point me to them (and sorry for not finding them!)
>  
> 
>     *[man zfs]:*
> 
>          setuid=on | off
>            Controls whether the set-UID bit is respected for the file system.
>         
>            [Does not say anything else, seems perfectly clear]
>       

Except that the original, conventional and default meaning for set-UID is for
executable files.  Also, don't forget that this manual page originated on
illumos (!= FreeBSD).
E.g., see POSIX:
http://pubs.opengroup.org/onlinepubs/9699919799/basedefs/sys_stat.h.html
S_ISUID	04000	Set-user-ID on execution.
S_ISGID	02000	Set-group-ID on execution.

>     *[man chmod]* - where it's documented what the set-UID bit does when set on
>     a file system:
>      
>         4000 (the setuid bit).
>           Directories with this bit set will force all files and sub-
>           directories created in them to be owned by the directory
>           owner and not by the uid of the creating process, if the
>           underlying file system supports this feature...

Right.  The last clause is very important.
    
>           [Does **not** say that mount -o suiddir is/isn't required, or is/isn't
>     a "blocker".
>            Just says "see suiddir mounting option". But zfs man page has already
>     said
>            the bit **will** be respected. It's a bit conflicting.]

Yes, ZFS respects the bit in the standard compliant sense.
Not in a FreeBSD-specific optional extension sense.

> Like I said, the man pages seem a bit conflicted. *[man zfs]* definitely says it
> provides an option for the setuid bit to be respected for the file system - it
> doesn't say "for files only" or any other limitation. It just says that setuid
> will be "respected for the file system" if the flag is enabled on the dataset. 
> *[man chmod]* describes what happens if setuid is "respected on a file system".
> It's clear that this will force+inherit directory ownership "if the underlying
> file system supports this feature". As [man zfs] already says set_UID will be
> "respected", set-UID is clearly supported by ZFS.
> 
> As you can see, I did read the man pages carefully. That's why I asked help to
> understand if it was documentation, implementation, or invocation, which was the
> issue.
> 
> If the zfs setuid property _doesn't_ mean the same as normal enabling of the
> setuid bit functionality, then the [man zfs] page is misleading. If it works
> only for files but not for directories, it's also misleading.

No, it is not misleading.
You just have wrong default expectations :-)
This wikipedia page seems to be surprisingly correct:
https://en.wikipedia.org/wiki/Setuid

> So I hope you can
> see, I'm not asking because of failure to read the man pages. I really did read,
> and followed them carefully, before asking.
>  
> So your answer was helpful (thank you!), even if I don't understand what info I
> didn't read in the man pages. I have 2 quick points arising:
>  
> 
>  1. I gather from your reply that even with this flag set, set-UID for ZFS based
>     directories' ownership/inheritance is not "respected for the file system" -
>     or not fully respected in the sense normally understood as in [man chmod]? 
>     If that's the case then [man zfs] is incorrect - please can you confirm
>     exactly what is this flag's functionality, since it's unclear?

Just to repeat what I said above.  It is respected in the normally understood
sense.  The FreeBSD extension (that has to be enabled via a special non-default
kernel option and that works only for a small set of filesystems) is not supported.

>  2. Returning to the original issue, is there any way one can automatically
>     force owner+owner inheritance, for data in a zfs dataset?

This is 21st century.
Access control lists.


> Thank you for your help, even if not the ideal answer.
> I hope these last couple of points are easy to clear up, and not annoying :)

-- 
Andriy Gapon



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?672e2c84-b906-4073-0206-7eb1720adc7e>