From owner-freebsd-questions@FreeBSD.ORG Tue Aug 16 01:36:39 2011 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 9B5B0106566B for ; Tue, 16 Aug 2011 01:36:39 +0000 (UTC) (envelope-from perryh@pluto.rain.com) Received: from agora.rdrop.com (unknown [IPv6:2607:f678:1010::34]) by mx1.freebsd.org (Postfix) with ESMTP id 545498FC16 for ; Tue, 16 Aug 2011 01:36:39 +0000 (UTC) Received: from agora.rdrop.com (66@localhost [127.0.0.1]) by agora.rdrop.com (8.13.1/8.12.7) with ESMTP id p7G1abY9026311 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NOT); Mon, 15 Aug 2011 18:36:38 -0700 (PDT) (envelope-from perryh@pluto.rain.com) Received: (from uucp@localhost) by agora.rdrop.com (8.13.1/8.12.9/Submit) with UUCP id p7G1abgx026310; Mon, 15 Aug 2011 18:36:37 -0700 (PDT) Received: from fbsd81 ([192.168.200.81]) by pluto.rain.com (4.1/SMI-4.1-pluto-M2060407) id AA01069; Mon, 15 Aug 11 18:32:53 PDT Date: Tue, 16 Aug 2011 01:32:44 -0700 From: perryh@pluto.rain.com To: kudzu@tenebras.com Message-Id: <4e4a2b2c.yX3blW9IEVGiJ+Oa%perryh@pluto.rain.com> References: <4E497C2A.4060403@rawbw.com> In-Reply-To: User-Agent: nail 11.25 7/29/05 Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Cc: yuri@rawbw.com, freebsd-questions@freebsd.org Subject: Re: Group permissions are broken? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Aug 2011 01:36:39 -0000 Michael Sierchio wrote: > On Mon, Aug 15, 2011 at 1:06 PM, Yuri wrote: > > User john is a member of both webcamd and vboxusers: > > # grep john /etc/group > > webcamd:*:145:john > > vboxusers:*:920:john > > > > When the file /tmp/my-test is owned by webcamd, user john can > > touch it ok: > > $ ls -l /tmp/my-test ; touch ?/tmp/my-test > > -rw-rw---- ?1 vboxusers ?vboxusers ?0 Aug 15 12:54 /tmp/my-test > > > > But when /tmp/my-test is owned by webcamd, user john gets an > > error: > > $ ls -l /tmp/my-test ; touch ?/tmp/my-test > > -rw-rw---- ?1 webcamd ?webcamd ?0 Aug 15 13:02 /tmp/my-test > > touch: /tmp/my-test: Permission denied > > > > Why does this error occur? Two groups seem identical. Just > > different group ids. > > /tmp has the sticky bit set. man 8 sticky On my 8.1 system, sticky(8) says: A directory whose `sticky bit' is set becomes ... a directory in which the _deletion_ of files is restricted. A file in a sticky directory may only be _removed_ or _renamed_ if ... [emphasis added] Nothing there about the sticky bit changing the permissions required to _overwrite_ a file, which is the subject of the current inquiry. Even if the sticky bit _did_ have some effect on overwriting a file, how would that explain the _different_ behavior of the two cases shown?