Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 21 Jan 2018 05:14:26 +0100
From:      Ralf Mardorf <ralf.mardorf@rocketmail.com>
To:        freebsd-questions@freebsd.org
Subject:   Re: xfce4 reverts to mirrored dislays
Message-ID:  <20180121051426.4879cab4@archlinux.localdomain>
In-Reply-To: <20180121013136.3bf3440a.freebsd@edvax.de>
References:  <c89fe0ea-d072-2a4b-ad02-74041e3bd181@nethead.se> <20180120125636.6ad88128.freebsd@edvax.de> <20180120134001.65ddb697@archlinux.localdomain> <20180120141518.7a85ed99@planb.netng.org> <2c24a50e-c7d1-0841-bee6-9f015d48a927@nethead.se> <20180120170942.532834dd.freebsd@edvax.de> <c38bac7e-7fd2-254a-814c-5ea9d6d6e1d2@nethead.se> <20180120190647.01b163d0@archlinux.localdomain> <a7258db0-80c2-5d91-d41c-b34e2235ad57@nethead.se> <20180120200846.e0925689.freebsd@edvax.de> <20180120202134.7e20734b@archlinux.localdomain> <20180121013136.3bf3440a.freebsd@edvax.de>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 21 Jan 2018 01:31:36 +0100, Polytropon wrote:
>On Sat, 20 Jan 2018 20:21:34 +0100, Ralf Mardorf via freebsd-questions
>wrote:
>> On Sat, 20 Jan 2018 20:08:46 +0100, Polytropon wrote:  
>> >As it seems, the immutable flag is not set.  
>> 
>> Indeed, this makes sense, while my second guess is idiotic, see on
>> Sat,
>> 
>> 20 Jan 2018 19:23:02 +0100, Ralf Mardorf wrote:  
>> >On Sat, 20 Jan 2018 19:06:47 +0100, Ralf Mardorf wrote:  
>> >>actually it's impossible to change permissions of an immutable
>> >>file.    
>> >
>> >Perhaps I'm mistaken regarding "permissions",however, what ever the
>> >permissions should be, the file remains immutable,
>> >un-over{ride,write}able ;).  
>> 
>> Somebody needs to have permission to set or clear the immutable
>> flag ;).  
>
>Being able to change the permissions or ownership would first
>require "chflags noschg", which usually only root can perform.
>So even though my suggestion doesn't deserve the name "solution",
>it _should_ actually prevent any file changes, even if the
>process which changes the file is UID 0.

As already pointed out, my second guess is idiotic.

># touch /tmp/testfile
># ll -o /tmp/testfile
>-rw-r--r--  1 root  wheel     - 0 2018-01-21 01:27:49 /tmp/testfile
>
># chmod -w /tmp/testfile 
># ll -o /tmp/testfile
>-r--r--r--  1 root  wheel     - 0 2018-01-21 01:27:49 /tmp/testfile
>  ^
>Writing flag is gone.
>
># chflags schg /tmp/testfile 
># ll -o /tmp/testfile
>-r--r--r--  1 root  wheel  schg 0 2018-01-21 01:27:49 /tmp/testfile
>
>The file is now locked / immutable.
>
># chown ftp:ftp /tmp/testfile
>chown: /tmp/testfile: Operation not permitted
># chmod +w /tmp/testfile 
>chmod: /tmp/testfile: Operation not permitted
># rm /tmp/testfile 
>override r--r--r--  root/wheel schg for /tmp/testfile? y
>rm: /tmp/testfile: Operation not permitted
>
>Without a "chflags noschg" issued by root, the file will stay
>as it is (content, ownership, permissions).

A little bit off-topic, but not completely unimportant.

FreeBSD tar and cp seem to be more or less equal to Linux tar and cp,
IOW tar seems to require --xattr and cp seems to require -a to preserve
the immutable flag.

https://www.freebsd.org/cgi/man.cgi?tar(1)
https://www.freebsd.org/cgi/man.cgi?cp

So if the workaround should work, it requires to care about it, if e.g.
a backup strategy should be based upon tar or cp.

-- 
https://www.schneier.com/blog/archives/2018/01/spectre_and_mel_1.html



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20180121051426.4879cab4>