Date: Wed, 6 Oct 2010 17:35:22 +0000 From: Alexander Best <arundel@freebsd.org> To: Garrett Cooper <gcooper@FreeBSD.org> Cc: freebsd-hackers@freebsd.org Subject: Re: issue with unsetting 'arch' flag Message-ID: <20101006173522.GA92402@freebsd.org> In-Reply-To: <AANLkTi=sA4GP=B61tbEmG6B0CYcET=dCFMJByoS_5=yi@mail.gmail.com> References: <20101005235054.GA45827@freebsd.org> <AANLkTi=sA4GP=B61tbEmG6B0CYcET=dCFMJByoS_5=yi@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed Oct 6 10, Garrett Cooper wrote: > On Tue, Oct 5, 2010 at 4:50 PM, Alexander Best <arundel@freebsd.org> wrote: > > hi there, > > > > i think the following example shows the problem better than a long explanation: > > > > `touch ftest && chflags arch ftest && chflags -vv 0 ftest`. > > ^^non-root ^^root ^^non-root > > > > chflags claims to have cleared the 'arch' flag (which should be impossible as > > non-root user), but indeed has done nothing. > > > > i've tried the same with 'sappnd' and that works as can be expected. > > > > The issue was confirmed to exist in HEAD (me), stable/8 (pgollucc1, jpaetzel) > > and stable/7 (nox). > > On stable/6 it does NOT exist (jpaetzel). chflags properly fails with EPERM. > > Fails for me when I call the syscall directly, as I would expect, > and passes when I'm superuser: > > $ ./test_chflags > (uid, euid) = (1000, 1000) > test_chflags: chflags: Operation not permitted > test_chflags: lchflags: Operation not permitted > $ sudo ./test_chflags > (uid, euid) = (0, 0) > > According to my basic inspection in strtofflags > (.../lib/libc/gen/strtofflags.c), it works as well. > And last but not least, executing the commands directly on the CLI work: > > $ tmpfile=`mktemp /tmp/chflags.XXXXXX` > $ chflags arch $tmpfile > chflags: /tmp/chflags.nQm1IL: Operation not permitted > $ rm $tmpfile > $ tmpfile=`mktemp /tmp/chflags.XXXXXX` > $ sudo chflags arch $tmpfile > $ sudo chflags noarch $tmpfile > $ rm $tmpfile thanks for your test app and helping out with this problem. i'm not sure however you understood the problem. probably i didn't explain it right: $ sudo rm -d /tmp/chflags.XXXXXX $ tmpfile=`mktemp /tmp/chflags.XXXXXX` $ sudo chflags arch $tmpfile $ chflags noarch $tmpfile is what's causing the problem. the last chflags call should fail, but it doesn't. cheers. alex > > Your results may (but shouldn't) vary [unless your environment is > setup differently]... > Please note that I'm using UFS2 with SUJ... not all filesystems > support this (ext2/3/4? msdosfs? ZFS?), so I would be careful about > which filesystem you pick and whether or not there's a bug where it's > not properly identifying that the operation you're attempting to > perform is valid. > Thanks, > -Garrett > > $ uname -a > FreeBSD bayonetta.local 9.0-CURRENT FreeBSD 9.0-CURRENT #9 r211309M: > Thu Aug 19 22:50:36 PDT 2010 > root@bayonetta.local:/usr/obj/usr/src/sys/BAYONETTA amd64 -- a13x
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101006173522.GA92402>