Re: question related to cp (-p) and /tmp

Tue, 09 Jul 2024 12:34:01 -0700 

Hi,

(I Cc: patrice.dur...@gmail.com because i see no "LDOSUBSCRIBER" in
the "X-Spam-Status:" header.)

Jumping ahead:

Look into the local file

  /etc/xattr.conf

and try what happens if you change

  system.nfs4_acl                       permissions

to

  system.nfs4_acl                       skip

or if you newly insert thie "skip" line if no "system.nfs4_acl" is to see.

----------------------------------------------------------------------
How i came to that proposal:

Patrice Duroux wrote:
> $ LANG=C strace cp -p test.sh /tmp

strace is a very good idea.


> flistxattr(4, NULL, 0)                  = 16
> flistxattr(4, "system.nfs4_acl\0", 16)  = 16

Somehow your file has an extended file attribute "system.nfs4_acl".
Inquire by:

  getfattr -d test.sh

(I dimly remember that one needs superuser authority to read "system."
attributes. But i cannot find this in man 1 getfattr.)


> openat(AT_FDCWD, "/etc/xattr.conf", O_RDONLY) = 6

According to Google this is a configuration file:
  
https://sources.suse.com/SUSE:SLE-15-SP6:Update:CR/minimal-image/f2d0d3c549d068931c52fb2e94925dd7/INCLUDED/SUSE:SLE-15:GA::attr::efd1f5b9c0b136b5dfc37de3f2d9c977/xattr.conf
  ...
  # How to handle extended attributes when copying between files
  ...
  # Actions:
  #   permissions - copy when trying to preserve permissions.
  #   skip - do not copy.
  ...
  system.nfs4_acl                       permissions

cp sees this configuration file associated to SELinux:

  https://sources.debian.org/src/coreutils/9.4-3.1/src/copy.c/?hl=751#L749
  /* Exclude SELinux extended attributes that are otherwise handled,
     and are problematic to copy again.  Also honor attributes
     configured for exclusion in /etc/xattr.conf.


> fsetxattr(5, "system.nfs4_acl",
> "\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0", 80, 0) = -1
> EOPNOTSUPP (Operation not supported)

Here the error happens while trying to set the attribute.
Shell equivalent is

  setfattr -n system.nfs4_acl -v 
'\0\0\0\3\0\0\0\0\0\0\0\0\0\26\1\247\0\0\0\6OWNER@\0\0\0\0\0' /tmp/x

and yields here (even for the superuser and on ext4 filesystem)

  setfattr: /tmp/x: Operation not supported

I'm not sure whether the value is a digestible format.
But if i do the same with a name in the "user." namespace i get no error

  setfattr -n user.x -v '\0\0\0...lengthy.string.above...' /tmp/x


Have a nice day :)

Thomas

Reply via email to