Re: File permissions lost during send/receive?

Tue, 24 Jul 2018 10:53:50 -0700 

24.07.2018 15:16, Marc Joliet пишет:
> Hi list,
> 
> (Preemptive note: this was with btrfs-progs 4.15.1, I have since upgraded to 
> 4.17.  My kernel version is 4.14.52-gentoo.)
> 
> I recently had to restore the root FS of my desktop from backup (extent tree 
> corruption; not sure how, possibly a loose SATA cable?).  Everything was 
> fine, 
> even if restoring was slower than expected.  However, I encountered two files 
> with permission problems, namely:
> 
> - /bin/ping, which caused running ping as a normal user to fail due to 
> missing 
> permissions, and
> 
> - /sbin/unix_chkpwd (part of PAM), which prevented me from unlocking the KDE 
> Plasma lock screen; I needed to log into a TTY and run "loginctl unlock-
> session".
> 
> Both were easily fixed by reinstalling the affected packages (iputils and 
> pam), but I wonder why this happened after restoring from backup.
> 
> I originally thought it was related to the SUID bit not being set, because of 
> the explanation in the ping(8) man page (section "SECURITY"), but cannot find 
> evidence of that -- that is, after reinstallation, "ls -lh" does not show the 
> sticky bit being set, or any other special permission bits, for that matter:
> 
> % ls -lh /bin/ping /sbin/unix_chkpwd 
> -rwx--x--x 1 root root 60K 22. Jul 14:47 /bin/ping*                           
>                                                                               
>                                                                               
>                                      
> -rwx--x--x 1 root root 31K 23. Jul 00:21 /sbin/unix_chkpwd*
> 
> (Note: no ACLs are set, either.)
> 

What "getcap /bin/ping" says? You may need to install package providing
getcap (libcap-progs here on openSUSE).

> I do remember the qcheck program (a Gentoo-specific program that checks the 
> integrity of installed packages) complaining about wrong file permissions, 
> but 
> I didn't save its output, and there's a chance it *might* have been because I 
> ran qcheck without root permissions :-/ .
> 
> I vaguely remember some patches and/or discussion regarding permission 
> transfer issues with send/receive on this ML, but didn't find anything after 
> searching through my Email archive, so I might be misremembering.
> 
> Does anybody have any idea what possibly went wrong, or any similar 
> experience 
> to speak of?
> 
> Greetings
>

Attachment: signature.asc
Description: OpenPGP digital signature

Reply via email to