24.07.2018 15:16, Marc Joliet пишет: > Hi list, > > (Preemptive note: this was with btrfs-progs 4.15.1, I have since upgraded to > 4.17. My kernel version is 4.14.52-gentoo.) > > I recently had to restore the root FS of my desktop from backup (extent tree > corruption; not sure how, possibly a loose SATA cable?). Everything was > fine, > even if restoring was slower than expected. However, I encountered two files > with permission problems, namely: > > - /bin/ping, which caused running ping as a normal user to fail due to > missing > permissions, and > > - /sbin/unix_chkpwd (part of PAM), which prevented me from unlocking the KDE > Plasma lock screen; I needed to log into a TTY and run "loginctl unlock- > session". > > Both were easily fixed by reinstalling the affected packages (iputils and > pam), but I wonder why this happened after restoring from backup. > > I originally thought it was related to the SUID bit not being set, because of > the explanation in the ping(8) man page (section "SECURITY"), but cannot find > evidence of that -- that is, after reinstallation, "ls -lh" does not show the > sticky bit being set, or any other special permission bits, for that matter: > > % ls -lh /bin/ping /sbin/unix_chkpwd > -rwx--x--x 1 root root 60K 22. Jul 14:47 /bin/ping* > > > > -rwx--x--x 1 root root 31K 23. Jul 00:21 /sbin/unix_chkpwd* > > (Note: no ACLs are set, either.) >
What "getcap /bin/ping" says? You may need to install package providing getcap (libcap-progs here on openSUSE). > I do remember the qcheck program (a Gentoo-specific program that checks the > integrity of installed packages) complaining about wrong file permissions, > but > I didn't save its output, and there's a chance it *might* have been because I > ran qcheck without root permissions :-/ . > > I vaguely remember some patches and/or discussion regarding permission > transfer issues with send/receive on this ML, but didn't find anything after > searching through my Email archive, so I might be misremembering. > > Does anybody have any idea what possibly went wrong, or any similar > experience > to speak of? > > Greetings >
signature.asc
Description: OpenPGP digital signature