setperms on linux

Brian K. White brian at aljex.com
Wed Apr 12 15:23:31 PDT 2006 

Anyone using suse 10 by any chance?

Can you test something and see if my box is just inhabited by devils or 
what?

# temporarily make one of the fp binaries the wrong permissions
chmod 0444 /u/appl/fp/ddefine

run setperms

what does ls -l /u/appl/fp/ddefine show?

put your binary back by doing:
chmod 4755 /u/appl/fp/ddefine


on my box "chmod 4755 /u/appl/fp/ddefine" works fine if I run it manually
but it always fails if the same exact command is run in a script.

The nature of the failure is, it will set the 755 but ignore the 4
So when I run setperms, my binaries are executable but not suid, which of 
course doesn't work.

I've been pulling my hair out with this all day.
I tried several different shells (ksh93, bash, bash in ksh emulation mode, 
zsh, zsh in ksh emulation mode, pdksh)
I tried both the built-in chmod in the shell (when present) and /bin/chmod 
under all shells, and in all cases it fails exactly the same way, which is 
mindboggling.
Unless it's some kind of kernel level security feature I saw no mention of 
anywhere.
I tried using other forms of the chmod command, like chmod u+s filename
No difference.
oh, and in all cases, if I add -v to chmod options and capture that to a log 
file, it always says the did the change, even when it didn't, it even 
specifically shows the "s" in the output, but an ls -l in the script 
immediately after the chmod disagrees.

snipped from the log, there are two chmod output lines because I added a 
line to the loop to detect when $mode is 4???, and in that case run another 
chmod just to do u+s, it didn't help.
I have the main fp.list loop logging a whole stanza like this for each 
iteration of the while read loop
------------------------------------------------------------
file="./rreport"
tgt="/u/appl/fp/rreport"
mode="4755"
owner="filepro"
mode of `/u/appl/fp/rreport' changed to 4755 (rwsr-xr-x)
mode of `/u/appl/fp/rreport' retained as 4755 (rwsr-xr-x)
ownership of `/u/appl/fp/rreport' retained as filepro
-rwxr-xr-x  1 filepro root 638768 Oct 14  2004 /u/appl/fp/rreport
------------------------------------------------------------

This is just crazy.


.... AHHH! I found it finally.

Both the stock setperms and my improved copy have pairs of chmod & chown 
commands in the order of chmod, then chown.

Some genius has changed something somewhere such that chown now wipes off 
the suid bit!
I reversed the order so that it's always chown then chmod and now the files 
are left with the right perms.

Is it just me or is it just plain inexcusably broken for chown to even 
_touch_ the chmod bits??

Brian K. White  --  brian at aljex.com  --  http://www.aljex.com/bkw/
+++++[>+++[>+++++>+++++++<<-]<-]>>+.>.+++++.+++++++.-.[>+<---]>++.
filePro  BBx    Linux  SCO  FreeBSD    #callahans  Satriani  Filk!

More information about the Filepro-list mailing list