Bug #2156

"Allow write permission to owning group" not applied

Added by Davide Principi almost 8 years ago. Updated almost 8 years ago.

Status:CLOSEDStart date:08/30/2013
Priority:NormalDue date:08/30/2013
Assignee:-% Done:

100%

Category:nethserver-ibays
Target version:v6.4-beta2
Security class: Resolution:
Affected version:v6.4-beta1 NEEDINFO:No

Description

The "write" permission is not granted if an ibay is originally created without it, but it is added later.

Packages
nethserver-ibays-2.0.0-1.ns6.noarch
nethserver-httpd-2.2.1-1.ns6.noarch

Symptom
can add a file to an ibay, but can't modify it

How to reproduce the bug
  • Create an ibay aclbug without write permission to owning group (see acl-A.txt)
  • In a root shell create some files and subdirs into aclbug/
  • Change aclbug settings, by enabling the write permission (see acl-B.txt)
  • Create new file and subdirs

Permissions on existing files and directories are correctly set, but newly created files and subdirs are still missing the group-writable permission.

Reported by
Massimo Palazzetti

acl-A.txt Magnifier (1.04 KB) Davide Principi, 08/30/2013 09:49 AM

acl-B.txt Magnifier (1.2 KB) Davide Principi, 08/30/2013 09:49 AM

Associated revisions

Revision d1849927
Added by Davide Principi almost 8 years ago

nethserver-ibays-set-permissions action: always explicitly set the default ACL on directories. Refs #2156

History

#1 Updated by Davide Principi almost 8 years ago

  • Due date set to 08/30/2013
  • Status changed from TRIAGED to ON_DEV
  • Assignee set to Davide Principi
  • Start date set to 08/30/2013
  • % Done changed from 20 to 30
  • Estimated time set to 4.00

#2 Updated by Davide Principi almost 8 years ago

  • Description updated (diff)

#3 Updated by Davide Principi almost 8 years ago

  • Description updated (diff)

Also nethserver-httpd must be installed because it affects the default ACL handling

#4 Updated by Davide Principi almost 8 years ago

  • Status changed from ON_DEV to MODIFIED
  • % Done changed from 30 to 60

nethserver-ibays|d184992 is the proposed solution

It invokes the setfacl command specifying the default ACL explicitly (note the "d" prefix):

setfacl -m u::rwx,d:u::rwx,g::rwx,d:g::rwx,o::---,d:o::---,u:apache:rX,d:u:apache:rX

#5 Updated by Davide Principi almost 8 years ago

  • Status changed from MODIFIED to ON_QA
  • Assignee deleted (Davide Principi)
  • % Done changed from 60 to 70

In nethserver-testing:
nethserver-ibays-2.0.0-1.0gitd1849927.ns6.noarch.rpm

#6 Updated by Giacomo Sanchietti almost 8 years ago

  • Assignee set to Giacomo Sanchietti

#7 Updated by Giacomo Sanchietti almost 8 years ago

  • Status changed from ON_QA to VERIFIED
  • Assignee deleted (Giacomo Sanchietti)
  • % Done changed from 70 to 90

Tested with an without samba access.

Marking as VERIFIED

#8 Updated by Giacomo Sanchietti almost 8 years ago

  • Status changed from VERIFIED to CLOSED
  • % Done changed from 90 to 100
In nethserver-updates:
  • nethserver-ibays-2.0.1-1.ns6.noarch.rpm

Also available in: Atom PDF