mode 2770 Fails on solaris

mode 2770 Fails on solaris

Post by joeh » Tue, 02 Nov 1999 04:00:00



/usr/local>chmod 2770 src
ls -l |egrep src
drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src

What i want to see is "drwxrws---" to insure that all files
created beneath this dir will retain the dir gid.
Is there a fix for this?  Or do i need to handle this with
some infantile method like a cron entry that executes chgrp GROUP {} \;
on all the files?
i am very surprised this is not working on Solaris
(SunOS 5.6)
Joe
--
Disclaimer: opinions expressed my own and not representative of my employers

 
 
 

mode 2770 Fails on solaris

Post by Barry Margoli » Tue, 02 Nov 1999 04:00:00



>/usr/local>chmod 2770 src
>ls -l |egrep src
>drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src

>What i want to see is "drwxrws---" to insure that all files
>created beneath this dir will retain the dir gid.
>Is there a fix for this?  Or do i need to handle this with
>some infantile method like a cron entry that executes chgrp GROUP {} \;
>on all the files?

RTFM.  From the chmod man page:

     Note that the setgid bit cannot be set (or cleared) in abso-
     lute  mode;  it  must  be  set (or cleared) in symbolic mode
     using g+s (or g-s).

--

GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

 
 
 

mode 2770 Fails on solaris

Post by Bob Dempse » Tue, 02 Nov 1999 04:00:00



> /usr/local>chmod 2770 src
> ls -l |egrep src
> drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src

> What i want to see is "drwxrws---" to insure that all files
> created beneath this dir will retain the dir gid.
> Is there a fix for this?  Or do i need to handle this with
> some infantile method like a cron entry that executes chgrp GROUP {} \;
> on all the files?
> i am very surprised this is not working on Solaris
> (SunOS 5.6)
> Joe
> --
> Disclaimer: opinions expressed my own and not representative of my employers

If you man chmod you will see that the setgid cannot be set or cleared via the
numeric arguments. Use the symbolic arguments:
chmod ug=rwx,o=,g+s src

--
------------------------------------------------------------------------
Bob Dempsey                             Opinions are my own, and are not
Kodak Health Imaging                   necessarily shared by my employer


------------------------------------------------------------------------

 
 
 

mode 2770 Fails on solaris

Post by joeh » Tue, 02 Nov 1999 04:00:00




> >/usr/local>chmod 2770 src
> >ls -l |egrep src
> >drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src

> >What i want to see is "drwxrws---" to insure that all files
> >created beneath this dir will retain the dir gid.
> >Is there a fix for this?  Or do i need to handle this with
> >some infantile method like a cron entry that executes chgrp GROUP {} \;
> >on all the files?

> RTFM.  From the chmod man page:

>      Note that the setgid bit cannot be set (or cleared) in abso-
>      lute  mode;  it  must  be  set (or cleared) in symbolic mode
>      using g+s (or g-s).

> --

Any special reason why Sun does not allow this change in absolute mode?

--
Disclaimer: opinions expressed my own and not representative of my employers

 
 
 

mode 2770 Fails on solaris

Post by Barry Margoli » Tue, 02 Nov 1999 04:00:00





>> >/usr/local>chmod 2770 src
>> >ls -l |egrep src
>> >drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src

>> >What i want to see is "drwxrws---" to insure that all files
>> >created beneath this dir will retain the dir gid.
>> >Is there a fix for this?  Or do i need to handle this with
>> >some infantile method like a cron entry that executes chgrp GROUP {} \;
>> >on all the files?

>> RTFM.  From the chmod man page:

>>      Note that the setgid bit cannot be set (or cleared) in abso-
>>      lute  mode;  it  must  be  set (or cleared) in symbolic mode
>>      using g+s (or g-s).

>> --
>Any special reason why Sun does not allow this change in absolute mode?

In the case of clearing, it, I can think of a reason: so that you don't
accidentally remove set-gid when you're just trying to set the usual
permission modes.  E.g. if it already has set-gid, and you do "chmod 770",
you probably were intending to enable read-write, and didn't really mean to
remove set-gid.

However, this explanation doesn't fly when you're trying to add a mode.
"chmod 2xxx" is unambiguous: you really want to turn on set-gid.  The only
explanation I can think of is to be consistent: set-gid always has to be
changed symbolically.

It's been like this as long as I can remember.  Most of my Unix experience
in the past decade or so has been on Suns, and I didn't even realize this
was specific to them.

--

GTE Internetworking, Powered by BBN, Burlington, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.

 
 
 

mode 2770 Fails on solaris

Post by Alan Coopersmi » Tue, 02 Nov 1999 04:00:00



Quote:>>Any special reason why Sun does not allow this change in absolute mode?

>In the case of clearing, it, I can think of a reason: so that you don't
>accidentally remove set-gid when you're just trying to set the usual
>permission modes.  E.g. if it already has set-gid, and you do "chmod 770",
>you probably were intending to enable read-write, and didn't really mean to
>remove set-gid.

Also remember that Solaris inherited a second meaning to the setgid bit
from SysV - mandatory file locking, which you also don't want to
accidently turn on or off.  (Of course, most people I know would happily
turn off mandatory file locking to get chmod working "normally" if they
could just set a variable in /etc/system to do so.)

--
________________________________________________________________________

Univ. of California at Berkeley         http://soar.Berkeley.EDU/~alanc/

 
 
 

mode 2770 Fails on solaris

Post by Casper H.S. Dik - Network Security Engine » Tue, 02 Nov 1999 04:00:00


[[ PLEASE DON'T SEND ME EMAIL COPIES OF POSTINGS ]]


>/usr/local>chmod 2770 src
>ls -l |egrep src
>drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src

You need to do "chmod g+s".

Casper
--
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

 
 
 

mode 2770 Fails on solaris

Post by Rich Tee » Wed, 03 Nov 1999 04:00:00



> /usr/local>chmod 2770 src
> ls -l |egrep src
> drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src

> What i want to see is "drwxrws---" to insure that all files

ISTR a thread about this a while back.  I think the only option
was to use the symbolic method: chmod g+s src.

Pretty sucky, I agree.  I can't remember if a bug had been filed;
if not, perhaps now would be a good time!

--
Rich Teer

NT tries to do almost everything UNIX does, but fails - miserably.

The use of Windoze cripples the mind; its use should, therefore, be
regarded as a criminal offence.  (With apologies to Edsger W. Dijkstra)

If it ain't analogue, it ain't music.

Voice: +1 (250) 763-6205
WWW: www.rite-group.com

 
 
 

mode 2770 Fails on solaris

Post by Rich Tee » Wed, 03 Nov 1999 04:00:00



>      Note that the setgid bit cannot be set (or cleared) in abso-
>      lute  mode;  it  must  be  set (or cleared) in symbolic mode
>      using g+s (or g-s).

Does anyone know why this is?

--
Rich Teer

NT tries to do almost everything UNIX does, but fails - miserably.

The use of Windoze cripples the mind; its use should, therefore, be
regarded as a criminal offence.  (With apologies to Edsger W. Dijkstra)

If it ain't analogue, it ain't music.

Voice: +1 (250) 763-6205
WWW: www.rite-group.com

 
 
 

mode 2770 Fails on solaris

Post by Joerg Schilli » Wed, 03 Nov 1999 04:00:00





>>      Note that the setgid bit cannot be set (or cleared) in abso-
>>      lute  mode;  it  must  be  set (or cleared) in symbolic mode
>>      using g+s (or g-s).

>Does anyone know why this is?

You can do e.g. chmod 2755 on plain files!

To do the same thing for directories you need to use the symbolic mode.

This has been true for about 12 years when the g+s feature was introduced
for directories to get BSD group inheritance bahaviour.
I would guess that the reason is to avoid to get g+s on directories by
accidence.

--



URL:  http://www.fokus.gmd.de/usr/schilling    ftp://ftp.fokus.gmd.de/pub/unix

 
 
 

mode 2770 Fails on solaris

Post by Casper H.S. Dik - Network Security Engine » Wed, 03 Nov 1999 04:00:00


[[ PLEASE DON'T SEND ME EMAIL COPIES OF POSTINGS ]]


>This has been true for about 12 years when the g+s feature was introduced
>for directories to get BSD group inheritance bahaviour.
>I would guess that the reason is to avoid to get g+s on directories by
>accidence.

More likely to prevent accidental removal; the reverse is probably for
symmetry.  (The UNIX98 standards leave this behaviour unspecified)

Casper
--
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.

 
 
 

mode 2770 Fails on solaris

Post by Volker Borche » Wed, 03 Nov 1999 04:00:00



|>
|> > /usr/local>chmod 2770 src
|> > ls -l |egrep src
|> > drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src
|> >
|> > What i want to see is "drwxrws---" to insure that all files
|>
|> ISTR a thread about this a while back.  I think the only option
|> was to use the symbolic method: chmod g+s src.

Or use GNU fileutils' chmod.

--



 
 
 

mode 2770 Fails on solaris

Post by Rich Tee » Wed, 03 Nov 1999 04:00:00



Quote:> Also remember that Solaris inherited a second meaning to the setgid bit
> from SysV - mandatory file locking, which you also don't want to
> accidently turn on or off.  (Of course, most people I know would happily

This is true, but I would hope that any sysadmin worth their salt would
check the file permissions before (and after) changing them, to avoid
this sort of problem.

--
Rich Teer

NT tries to do almost everything UNIX does, but fails - miserably.

The use of Windoze cripples the mind; its use should, therefore, be
regarded as a criminal offence.  (With apologies to Edsger W. Dijkstra)

If it ain't analogue, it ain't music.

Voice: +1 (250) 763-6205
WWW: www.rite-group.com

 
 
 

mode 2770 Fails on solaris

Post by Glenn.Crawf.. » Thu, 04 Nov 1999 04:00:00


Greetings,

    To do what you are after, you need to do a chmod g+s <dir> (not a chmod
2770 <dir>)

This is the "correct" (& only) way to put a sticky bit on a directory.

Strange but true.

Hope this helps.

Glenn Crawford.
Disclaimer: opinions expressed my own and not representative of my employers


> /usr/local>chmod 2770 src
> ls -l |egrep src
> drwxrwx---   4 root     xxxx        512 Sep  2 11:51 src

> What i want to see is "drwxrws---" to insure that all files
> created beneath this dir will retain the dir gid.
> Is there a fix for this?  Or do i need to handle this with
> some infantile method like a cron entry that executes chgrp GROUP {} \;
> on all the files?
> i am very surprised this is not working on Solaris
> (SunOS 5.6)
> Joe
> --
> Disclaimer: opinions expressed my own and not representative of my employers

 
 
 

mode 2770 Fails on solaris

Post by Urs Thuerman » Thu, 04 Nov 1999 04:00:00



Quote:> More likely to prevent accidental removal; the reverse is probably
> for symmetry.  (The UNIX98 standards leave this behaviour
> unspecified)

And GNU chmod lets you change the setgid bit on regular files and
directories using absolute mode.

urs

 
 
 

1. Abandoned 2770 graphics boards?

For reasons not worth going into here, I need to free up a bus
slot on a RS/6000 model 320H.  I have a 2781 High Performance
24 bit Grapics Processor board, which takes up two slots.  I'm
looking to buy a cheap, used 2770 Color Graphics Display
Adaptor for temporary use, since it only takes up one bus slot.
Anybody got one gathering dust that they'd like to unload
for a modest price?
        Chris Jacobsen
        Department of Physics
        SUNY at Stony Brook
        Stony Brook, NY 11794-3800
        (516) 632-8093 (FAX -8101)

2. YACC help!

3. Solaris 7 Korn Shell Prog fails when run in background mode

4. Keep a machine from pinging

5. Solaris 8 in 64 bit mode or 32 bit mode?

6. STB LightSpeed 128 (ET6000)

7. Solaris 10 (build 63) upgrade fails on Solaris 8 as well as Solaris 9 sparcs

8. losing space on Solaris filesystem

9. Solaris 2.5.1 installpatch failed, return code 5, pkgadd failed

10. Kernel 2.1.x fails to compile... and fails... and fails...

11. Wide 332Mhz node fails to boot in maintenance mode 888-102-700-0C5

12. XF86-4 fails to restore text mode

13. X Install Problem: "X startup failed, falling back to text mode" (Red Hat 6.2)