RE: cp -p error when directory security is modified from Windows

bug-coreutils
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: cp -p error when directory security is modified from Windows

From:	Greg Aloe
Subject:	RE: cp -p error when directory security is modified from Windows
Date:	Thu, 11 Aug 2005 19:21:03 -0400
Bob,

The strace commands seem to confirm what we already suspected.  If you
look at the output differences, the call to chown was permitted *after*
I mucked around on the Windows side.  This causes a subsequent
"operation not permitted" error when chmod is called.

Do you know of any other APIs I can use to probe the file attributes
that allow/deny changing ownership?

Thanks,
Greg

P.S. Here is the output of my strace + grep commands:

% strace -e trace=file -o ~/strace.good.out cp -p
/devel/A/nightly/matlabinternetfile.txt blah
% grep matlabinternetfile ~/strace.good.out
execve("/bin/cp", ["cp", "-p",
"/devel/A/nightly/matlabinternetfile.txt", "blah"], [/* 81 vars */]) = 0
stat("/devel/A/nightly/matlabinternetfile.txt", {st_mode=S_IFREG|0644,
st_size=20051, ...}) = 0
stat("blah/matlabinternetfile.txt", 0x7fbfffe820) = -1 ENOENT (No such
file or directory)
open("/devel/A/nightly/matlabinternetfile.txt", O_RDONLY) = 3
open("blah/matlabinternetfile.txt", O_WRONLY|O_CREAT, 0100644) = 4
utime("blah/matlabinternetfile.txt", [2005/08/11-00:03:20,
2003/10/15-10:48:47]) = 0
chown("blah/matlabinternetfile.txt", 106, 101) = -1 EPERM (Operation not
permitted)
listxattr("/devel/A/nightly/matlabinternetfile.txt", (nil), 0) = -1
EOPNOTSUPP (Operation not supported)
getxattr("/devel/A/nightly/matlabinternetfile.txt",
"system.posix_acl_access", 0x7fbfffe4d0, 132) = -1 EOPNOTSUPP (Operation
not supported)
setxattr("blah/matlabinternetfile.txt", "system.posix_acl_access",
0x50f7d0, 28, ) = -1 EOPNOTSUPP (Operation not supported)
chmod("blah/matlabinternetfile.txt", 0100644) = 0
% rm blah/matlabinternetfile.txt

NOW HERE IS WHERE I MUCK WITH THE SECURITY SETTING AND TRY AGAIN

% strace -e trace=file -o ~/strace.good.out cp -p
/devel/A/nightly/matlabinternetfile.txt blah
cp: setting permissions for `blah/matlabinternetfile.txt': Operation not
permitted
% grep matlabinternetfile ~/strace.good.out
execve("/bin/cp", ["cp", "-p",
"/devel/A/nightly/matlabinternetfile.txt", "blah"], [/* 81 vars */]) = 0
stat("/devel/A/nightly/matlabinternetfile.txt", {st_mode=S_IFREG|0644,
st_size=20051, ...}) = 0
stat("blah/matlabinternetfile.txt", 0x7fbfffe820) = -1 ENOENT (No such
file or directory)
open("/devel/A/nightly/matlabinternetfile.txt", O_RDONLY) = 3
open("blah/matlabinternetfile.txt", O_WRONLY|O_CREAT, 0100644) = 4
utime("blah/matlabinternetfile.txt", [2005/08/11-00:03:20,
2003/10/15-10:48:47]) = 0
chown("blah/matlabinternetfile.txt", 106, 101) = 0
listxattr("/devel/A/nightly/matlabinternetfile.txt", (nil), 0) = -1
EOPNOTSUPP (Operation not supported)
getxattr("/devel/A/nightly/matlabinternetfile.txt",
"system.posix_acl_access", 0x7fbfffe4d0, 132) = -1 EOPNOTSUPP (Operation
not supported)
setxattr("blah/matlabinternetfile.txt", "system.posix_acl_access",
0x50f7d0, 28, ) = -1 EOPNOTSUPP (Operation not supported)
chmod("blah/matlabinternetfile.txt", 0100644) = -1 EPERM (Operation not
permitted)
%



> -----Original Message-----
> From: Bob Proulx [mailto:address@hidden
> Sent: Friday, July 29, 2005 12:39 AM
> To: Greg Aloe
> Cc: address@hidden
> Subject: Re: cp -p error when directory security is modified from
Windows
> 
> Greg Aloe wrote:
> > > Okay.  (Is SunOS an NFS fileserver in your example?  You did not
say
> > > but I am guessing that is true.)
> >
> > I used the same directory (/home/galoe/trash/testdir) for each of my
> > tests on i686, x86_64, and Solaris.  So it is the same fileserver.
The
> > fileserver's file system is NTFS.
> 
> Hmm...  Does NTFS support UNIX permissions, user, group, other?  I did
> not think so.  In which case the emulation layer between NTFS and the
> unix filesystem will have to make up something to fill in the gaps.
> In general compromises will have to be made in that case and you just
> can't expect to have full functionality if the underlying filesystem
> does not support all of the same functionality.
> 
> > > Your word wrapping here is unfortunate and makes the examples hard
to
> > > follow.  In the future if you could make your examples verbatim it
> > > would be easier to read.  I needed to do a lot of trimming and
> > > *imagining* what it must have looked like to you.
> >
> > I sent my email in HTML format which should not have wrapped the
text.
> > I apologize that I didn't account for plain text viewers, but the
> > commands are simple, so there shouldn't be any ambiguous
possibilities.
> 
> HTML email is a controversial subject.  Generally it is better to
> avoid it on the technical lists as it is not appreciated by many on
> the 'net.
> 
> > No, there are no problems to this point.  I'm simply trying to show
how
> > things should look when I haven't yet touched the Windows security
> > settings.  The possible bug starts at this point forward.
> 
> Okay.  But if the problem is ms-windows security settings then you are
> doubly stuck.
> 
> > It is possible that the problem is caused by Windows, but why does
the
> > problem persist if the permissions of the directory haven't changed?
> > I'd like to reiterate that I didn't make any actual changes to the
> > Windows security settings.  I toggled a checkbox with no changes,
and
> > clicked "Apply".
> 
> I have no idea.  I try not to meddle in the affairs of NTFS, for it is
> subtle and quick to anger.  And because I don't have an NTFS system of
> any type.  So it is necessary for others to debug this.
> 
> > > >       [hostname:/home/galoe/trash]134 % cp -p
> > > > /devel/A/nightly/matlabinternetfile.txt testdir/
> > > >
> > > >       cp: setting permissions for
`testdir/matlabinternetfile.txt':
> > > > Operation not permitted
> 
> Try running strace on the cp binary and saving the output.  Then we
> can look at the system calls that cp is calling and the return values
> from them.
> 
>   strace -e trace=file -o /tmp/strace.out cp -p
> /devel/A/nightly/matlabinternetfile.txt testdir/
>   grep matlabinternetfile /tmp/strace.out
> 
> What output do you get?
> 
> When I do this on my machine with the following files (and so happens
> I get the following output.
> 
>   touch file1
>   mkdir a
>   strace -e trace=file -o /tmp/strace.out cp -p file1 file2
>   grep file1  /tmp/strace.out
> 
>   execve("/bin/cp", ["cp", "-p", "file1", "a/"], [/* 24 vars */]) = 0
>   stat64("file1", {st_mode=S_IFREG|0664, st_size=0, ...}) = 0
>   stat64("a/file1", 0xbffff8c0)           = -1 ENOENT (No such file or
> directory)
>   open("file1", O_RDONLY|O_LARGEFILE)     = 3
>   open("a/file1", O_WRONLY|O_CREAT|O_LARGEFILE, 0100664) = 4
>   utimes("a/file1", {1122611690, 0})      = -1 ENOSYS (Function not
> implemented)
>   utime("a/file1", [2005/07/28-22:34:50, 2005/07/28-22:34:45]) = 0
>   chown32("a/file1", 1000, 1000)          = 0
>   getxattr("file1", "system.posix_acl_access", 0xbffff630, 132) = -1
> EOPNOTSUPP (Operation not supported)
>   setxattr("a/file1", "system.posix_acl_access",
>
"\x02\x00\x00\x00\x01\x00\x06\x00\xff\xff\xff\xff\x04\x00\x06\x00\xff\xf
f\
> xff\xff \x00\x04\x00\xff\xff\xff\xff", 28, ) = -1 EOPNOTSUPP
(Operation
> not supported)
>   chmod("a/file1", 0100664)               = 0
> 
> > > Apparently you are running a security policy on that filesystem
which
> > > is different from the modern norm.  Normally you would not have
had
> > > permission to change the ownership of that file to user "batserve"
> > > because you are not that user.  But because it did allow you to
change
> > > the ownership then it no longer allowed you to change the
permissions
> > > because you did not own the file.  That is the source of the error
> > > message.
> >
> > This sounds like an accurate description of what's going on, and
maybe
> > our operating systems on these Linux/Solaris machines are working
> > differently, or are configured differently.  However, as I noted
before,
> > the operation worked correctly on the Linux machines before I
touched
> > the Windows side, even though Linux doesn't show any change in
> > permissions.  I know this should not be a Windows discussion, but it
can
> > be a filesystem discussion.  Is there something in the filesystem
that
> > might keep track of this Windows security (null) action, thus
allowing
> > me to suddenly change the ownership of the file on Linux?
> 
> What is the difference in strace output in the before and after cases?
> I expect that there will be differences.  The differences should point
> out what is happening.
> 
> Bob
[Prev in Thread]
Current Thread
[Next in Thread]
RE: cp -p error when directory security is modified from Windows, Greg Aloe <=
Prev by Date: Re: [patch] enhancement for "test -nt" to support nanosecond timestamps where available
Next by Date: Re: renameutils 0.6.0
Previous by thread: Re: [patch] enhancement for "test -nt" to support nanosecond timestamps where available
Next by thread: coreutils texi typo for mv --reply
Index(es):
- Date
- Thread