SUMMARY: setgid bit not setting

From: Christopher L. Barnard <cbar44_at_tsg.cbot.com>
Date: Wed Nov 22 2006 - 14:46:26 EST
I asked:

> I want to create a directory that is writable and readable by both owner and
> group.  It should be readable only by the world.  The directory should be
> sticky-bit: all files in that directory have the group designation of the
> directory even if that is not the primary group of the user writing.
>
> ! wwwqa1!!/opt/webserver/docs/cbot/docs >> mkdir traditional
> ! wwwqa1!!/opt/webserver/docs/cbot/docs >> chown vgnadmin traditional
> ! wwwqa1!!/opt/webserver/docs/cbot/docs >> chgrp cp-traditional traditional
> ! wwwqa1!!/opt/webserver/docs/cbot/docs >> chmod 02775 traditional
>
> Even with a chmod of 02775, the sticky bit is not enabled, though.
>
> ! wwwqa1!!/opt/webserver/docs/cbot/docs >> ls -lFd traditional
> drwxrwxr-x   2 vgnadmin cp-traditional     512 Nov 22 09:54 traditional/
>
> user vgnadmin is in group cp-traditional, and can write into the directory.
> But the file written by that user is not in group cp-traditional.  Its in
> vgnadmin's primary group.
>
> If I manually symbolically enable the sticky bit, it is set as I would
> expect:
>
> ! wwwqa1!!/opt/webserver/docs/cbot/docs >> chmod g+s traditional
> ! wwwqa1!!/opt/webserver/docs/cbot/docs >> ls -lFd traditional
> drwxrwsr-x   2 vgnadmin cp-traditional     512 Nov 22 09:54 traditional/
>
> user vgnadmin can still write in the traditional directory and the file
> now has the group cp-traditional, as I want.
>
> My question is why did I have to issue the second command "chmod g+s"?
> Shouldn't the "chmod 02775" done everything for me in one fell swoop?

The answer:

yes, I meant setgid bit, not sticky bit.  I need a better proofreader... ;^)
The answer is no.  From the man page:

     For directories, the setgid bit cannot be set  (or  cleared)
     in  absolute  mode;  it must be set (or cleared) in symbolic
     mode using g+s (or g-s).

Thanks to the many people who responded so quickly.

+-----------------------------------------------------------------------+
| Christopher L. Barnard         O     When I was a boy I was told that |
| cbarnard@tsg.cbot.com         / \    anybody could become president.  |
| (312) 347-4901               O---O   Now I'm beginning to believe it. |
| http://www.cs.uchicago.edu/~cbarnard                --Clarence Darrow |
+----------PGP public key available via finger or PGP keyserver---------+
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers
Received on Wed Nov 22 14:47:13 2006

This archive was generated by hypermail 2.1.8 : Thu Mar 03 2016 - 06:44:03 EST