[PVE-User] /usr/local permissions
Eneko Lacunza
elacunza at binovo.es
Mon Feb 27 17:29:44 CET 2012
Also, note that it's not the SETUID bit what is set, but SETGID, that on
a directory makes new files to have the same group as the directory:
http://en.wikipedia.org/wiki/Setuid#setuid_and_setgid_on_directories
Cheers
El lun, 27-02-2012 a las 17:25 +0100, Alain Péan escribió:
> Le 27/02/2012 15:02, Timh B a écrit :
> > I'm unsure if this question has been asked before, but today I noticed
> > that almost everything below /usr/local on the hardware-node has the
> > setuid-bit set, is this intentional or is it a miss-configuration? Most of
> > my debian-6 guests has these permissions as well, therefor I wanted to ask
> > before I removed all setuid bits.
>
> Hi Tim,
>
> You are right, I never noticed that, but it dose not seem to be related
> to Proxmox-ve per se. It is also the case for one of my (physical)
> machine, which was upgraded from Lenny to Squeeze (pure Debian) :
> lx-ape2:/usr/local# cat /etc/debian_version
> 6.0.3
> lx-ape2:/usr/local# ls -l
> total 28
> drwxrwsr-x 2 root staff 4096 12 nov. 2006 bin
> drwxrwsr-x 2 root staff 4096 12 nov. 2006 games
> drwxrwsr-x 2 root staff 4096 12 nov. 2006 include
> drwxrwsr-x 5 root staff 4096 29 nov. 22:07 lib
> lrwxrwxrwx 1 root staff 9 12 nov. 2006 man -> share/man
> drwxrwsr-x 2 root staff 4096 12 nov. 2006 sbin
> drwxrwsr-x 9 root staff 4096 3 janv. 22:15 share
> drwxrwsr-x 2 root staff 4096 12 nov. 2006 src
>
> It is also curious that /usr/local belongs to the group staff. I don't
> see this for example on an Ubuntu 10.04, or a CentOS, where /usr/local
> belongs to root:root, and where there is no suid bit...
>
> The same is true for 1.9, as well as 2.0, /usr/local folders have suid
> bit and belong to staff group :
> srv-kvm1:/etc# pveversion
> pve-manager/1.9/6567
>
> srv-kvm1:/usr/local# ls -l
> total 32
> drwxrwsr-x 2 root staff 4096 sep 29 2009 bin
> drwxrwsr-x 2 root staff 4096 sep 29 2009 etc
> drwxrwsr-x 2 root staff 4096 sep 29 2009 games
> drwxrwsr-x 2 root staff 4096 sep 29 2009 include
> drwxrwsr-x 3 root staff 4096 jan 30 2010 lib
> lrwxrwxrwx 1 root staff 9 oct 12 2009 man -> share/man
> drwxrwsr-x 2 root staff 4096 sep 29 2009 sbin
> drwxrwsr-x 4 root staff 4096 oct 12 2009 share
> drwxrwsr-x 2 root staff 4096 sep 29 2009 src
>
> So perhaps something peculiar to Debian ?
>
> And indeed, after a short research, it seems a debian policy :
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538392
>
> Alain
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user
--
Zuzendari Teknikoa / Director Técnico
Binovo IT Human Project, S.L.
Telf. 943575997
943493611
Astigarraga bidea 2, planta 6 dcha., ofi. 3-2; 20180 Oiartzun (Gipuzkoa)
www.binovo.es
More information about the pve-user
mailing list