[Kolab-devel] [PATCH] better modes

Christoph Wickert wickert at kolabsys.com
Fri Jun 18 08:17:11 CEST 2010


On Thursday 17 June 2010 18:37:52 Richard Bos wrote:
> Op donderdag 17 juni 2010 13:40:10 schreef u:
> > On Thursday 17 June 2010 13:03:25 Thomas Arendsen Hein wrote:
> > > In other words: If mode 444 affects the usage of chown on your
> > > system, this is something special to your system, so you should tell
> > > us what it is.
> > 
> > On Debian Lenny:
> > chris at kolab-lenny:~$ touch something
> > chris at kolab-lenny:~$ chmod 444 something
> > chris at kolab-lenny:~$ chown kolab something
> > chown: Ändern des Eigentümers von „something“: Die Operation ist nicht
> > 
> >  erlaubt chris at kolab-lenny:~$ ls -l something
> > 
> > -r--r--r-- 1 chris chris 0 17. Jun 15:23 something
> > 
> > Same on Fedora:
> > [chris at laptop ~]$ touch something
> > [chris at laptop ~]$ chmod 444 something
> > [chris at laptop ~]$ chown apache something
> > chown: Ändern des Eigentümers von „something“: Die Operation ist nicht
> > 
> >  erlaubt [chris at laptop ~]$ ls -l something
> > 
> > -r--r--r--. 1 chris chris 0 17. Jun 13:13 something
> > 
> > Only root has CAP_CHOWN, not normal users.
> 
> What happens if you do:
> # touch this
> # chown apache this
> # ls -l this

[chris at laptop ~]$ touch this
[chris at laptop ~]$ LANG=C chown apache this
chown: changing ownership of `this': Operation not permitted
[chris at laptop ~]$ ls -l this
-rw-rw-r--. 1 chris chris 0 18. Jun 08:15 this

Unlike root I can only chown to groups that I'm member of.

Regards,
Christoph

-- 
Christoph Wickert
Senior Engineer

Kolab Systems AG
Zürich, Switzerland

e: wickert at kolabsys.com
t: +49 251 871 369 77
w: http://kolabsys.com

pgp: 85DACC63 Christoph Wickert
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.kolab.org/pipermail/devel/attachments/20100618/b00d9e47/attachment.sig>


More information about the devel mailing list