[PVE-User] /usr/local permissions

Eneko Lacunza elacunza at binovo.es
Mon Feb 27 17:29:44 CET 2012 

Also, note that it's not the SETUID bit what is set, but SETGID, that on
a directory makes new files to have the same group as the directory:

http://en.wikipedia.org/wiki/Setuid#setuid_and_setgid_on_directories

Cheers

El lun, 27-02-2012 a las 17:25 +0100, Alain Péan escribió:
> Le 27/02/2012 15:02, Timh B a écrit :
> > I'm unsure if this question has been asked before, but today I noticed
> > that almost everything below /usr/local on the hardware-node has the
> > setuid-bit set, is this intentional or is it a miss-configuration? Most of
> > my debian-6 guests has these permissions as well, therefor I wanted to ask
> > before I removed all setuid bits.
> 
> Hi Tim,
> 
> You are right, I never noticed that, but it dose not seem to be related 
> to Proxmox-ve per se. It is also the case for one of my (physical) 
> machine, which was upgraded from Lenny to Squeeze (pure Debian) :
> lx-ape2:/usr/local# cat /etc/debian_version
> 6.0.3
> lx-ape2:/usr/local# ls -l
> total 28
> drwxrwsr-x 2 root staff 4096 12 nov.   2006 bin
> drwxrwsr-x 2 root staff 4096 12 nov.   2006 games
> drwxrwsr-x 2 root staff 4096 12 nov.   2006 include
> drwxrwsr-x 5 root staff 4096 29 nov.  22:07 lib
> lrwxrwxrwx 1 root staff    9 12 nov.   2006 man -> share/man
> drwxrwsr-x 2 root staff 4096 12 nov.   2006 sbin
> drwxrwsr-x 9 root staff 4096  3 janv. 22:15 share
> drwxrwsr-x 2 root staff 4096 12 nov.   2006 src
> 
> It is also curious that /usr/local belongs to the group staff. I don't 
> see this for example on an Ubuntu 10.04, or a CentOS, where /usr/local 
> belongs to root:root, and where there is no suid bit...
> 
> The same is true for 1.9, as well as 2.0, /usr/local folders have suid 
> bit and belong to staff group :
> srv-kvm1:/etc# pveversion
> pve-manager/1.9/6567
> 
> srv-kvm1:/usr/local# ls -l
> total 32
> drwxrwsr-x 2 root staff 4096 sep 29  2009 bin
> drwxrwsr-x 2 root staff 4096 sep 29  2009 etc
> drwxrwsr-x 2 root staff 4096 sep 29  2009 games
> drwxrwsr-x 2 root staff 4096 sep 29  2009 include
> drwxrwsr-x 3 root staff 4096 jan 30  2010 lib
> lrwxrwxrwx 1 root staff    9 oct 12  2009 man -> share/man
> drwxrwsr-x 2 root staff 4096 sep 29  2009 sbin
> drwxrwsr-x 4 root staff 4096 oct 12  2009 share
> drwxrwsr-x 2 root staff 4096 sep 29  2009 src
> 
> So perhaps something peculiar to Debian ?
> 
> And indeed, after a short research, it seems a debian policy :
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=538392
> 
> Alain
> _______________________________________________
> pve-user mailing list
> pve-user at pve.proxmox.com
> http://pve.proxmox.com/cgi-bin/mailman/listinfo/pve-user

-- 
Zuzendari Teknikoa / Director Técnico
Binovo IT Human Project, S.L.
Telf. 943575997
      943493611
Astigarraga bidea 2, planta 6 dcha., ofi. 3-2; 20180 Oiartzun (Gipuzkoa)
www.binovo.es

More information about the pve-user mailing list