On Wed, Jun 25, 2003 at 08:42:03AM +0200, Andreas Metzler scribbled:
> Marek Habersack <grendel@debian.org> wrote:
> > Running debuild as normal user under the 2.5.73+ kernel results in fakeroot
> > actually setting the file ownership to root (or any other uid/gid for that
> > matter).
> [...]
>
> Either there is a big misunderstanding or a big bug in 2.5.73+.
> Are you saying that using fakeroot I can actually do this?
I haven't tested it as I don't use quotas, but look at the relevant XFS
code:
if (restricted_chown &&
(iuid != uid || (igid != gid &&
!in_group_p((gid_t)gid))) &&
!capable(CAP_CHOWN)) {
code = XFS_ERROR(EPERM);
goto error_return;
}
/*
* Do a quota reservation only if uid or gid is actually
* going to change.
*/
if ((XFS_IS_UQUOTA_ON(mp) && iuid != uid) ||
(XFS_IS_GQUOTA_ON(mp) && igid != gid)) {
ASSERT(tp);
code = XFS_QM_DQVOPCHOWNRESV(mp, tp, ip, udqp, gdqp,
capable(CAP_FOWNER) ?
XFS_QMOPT_FORCE_RES : 0);
if (code) /* out of quota */
goto error_return;
}
So if restricted_chown is not in effect and the uid/gid change, the quota
ownership will be shifted to the new uid/gid.
> touch /tmp/breaking.alice.quota
> chmod 666 /tmp/breaking.alice.quota
> fakeroot chown alice /tmp/breaking.alice.quota
> cat < /dev/zero > /tmp/breaking.alice.quota
it would seem it really is possible. Just as is:
$ whoami
grendel
$ ls -ld .
drwxr-xr-x 2 grendel grendel 6 2003-06-25 11:28 .
$ mkdir test
$ ls -ld test
drwxr-xr-x 2 grendel grendel 6 2003-06-25 11:29 test
$ chown root:root test
$ ls -ld test
drwxr-xr-x 2 root root 6 2003-06-25 11:29 test
$ rm -r test
rm: remove write-protected directory test'? y
$ ls -ld test
ls: test: No such file or directory
regards,
marek
Attachment:
pgpatYoJk5Ivs.pgp
Description: PGP signature