From xggm@gamay.infenv.csee.uq.edu.au Sun Sep 12 21:52:34 1999
Return-Path: <xggm@gamay.infenv.csee.uq.edu.au>
Received: from gamay.infenv.csee.uq.edu.au (gamay.infenv.csee.uq.edu.au [130.102.65.126])
	by hub.freebsd.org (Postfix) with ESMTP id 0282014D9C
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 12 Sep 1999 21:52:23 -0700 (PDT)
	(envelope-from xggm@gamay.infenv.csee.uq.edu.au)
Received: (from root@localhost)
	by gamay.infenv.csee.uq.edu.au (8.9.3/8.9.2) id OAA38012;
	Mon, 13 Sep 1999 14:52:20 +1000 (EST)
	(envelope-from xggm)
Message-Id: <199909130452.OAA38012@gamay.infenv.csee.uq.edu.au>
Date: Mon, 13 Sep 1999 14:52:20 +1000 (EST)
From: George Michaelson <xggm@gamay.infenv.csee.uq.edu.au>
Reply-To: xggm@gamay.infenv.csee.uq.edu.au
To: FreeBSD-gnats-submit@freebsd.org
Subject: netatalk-1.4b2+asun2.1.3 fails chmod g+s calls in afpd
X-Send-Pr-Version: 3.2

>Number:         13714
>Category:       ports
>Synopsis:       netatalk-1.4b2+asun2.1.3 fails chmod g+s calls in afpd
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    stb
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun Sep 12 22:00:00 PDT 1999
>Closed-Date:    Wed Dec 27 21:08:44 PST 2000
>Last-Modified:  Wed Dec 27 21:10:01 PST 2000
>Originator:     George Michaelson
>Release:        FreeBSD 4.0-CURRENT i386
>Organization:
DSTC pty/ltd
>Environment:

FreeBSD gamay.infenv.csee.uq.edu.au 4.0-CURRENT FreeBSD 4.0-CURRENT #7: Wed Jul 28 15:15:48 EST 1999     ggm@shiraz.infenv.csee.uq.edu.au:/opt/src-current/sys/compile/SMP-MERLOT  i386

>Description:

Afpd wouldn't make a valid copy of a user directory with a log of:

	setdirmode: chmod .AppleDouble: Operation not permitted

I added printf/syslog code in etc/afpd/unix.c to see the real/effective
UID. the real uid is 0, but the effective uid is the <user> in question
and it seems that without group wheel perms, chmod g+s is not functional
	

>How-To-Repeat:

	

>Fix:
	
I added the obvious codefrags around the chmod calls to safe the
effective uid, seteuid(0) and then reset to the non-priv user.

the code now works. Interestingly, the chmod mask shows the directory
has S flags ie setgid with no execute. Looks to me like this code is
trying to set flags which are 'irrelevant' to the dircopy.

there is the comment in chmod about the ISUID flag in mount, but this
is a multi-user box so I can't do what the manual recommends for
samba/afp server class boxen.



>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: gnats-admin->freebsd-ports 
Responsible-Changed-By: steve 
Responsible-Changed-When: Mon Sep 13 17:38:53 PDT 1999 
Responsible-Changed-Why:  
Misfiled PR. 
Responsible-Changed-From-To: freebsd-ports->stb 
Responsible-Changed-By: mharo 
Responsible-Changed-When: Mon Oct 25 12:47:42 PDT 1999 
Responsible-Changed-Why:  
over to maintainer 
State-Changed-From-To: open->feedback 
State-Changed-By: kuriyama 
State-Changed-When: Fri Dec 22 20:35:11 PST 2000 
State-Changed-Why:  
And, what should we do about that?  Is there patch? 

http://www.freebsd.org/cgi/query-pr.cgi?pr=13714 
State-Changed-From-To: feedback->closed 
State-Changed-By: kuriyama 
State-Changed-When: Wed Dec 27 21:08:44 PST 2000 
State-Changed-Why:  
Mail to originator is bounced. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=13714 
>Unformatted:
