Bug 4639 - setgid bit not honored
Summary: setgid bit not honored
Alias: None
Product: CifsVFS
Classification: Unclassified
Component: kernel fs (show other bugs)
Version: 2.6
Hardware: x86 Linux
: P3 normal
Target Milestone: ---
Assignee: Jeff Layton
QA Contact:
Depends on:
Reported: 2007-05-18 12:30 UTC by David L. Parsley
Modified: 2009-07-26 08:37 UTC (History)
1 user (show)

See Also:


Note You need to log in before you can comment on or make changes to this bug.
Description David L. Parsley 2007-05-18 12:30:51 UTC
I've created a share to be used by both Windows and Linux clients.  For sharing purposes, many directories are setgid.  If I create a subdirectory with a Windows client, the setgid bit is appropriately set on the created directory; however, creating the subdirectory on a cifvfs mount on a Linux box, the setgid bit isn't set.  This is with the default 'nosetuids' option; using 'setuids' actually just makes things worse, since created files always have my primary gid.  If I create a  file and directory in a setgid directory, with both Windows and Linux clients, the results look like this:
[parsledl@joshu dptest]$ ls -Fla
total 16
drwxrwsr-x  4 parsledl ITDocs_Users 0 May 18 13:23 ./
drwxrwsr-x 88 apache   ITDocs_Users 0 May 18 13:20 ../
drwxrwxr-x  2 parsledl ITDocs_Users 0 May 18 13:20 lindir/
-rw-rw-r--  1 parsledl ITDocs_Users 0 May 18 13:20 lin.txt
drwxrwsr-x  2 parsledl ITDocs_Users 0 May 18 13:23 windir/
-rwxrw-r--  1 parsledl ITDocs_Users 0 May 18 13:23 win.txt*

Note that 'windir' has the 's' in group perms, and 'lindir' doesn't.  Note that I also created a Linux-specific share of the same directory, and I get the same results.  Here are the share definitions for Windows ([docs]) and Linux ([lindocs]):
# Allow group write on files & folders, needed for simple sharing (setgid)
   create mask = 7775
   directory mask = 7775
   path = /docs
   browseable = yes
   writable = yes
# Special version of the export for Linux clients
# Let the client umask determine perms
   create mask = 7777
   directory mask = 7777
   map archive = no
   case sensitive = yes
   delete readonly = yes
   ea support = yes
   path = /docs
   browseable = yes
   writable = yes
Comment 1 David L. Parsley 2007-05-18 12:53:36 UTC
Ah, right - versions!
Kernel: 2.6.20-1.2948.fc6 (w/ updated cifsvfs)

[parsledl@joshu dptest]$ cat /proc/fs/cifs/DebugData 
Display Internal CIFS Data Structures for Debugging
CIFS Version 1.48
Active VFS Requests: 0
1) Name:  Domain: JMUAD Mounts: 1 OS: Unix  
        NOS: Samba 3.0.10-1.4E.12.2     Capability: 0x80e3fd
        SMB session status: 1   TCP status: 1
        Local Users To Server: 1 SecMode: 0x3 Req On Wire: 0

1) \\sysdocs\lindocs Uses: 1 Type: NTFS DevInfo: 0x0 Attributes: 0x2b
PathComponentMax: 255 Status: 1 type: 0

samba-3.0.10-1.4E.12.2 (RHEL4)

If you think a newer cifsvfs will build in this kernel tree, I can try it (I just grabbed cifs from most recent stable).
Comment 2 David L. Parsley 2007-06-08 20:36:53 UTC
I've also tested this on Samba 3.2.23c (RHEL5) - same behavior.
Comment 3 Jeff Layton 2009-07-26 08:37:53 UTC
I believe this is now fixed, both upstream and in RHEL. Please reopen if it's not working with current releases (and post details about the version you tested?