[Acl-Devel] SUID/SGID bits removed by setfacl --restore
Michael
acl_bestbits at spamblock.netzgehirn.de
Mon Nov 20 14:39:58 CET 2006
Hi all,
we use ACLs on a number of servers where files with extended ACLs are spreaded
all over the system. Since our current backup solution does not cover ACLs we
backup them via getfacl -R and restore them via setfacl --restore.
This works great, except that setfacl --restore seams to reset all
SUID/SGID-bits when restoring ACLs. Is this a desired behaviour??
In my opinion SUID/SGID-bits should either by saved and restored as well or
completely left alone. The current situation requires to backup/restore data,
backup/restore acls and then backup/restore SUID/SGID-bits.
Testcase:
$ touch testfile
$ chmod u+xs testfile
$ ls -la testfile
-rwsr--r-- 1 xx xx 0 Nov 20 14:28 testfile
$ getfacl testfile
# file: testfile
# owner: xx
# group: xx
user::rwx
group::r--
other::r--
$ getfacl testfile > acl_dump
$ setfacl --restore acl_dump
$ ls -la testfile
-rwxr--r-- 1 xx xx 0 Nov 20 14:28 testfile
best wishes,
Michael
More information about the acl-devel
mailing list