From unknown Sat Aug 16 15:54:08 2025 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable MIME-Version: 1.0 X-Mailer: MIME-tools 5.509 (Entity 5.509) Content-Type: text/plain; charset=utf-8 From: bug#8527 <8527@debbugs.gnu.org> To: bug#8527 <8527@debbugs.gnu.org> Subject: Status: cp/mv in coreutils don't respect the default ACL of parent directories. Reply-To: bug#8527 <8527@debbugs.gnu.org> Date: Sat, 16 Aug 2025 22:54:08 +0000 retitle 8527 cp/mv in coreutils don't respect the default ACL of parent dir= ectories. reassign 8527 coreutils submitter 8527 crocket severity 8527 normal tag 8527 fixed thanks From debbugs-submit-bounces@debbugs.gnu.org Wed Apr 20 10:47:44 2011 Received: (at submit) by debbugs.gnu.org; 20 Apr 2011 14:47:44 +0000 Received: from localhost ([127.0.0.1] helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1QCYgx-0003zt-GW for submit@debbugs.gnu.org; Wed, 20 Apr 2011 10:47:44 -0400 Received: from eggs.gnu.org ([140.186.70.92]) by debbugs.gnu.org with esmtp (Exim 4.69) (envelope-from ) id 1QCYKO-0003SD-1y for submit@debbugs.gnu.org; Wed, 20 Apr 2011 10:24:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QCYKI-0007JJ-3U for submit@debbugs.gnu.org; Wed, 20 Apr 2011 10:24:18 -0400 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on eggs.gnu.org X-Spam-Level: X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, RFC_ABUSE_POST, T_DKIM_INVALID, T_TO_NO_BRKTS_FREEMAIL autolearn=unavailable version=3.3.1 Received: from lists.gnu.org ([140.186.70.17]:36770) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QCYKH-0007JC-VN for submit@debbugs.gnu.org; Wed, 20 Apr 2011 10:24:17 -0400 Received: from eggs.gnu.org ([140.186.70.92]:47257) by lists.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QCYKG-0002S2-TE for bug-coreutils@gnu.org; Wed, 20 Apr 2011 10:24:17 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1QCYKG-0007H1-0M for bug-coreutils@gnu.org; Wed, 20 Apr 2011 10:24:16 -0400 Received: from mail-ew0-f41.google.com ([209.85.215.41]:61035) by eggs.gnu.org with esmtp (Exim 4.71) (envelope-from ) id 1QCYKF-0007GN-OF for bug-coreutils@gnu.org; Wed, 20 Apr 2011 10:24:15 -0400 Received: by ewy9 with SMTP id 9so255735ewy.0 for ; Wed, 20 Apr 2011 07:24:14 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:date:message-id:subject:from:to :content-type; bh=qhMPuZ7qpsqpKCzTmof99iGDBPApvLrIY9s1pLhadXw=; b=AtpkgsK6GNs7pgE5aDSOkQFJ8O8E5OYV+ZZEI4Ie0UzdtySGB9wUgcbudthbDQxAlT A9fxqNse+AMbQm6MbVkhQKZdKVNY9aRLLE3ece7+0Ip+ddacTN4N+cgZG6Y29F2p1mes 3BUfmOECPpaVbJ0T90Zna7T7YgDRW6Ph7H3c8= DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:date:message-id:subject:from:to:content-type; b=jGjU+rrdGVnA4HnlP/W6yAZ+aUV1tR/QaGRWEwztSVxF+XDLTGKj3Q9t32xIlEpxj6 0KTiEIjwu7NgCoLcxTWlIFIcsgaZel75eusyC7AvNcea321ldoeFGPqtejHmbOX6P1tw gZ3UBl4bsSsteofbnVHamTwUwoffyx2vpgIn0= MIME-Version: 1.0 Received: by 10.213.14.129 with SMTP id g1mr302282eba.93.1303309454114; Wed, 20 Apr 2011 07:24:14 -0700 (PDT) Received: by 10.213.7.132 with HTTP; Wed, 20 Apr 2011 07:24:14 -0700 (PDT) Date: Wed, 20 Apr 2011 23:24:14 +0900 Message-ID: Subject: cp/mv in coreutils don't respect the default ACL of parent directories. From: crocket To: bug-coreutils@gnu.org Content-Type: text/plain; charset=ISO-8859-1 X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 2) X-detected-operating-system: by eggs.gnu.org: GNU/Linux 2.6 (newer, 3) X-Received-From: 140.186.70.17 X-Spam-Score: -5.9 (-----) X-Debbugs-Envelope-To: submit X-Mailman-Approved-At: Wed, 20 Apr 2011 10:47:42 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.11 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: debbugs-submit-bounces@debbugs.gnu.org Errors-To: debbugs-submit-bounces@debbugs.gnu.org X-Spam-Score: -5.9 (-----) I copied a file into a directory whose default ACL entries were d:u::rwx, d:g::rwx, d:o::rx. The original file's permission was 775. The copied file's permission should have been 664 if default ACL was respected. But the copied file's permission was 775, which is the same as the original file. The same happens with mv. It seems like a bug. I want every copied/moved file to respect default ACL by default. From debbugs-submit-bounces@debbugs.gnu.org Fri Oct 03 11:12:40 2014 Received: (at 8527) by debbugs.gnu.org; 3 Oct 2014 15:12:40 +0000 Received: from localhost ([127.0.0.1]:60451 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xa4X9-00089m-N7 for submit@debbugs.gnu.org; Fri, 03 Oct 2014 11:12:40 -0400 Received: from smtp6-g21.free.fr ([212.27.42.6]:4198) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XZxFs-0007tu-Va for 8527@debbugs.gnu.org; Fri, 03 Oct 2014 03:26:22 -0400 Received: from zimbra62-e11.priv.proxad.net (unknown [172.20.243.212]) by smtp6-g21.free.fr (Postfix) with ESMTP id 7472C82325 for <8527@debbugs.gnu.org>; Fri, 3 Oct 2014 09:25:44 +0200 (CEST) Date: Fri, 3 Oct 2014 09:26:19 +0200 (CEST) From: f0rhum@free.fr To: 8527@debbugs.gnu.org Message-ID: <1223212862.147110246.1412321179641.JavaMail.root@zimbra62-e11.priv.proxad.net> In-Reply-To: <1909807853.147104821.1412321032868.JavaMail.root@zimbra62-e11.priv.proxad.net> Subject: Re: cp/mv in coreutils don't respect the default ACL of parent MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [88.170.160.103] X-Mailer: Zimbra 7.2.0-GA2598 (ZimbraWebClient - FF3.0 (Linux)/7.2.0-GA2598) X-Authenticated-User: f0rhum@free.fr X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 8527 X-Mailman-Approved-At: Fri, 03 Oct 2014 11:12:38 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) I can confirm. Tests show that the parent folder ACL "Default mask" is not inherited as the ACL "Access mask" of the file|dir created by cp|mv. From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 07 06:09:59 2014 Received: (at 8527) by debbugs.gnu.org; 7 Oct 2014 10:09:59 +0000 Received: from localhost ([127.0.0.1]:36190 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XbRiQ-0003sH-83 for submit@debbugs.gnu.org; Tue, 07 Oct 2014 06:09:58 -0400 Received: from ishtar.tlinx.org ([173.164.175.65]:37178 helo=Ishtar.hs.tlinx.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XbRiM-0003s8-Nb for 8527@debbugs.gnu.org; Tue, 07 Oct 2014 06:09:55 -0400 Received: from [192.168.4.12] (Athenae [192.168.4.12]) by Ishtar.hs.tlinx.org (8.14.7/8.14.4/SuSE Linux 0.8) with ESMTP id s97A8sSx073916; Tue, 7 Oct 2014 03:08:58 -0700 Message-ID: <5433BBB6.6000701@tlinx.org> Date: Tue, 07 Oct 2014 03:08:54 -0700 From: "Linda A. Walsh" User-Agent: Thunderbird MIME-Version: 1.0 To: f0rhum@free.fr Subject: Re: bug#8527: cp/mv in coreutils don't respect the default ACL of parent References: <1223212862.147110246.1412321179641.JavaMail.root@zimbra62-e11.priv.proxad.net> In-Reply-To: <1223212862.147110246.1412321179641.JavaMail.root@zimbra62-e11.priv.proxad.net> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 8527 Cc: 8527@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) f0rhum@free.fr wrote: > I can confirm. Tests show that the parent folder ACL "Default mask" is not inherited as the ACL "Access mask" of the file|dir created by cp|mv. > What file system and core utils are you using? Are you using a file system that has alternate user-data forks or extended attributes that have them included by default? Or are you using a file system where they were added on as a super-user control'd option? Have you tried copying them as root? The reason I ask, is that I just tried it and it appears to work: 1) First the dir: > cd /tmp > llg -d /tmp drwxrwxrwt 25 root root 8192 Oct 7 02:21 /tmp/ > lsacl /tmp [u::rwx,g::rwx,o::rwx] /tmp #default ACL from mode bits 2) Create file with 'touch' > touch x # new file Ishtar:/tmp> llg x -rw-rw-r-- 1 law lawgroup 0 Oct 7 02:26 x > lsacl [u::rw-,g::rw-,o::r--] x #default ACL ---- 3) now I'll copy in a *directory* that has both types of ACL's on it, but not specifying that any permissions be copied: > ll -d /Media/Library/_artwork/test #source drwxrwsr-x+ 2 10 Oct 7 02:33 /Media/Library/_artwork/test/ Ishtar:/tmp> lsacl /Media/Library/_artwork/test [u::rwx,u:Media:rwx,g::rwx,g:Media:rwx,m::rwx,o::r-x/u::rwx,u:Media:rwx,g::rwx,g:Media:rwx,m::rwx,o::r-x] /Media/Library/_artwork/test (note, 2nd acl is default dir (lsacl uses "chacl -l") Ishtar:/tmp> 'cp' -r /Media/Library/_artwork/test . #recursive to tmp Ishtar:/tmp> llg -d test drwxrwxr-x 2 law lawgroup 6 Oct 7 02:34 test/ Ishtar:/tmp> lsacl test #no attr indicated [u::rwx,g::rwx,o::r-x] test #default ACL shown ---- So far all seems fine. 4) Now lets copy the perms too: Ishtar:/tmp> rd test Ishtar:/tmp> 'cp' -a /Media/Library/_artwork/test . Ishtar:/tmp> llg -d test drwxrwsr-x+ 2 law Media 6 Oct 7 02:33 test/ Ishtar:/tmp> lsacl test #same ACL as source [u::rwx,u:Media:rwx,g::rwx,g:Media:rwx,m::rwx,o::r-x/u::rwx,u:Media:rwx,g::rwx,g:Media:rwx,m::rwx,o::r-x] test 5) create file in that dir: Ishtar:/tmp> cd test Ishtar:/tmp/test> touch touched_file Ishtar:/tmp/test> llg touched_file -rw-rw-r--+ 1 law Media 0 Oct 7 02:42 touched_file Ishtar:/tmp/test> lsacl touched_file [u::rw-,u:Media:rwx,g::rwx,g:Media:rwx,m::rw-,o::r--] touched_file --- File has expected inherited ACL. 6) Now ... lets use cp to copy a file w/o acls in: (first create normal file under /tmp): > echo "perm test">/tmp/perm.txt Ishtar:/tmp/test> llg /tmp/perm.txt -rw-rw-r-- 1 law lawgroup 10 Oct 7 02:59 /tmp/perm.txt Ishtar:/tmp/test> lsacl /tmp/perm.txt [u::rw-,g::rw-,o::r--] /tmp/perm.txt > 'cp' /tmp/perm.txt . Ishtar:/tmp/test> llg perm.txt -rw-rw-r--+ 1 law Media 10 Oct 7 03:01 perm.txt Ishtar:/tmp/test> lsacl perm.txt [u::rw-,u:Media:rwx,g::rwx,g:Media:rwx,m::rw-,o::r--] perm.txt ---- 8) Looks the same to me...However, check this out: Ishtar:/tmp/test> rm perm.txt Ishtar:/tmp/test> cp /tmp/perm.txt . Ishtar:/tmp/test> llg /tmp/perm.txt -rw-rw-r-- 1 law lawgroup 10 Oct 7 02:59 /tmp/perm.txt Ishtar:/tmp/test> lsacl perm.txt No acl this time, but same copy...or was it? Note I was careful to use 'cp' most of the time when copying except this last time, cuz: > alias cp alias cp='cp --preserve=mode,timestamps' my normal cp is an alias -- that says to preserve the mode. It wouldn't be able to do that if it allowed the default ACL to be set on the file. -------------- So, I don't know if this is related to your problem, but cp appears to be working correctly here filesystem = xfs (acls are always on as they came with the filesystem). kernel= Linux Ishtar 3.16.2-Isht-Van #1 SMP PREEMPT Tue Sep 9 18:26:43 PDT 2014 x86_64 x86_64 x86_64 GNU/Linux ================================== If this was any help -- great, if it was an annoyance, just delete it and I can claim my dog ate my keyboard... (funny things come out of dogs stomachs.... ;-))... From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 07 16:05:16 2014 Received: (at 8527) by debbugs.gnu.org; 7 Oct 2014 20:05:16 +0000 Received: from localhost ([127.0.0.1]:36929 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xbb0V-0002zp-6E for submit@debbugs.gnu.org; Tue, 07 Oct 2014 16:05:16 -0400 Received: from smtp6-g21.free.fr ([212.27.42.6]:6333) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xbb0S-0002zg-F3 for 8527@debbugs.gnu.org; Tue, 07 Oct 2014 16:05:13 -0400 Received: from zimbra62-e11.priv.proxad.net (unknown [172.20.243.212]) by smtp6-g21.free.fr (Postfix) with ESMTP id 11243822CA for <8527@debbugs.gnu.org>; Tue, 7 Oct 2014 22:04:24 +0200 (CEST) Date: Tue, 7 Oct 2014 22:05:10 +0200 (CEST) From: f0rhum@free.fr To: 8527@debbugs.gnu.org Message-ID: <431843104.160104485.1412712310480.JavaMail.root@zimbra62-e11.priv.proxad.net> In-Reply-To: <1223212862.147110246.1412321179641.JavaMail.root@zimbra62-e11.priv.proxad.net> Subject: Re: cp/mv in coreutils don't respect the default ACL of parent MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [88.170.160.103] X-Mailer: Zimbra 7.2.0-GA2598 (ZimbraWebClient - FF3.0 (Linux)/7.2.0-GA2598) X-Authenticated-User: f0rhum@free.fr X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 8527 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) Thank you Linda for extensive answer. Just an additional info before I reply your questions: for my own tests I didn't use /tmp as target because the sticky bit could do something special (not sure). Instead I used /srv/test that I chown me:writers , set chmod -R u:rwX,g:srwX then setfacl --set as needed all this as root. The goal being having a group writers rwX, another group readers with rX on the tree and o:---, and ignore source perms if any. > What file system and core utils are you using? My target file system is ext4 (default mount options include acl and user_xattr , coreutils is 8.21 & kernel is 3.13.0-36-generic #63-Ubuntu SMP Wed Sep 3 21:30:07 UTC 2014 x86_64 GNU/Linux with embedded acl support out of the box). > Are you using a file system that has alternate user-data forks > or extended attributes that have them included by default? > Or are you using a file system where they were added on as a super-user > control'd option? Have you tried copying them as root? I know this: from local, umask=0002 from ssh, umask=0022 no cp aliases, I just need/use the default, i.e. do-not-preserve-perms All my tests below are run locally. So I wrote a script that echoes each line: sudo ~/acl.sh 0 mkdir -pv /srv/test 0 setfacl -bk /srv/test 0 rm -rf /srv/test/* ownership of /srv/test was kept as me:writers 0 chown -Rv me:writers /srv/test mode of /srv/test/ was changed from 2770 (rwxrws---) to 0000 (---------) 0 (removed all bits) mode of /srv/test/ was changed from 0000 (---------) to 2770 (rwxrws---) 0 chmod -Rv u+rwX,g+srwX /srv/test 0 setfacl -R --set d:u::rwx,d:g::rwx,d:g:writers:rwx,d:u:reader:rx,d:g:reader:rx,d:o::---,d:m::rwx /srv/test getfacl: remove first "/" out of absolute path names # file: srv/test USER me rwx rwx user reader r-x GROUP writers rwx rwx group reader r-x group writers rwx mask rwx other --- --- 0 setfacl -R --set u::rwX,g::rwX,u:reader:rX,g:writers:rwX,g:reader:rx,o::---,m::rwX /srv/test getfacl: remove first "/" out of absolute path names # file: srv/test USER me rwx rwx user reader r-x r-x GROUP writers rwx rwx group reader r-x r-x group writers rwx rwx mask rwx rwx other --- --- ****So at the moment this last command shows all is alright**** **** Now, let's copy **** me@pc:/srv$ cp -r /media/me/USPEED/200402/ /srv/test me@pc:/srv$ getfacl -t /srv/test/200402/ getfacl: remove first "/" out of absolute path names # file: srv/test/200402/ USER me rwx rwx user reader R-X r-x GROUP writers RWX rwx group reader R-X r-x group writers RWX rwx mask --- rwx other --- --- ***problems begin: defaults ACL are kept OK (right perm column, *** ***but Access ACL are lost (capitalized in left column by -t are the denied perms because mask is lost, do not confuse with cap X in chmod)*** ***only file owner can traverse, nobody else can)*** me@pc:/srv$ getfacl -t /srv/test/200402/P2220368.JPG getfacl: remove first "/" out of absolute path names # file: srv/test/200402/P2220368.JPG USER me rw- user reader r-X GROUP writers rWX group reader r-X group writers rWX mask r-- other --- *** Here one see writers lost the write perm, and reader could read if only he could traverse above*** Do the same by creation: me@pc:/srv$ mkdir test/handdir me@pc:/srv$ touch test/handdir/file me@pc:/srv$ getfacl -Rt test/handdir/ # file: test/handdir/ USER me rwx rwx user reader r-x r-x GROUP writers rwx rwx group reader r-x r-x group writers rwx rwx mask rwx rwx other --- --- # file: test/handdir//file USER me rw- user reader r-X GROUP writers rwX group reader r-X group writers rwX mask rw- other --- ***all is OK this way*** > The reason I ask, is that I just tried it and it appears to work: > 1) First the dir: > > cd /tmp > > llg -d /tmp > drwxrwxrwt 25 root root 8192 Oct 7 02:21 /tmp/ > > lsacl /tmp > [u::rwx,g::rwx,o::rwx] /tmp #default ACL from mode bits > > 2) Create file with 'touch' > > touch x # new file > Ishtar:/tmp> llg x > -rw-rw-r-- 1 law lawgroup 0 Oct 7 02:26 x > > lsacl > [u::rw-,g::rw-,o::r--] x #default ACL > ---- > 3) now I'll copy in a *directory* that has both types of ACL's on it, but > not specifying that any permissions be copied: > > > ll -d /Media/Library/_artwork/test #source > drwxrwsr-x+ 2 10 Oct 7 02:33 /Media/Library/_artwork/test/ > Ishtar:/tmp> lsacl /Media/Library/_artwork/test > [u::rwx,u:Media:rwx,g::rwx,g:Media:rwx,m::rwx, > o::r-x/u::rwx,u:Media:rwx, > g::rwx, g:Media:rwx,m::rwx,o::r-x] > /Media/Library/_artwork/test > (note, 2nd acl is default dir (lsacl uses "chacl -l") > Ishtar:/tmp> 'cp' -r /Media/Library/_artwork/test . #recursive to tmp > Ishtar:/tmp> llg -d test > drwxrwxr-x 2 law lawgroup 6 Oct 7 02:34 test/ > Ishtar:/tmp> lsacl test #no attr indicated > [u::rwx,g::rwx,o::r-x] test #default ACL shown > ---- > So far all seems fine. > > 4) Now lets copy the perms too: > Ishtar:/tmp> rd test > Ishtar:/tmp> 'cp' -a /Media/Library/_artwork/test . > Ishtar:/tmp> llg -d test > drwxrwsr-x+ 2 law Media 6 Oct 7 02:33 test/ > Ishtar:/tmp> lsacl test #same ACL as source > [u::rwx,u:Media:rwx,g::rwx,g:Media:rwx, > m::rwx,o::r-x/u::rwx,u:Media:rwx,g::rwx, > g:Media:rwx,m::rwx,o::r-x] > test > 5) create file in that dir: > Ishtar:/tmp> cd test > Ishtar:/tmp/test> touch touched_file > Ishtar:/tmp/test> llg touched_file > -rw-rw-r--+ 1 law Media 0 Oct 7 02:42 touched_file > Ishtar:/tmp/test> lsacl touched_file > [u::rw-,u:Media:rwx,g::rwx,g:Media:rwx,m::rw-,o::r--] touched_file > --- > File has expected inherited ACL. > 6) Now ... lets use cp to copy a file w/o acls in: > (first create normal file under /tmp): > > > echo "perm test">/tmp/perm.txt > Ishtar:/tmp/test> llg /tmp/perm.txt > -rw-rw-r-- 1 law lawgroup 10 Oct 7 02:59 /tmp/perm.txt > Ishtar:/tmp/test> lsacl /tmp/perm.txt > [u::rw-,g::rw-,o::r--] /tmp/perm.txt > > 'cp' /tmp/perm.txt . > Ishtar:/tmp/test> llg perm.txt > -rw-rw-r--+ 1 law Media 10 Oct 7 03:01 perm.txt > Ishtar:/tmp/test> lsacl perm.txt > [u::rw-,u:Media:rwx,g::rwx,g:Media:rwx,m::rw-,o::r--] perm.txt > > ---- > 8) Looks the same to me...However, check this out: > > Ishtar:/tmp/test> rm perm.txt > Ishtar:/tmp/test> cp /tmp/perm.txt . > Ishtar:/tmp/test> llg /tmp/perm.txt > -rw-rw-r-- 1 law lawgroup 10 Oct 7 02:59 /tmp/perm.txt > Ishtar:/tmp/test> lsacl perm.txt > > No acl this time, but same copy...or was it? > > Note I was careful to use 'cp' most of the time when copying except > this last time, cuz: > alias cp > alias cp='cp --preserve=mode,timestamps' > > my normal cp is an alias -- that says to preserve the mode. > It wouldn't be able to do that if it allowed the default ACL > to be set on the file. > -------------- > So, I don't know if this is related to your problem, but > cp appears to be working correctly here > filesystem = xfs (acls are always on as they came with the filesystem). > kernel= > > Linux Ishtar 3.16.2-Isht-Van #1 SMP PREEMPT Tue Sep 9 18:26:43 PDT 2014 > x86_64 x86_64 x86_64 GNU/Linux From debbugs-submit-bounces@debbugs.gnu.org Tue Oct 07 21:07:48 2014 Received: (at 8527) by debbugs.gnu.org; 8 Oct 2014 01:07:48 +0000 Received: from localhost ([127.0.0.1]:37089 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XbfjH-00029w-Sq for submit@debbugs.gnu.org; Tue, 07 Oct 2014 21:07:48 -0400 Received: from ishtar.tlinx.org ([173.164.175.65]:43795 helo=Ishtar.hs.tlinx.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1XbfjF-00029m-ER for 8527@debbugs.gnu.org; Tue, 07 Oct 2014 21:07:46 -0400 Received: from [192.168.4.12] (Athenae [192.168.4.12]) by Ishtar.hs.tlinx.org (8.14.7/8.14.4/SuSE Linux 0.8) with ESMTP id s9816jkZ035670; Tue, 7 Oct 2014 18:06:48 -0700 Message-ID: <54348E25.8090309@tlinx.org> Date: Tue, 07 Oct 2014 18:06:45 -0700 From: Linda Walsh User-Agent: Thunderbird MIME-Version: 1.0 To: bug-coreutils@gnu.org Subject: Re: bug#8527: cp/mv in coreutils don't respect the default ACL of parent References: <1223212862.147110246.1412321179641.JavaMail.root@zimbra62-e11.priv.proxad.net> <5433BBB6.6000701@tlinx.org> In-Reply-To: <5433BBB6.6000701@tlinx.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Score: -0.0 (/) X-Debbugs-Envelope-To: 8527 Cc: 8527@debbugs.gnu.org X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.0 (/) Sorry, I didn't forward this to the right list... The user data / extended attribute forks are where linux store the ACL's. ext4 should be configurable to do what you want to do, but I haven't personally used it -- but I understand it has similar functionality as xfs. The process umask is a masking off of privs/permissions one sets on a normal file (ACL's aside). It affects the permission bits on the file So if your umask was 077, then you open a file for rwx rwx rwx, it would mask off group and other allowing the permissions to be 700 or rwx, --- ---. (I might have the order backwards, but it's the standard order you see in ls with numeric permissions)...Your umask will affect your file mode creation, but it depends on what flags you use when you use 'cp' -- which is one of the main points of my "detail"... after everything was shown to be working correctly in my case, a setting I have in an "alias" to my "cp" would have over-ridden any other settings and made it look like 'cp' ignored directory ACL or (sounds like you might be talking group-owner ship -- of a dir -- or are you talking both). Really, I'm not a member of the core utils devel group, so I really prefer you send your answers and questions there, as they'll catch alot more things than I would -- I was just showing an example of how your setting can override everything you think you are setting -- so you'll need to provide more detail about what your umask is, (type umask at prompt to see), and whether or not you have any aliases or ENV vars in effect that could alter things. If you can give an exact formula along the lines of what I did to demonstrate your problem, that will help the developers the most. The detail I gave was only to show how things you don't think of may be affecting you and to be sure to check for them. I'm cc'ing the list on my reply, but leaving your email off of it, so if you want to ask them if they need more information that's fine... otherwise, write down the exact commands you typed and your environment, to repeat it.. (umask included). If you want to use my lsacl script.. it's a trivial build on top of the chacl program. But please post to the list so everyone can be on the same page.... ----lsacl script ---- more lsacl #!/bin/bash acllen=0 for fn in "$@"; do out="$(chacl -l "$fn")" qfn=$(printf "%q " "$fn") perm="${out#$qfn}" thislen=${#perm} if ((thislen>acllen)); then acllen=$thislen; fi printf "%-${acllen}s %s\n" "$perm" "$fn" done ===================================== Very trivial... but allowed me to look at multiple files at a time... IF you can give a recipe or script that duplicates the problem you saw, that would be the best way to move this bug along (toward cockpit error or new special case found!). Best of luck either way! From debbugs-submit-bounces@debbugs.gnu.org Wed Oct 08 05:57:13 2014 Received: (at 8527) by debbugs.gnu.org; 8 Oct 2014 09:57:13 +0000 Received: from localhost ([127.0.0.1]:37407 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xbnzc-0000sG-U4 for submit@debbugs.gnu.org; Wed, 08 Oct 2014 05:57:13 -0400 Received: from smtp6-g21.free.fr ([212.27.42.6]:26057) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Xbnza-0000s8-RG for 8527@debbugs.gnu.org; Wed, 08 Oct 2014 05:57:11 -0400 Received: from zimbra62-e11.priv.proxad.net (unknown [172.20.243.212]) by smtp6-g21.free.fr (Postfix) with ESMTP id B41F28233C for <8527@debbugs.gnu.org>; Wed, 8 Oct 2014 11:56:21 +0200 (CEST) Date: Wed, 8 Oct 2014 11:57:08 +0200 (CEST) From: f0rhum@free.fr To: 8527@debbugs.gnu.org Message-ID: <74333694.161477726.1412762228661.JavaMail.root@zimbra62-e11.priv.proxad.net> In-Reply-To: <431843104.160104485.1412712310480.JavaMail.root@zimbra62-e11.priv.proxad.net> Subject: Re: cp/mv in coreutils don't respect the default ACL of parent MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Originating-IP: [88.170.160.103] X-Mailer: Zimbra 7.2.0-GA2598 (ZimbraWebClient - FF3.0 (Linux)/7.2.0-GA2598) X-Authenticated-User: f0rhum@free.fr X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 8527 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) And creations in the copied dir are OK: Here the ~faulty~ acl for memory: # file: srv/test/200402/ USER me rwx rwx user reader R-X r-x GROUP writers RWX rwx group reader R-X r-x group writers RWX rwx mask --- rwx other --- --- Then creations me@pc:/srv$ mkdir test/200402/dir me@pc:/srv$ touch test/200402/dir/file me@pc:/srv$ getfacl -Rt test/200402/dir # file: test/200402/dir USER me rwx rwx user reader r-x r-x GROUP writers rwx rwx group reader r-x r-x group writers rwx rwx mask rwx rwx other --- --- # file: test/200402/dir/file USER me rw- user reader r-X GROUP writers rwX group reader r-X group writers rwX mask rw- other --- Are OK regard to the parent's correct "Default mask", but only me as the USER can do this because other writers lost rwx on parent copy (200402 dir) From debbugs-submit-bounces@debbugs.gnu.org Sat Apr 11 13:03:31 2015 Received: (at 8527) by debbugs.gnu.org; 11 Apr 2015 17:03:31 +0000 Received: from localhost ([127.0.0.1]:53356 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Ygyoc-0004je-7n for submit@debbugs.gnu.org; Sat, 11 Apr 2015 13:03:30 -0400 Received: from mail-qk0-f173.google.com ([209.85.220.173]:33813) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1Ygt8Q-0000fE-HA for 8527@debbugs.gnu.org; Sat, 11 Apr 2015 06:59:35 -0400 Received: by qkgx75 with SMTP id x75so74039698qkg.1 for <8527@debbugs.gnu.org>; Sat, 11 Apr 2015 03:59:29 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:from:date:message-id:subject:to:content-type; bh=PDG9k9Ww00fAFeyEH7vDPjUAhca+sQbmKLGJX4NPISw=; b=L97NWK89tJafzd3N1tlg40p87XmtxVX6nOSZMLSSrOhSqf0kBUVW672BfORO6rIU6j SHwU8ytLgEdbea/ROcv8Vfdh43drCvI7UdmBOn+ff+WnIGdclhxoDLLuo9kZvdxTxIQO orK04uArURqlyMN07S/xZaxS9PBgbvC6xTLpSzIDlQvejQovqXKDy6sX6+5sT+6nOjPD d7PLvTZSrjUeMDqgip3Ejy27h4Tye1n+iRXziDfFoMNk6xLcb32aaWmQAxJOqLxHYBYg jllw23gPld/xAWC7cyQpHCnsPqVmWW+GnPM1bkisdtXuEL2XrixiK2FEJpB1LXfuGcnZ uWLA== X-Received: by 10.55.17.21 with SMTP id b21mr10874937qkh.71.1428749968255; Sat, 11 Apr 2015 03:59:28 -0700 (PDT) MIME-Version: 1.0 From: Dolf Andringa Date: Sat, 11 Apr 2015 10:59:27 +0000 Message-ID: Subject: Any updates on this? To: 8527@debbugs.gnu.org Content-Type: multipart/alternative; boundary=001a113fe0fe54c3f7051370c631 X-Spam-Score: -0.7 (/) X-Debbugs-Envelope-To: 8527 X-Mailman-Approved-At: Sat, 11 Apr 2015 13:03:28 -0400 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: -0.7 (/) --001a113fe0fe54c3f7051370c631 Content-Type: text/plain; charset=UTF-8 Hey All, Many people on the internet seem to have stumbled across this bug, so much so that the ubuntu docs on https://help.ubuntu.com/community/FilePermissionsACLs even report that ACL's are rendered ineffective due to this bug in coreutils (cp/mv). I have run across this bug as well, which is very annoying in a shared environment with multiple users in different groups using the same resources. Is there any chance this bug will ever be fixed or is maintenance on ACL's or coreutils not happening? Regards, Dolf. --001a113fe0fe54c3f7051370c631 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
Hey All,

Many people on the internet se= em to have stumbled across this bug, so much so that the ubuntu docs on https://help= .ubuntu.com/community/FilePermissionsACLs even report that ACL's ar= e rendered ineffective due to this bug in coreutils (cp/mv). I have run acr= oss this bug as well, which is very annoying in a shared environment with m= ultiple users in different groups using the same resources. Is there any ch= ance this bug will ever be fixed or is maintenance on ACL's or coreutil= s not happening?
Regards,

Dolf.
--001a113fe0fe54c3f7051370c631-- From debbugs-submit-bounces@debbugs.gnu.org Sun Apr 12 05:47:35 2015 Received: (at 8527) by debbugs.gnu.org; 12 Apr 2015 09:47:35 +0000 Received: from localhost ([127.0.0.1]:53652 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YhEUI-0004Dj-Vk for submit@debbugs.gnu.org; Sun, 12 Apr 2015 05:47:35 -0400 Received: from mout.kundenserver.de ([212.227.126.187]:49271) by debbugs.gnu.org with esmtp (Exim 4.80) (envelope-from ) id 1YhEUF-0004DS-QJ for 8527@debbugs.gnu.org; Sun, 12 Apr 2015 05:47:32 -0400 Received: from [192.168.1.10] ([217.86.67.46]) by mrelayeu.kundenserver.de (mreue003) with ESMTPSA (Nemesis) id 0M9cIl-1YX0XD2B0J-00D1hs; Sun, 12 Apr 2015 11:47:24 +0200 Message-ID: <552A3F2B.4030703@bernhard-voelker.de> Date: Sun, 12 Apr 2015 11:47:23 +0200 From: Bernhard Voelker User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.6.0 MIME-Version: 1.0 To: Dolf Andringa , 8527@debbugs.gnu.org Subject: Re: bug#8527: Any updates on this? References: In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Provags-ID: V03:K0:JT54Pc6TeieyNp/wGYKIhmU1i7/0+WQXnt6EhEd/KVxEHKV7Sui ezW5qt7Od/PYR+q9sApARko/nFaDaM/OI4HnvOj1yqIeaAmHkhyEp8KjB8sjiMncNdnvmMa Zt/cbdxomK9kTMBldzvbQLkSvbDeadFn/s3fDm1GJ62ph1JBB0xtbMeAvCAhMlEukqTGAz5 /1TI2DE02csXW0/beFPVw== X-UI-Out-Filterresults: notjunk:1; X-Spam-Score: 0.0 (/) X-Debbugs-Envelope-To: 8527 X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 0.0 (/) unarchive 18748 forcemerge 18748 8527 stop On 04/11/2015 12:59 PM, Dolf Andringa wrote: > Hey All, > > Many people on the internet seem to have stumbled across this bug, so much so that the ubuntu docs on > https://help.ubuntu.com/community/FilePermissionsACLs even report that ACL's are rendered ineffective due to this bug in > coreutils (cp/mv). I have run across this bug as well, which is very annoying in a shared environment with multiple > users in different groups using the same resources. Is there any chance this bug will ever be fixed or is maintenance on > ACL's or coreutils not happening? > Regards, > > Dolf. This has been discussed in several other threads; please see my last post on this here: http://bugs.gnu.org/18748#29 Have a nice day, Berny From debbugs-submit-bounces@debbugs.gnu.org Mon Oct 15 09:29:21 2018 Received: (at control) by debbugs.gnu.org; 15 Oct 2018 13:29:21 +0000 Received: from localhost ([127.0.0.1]:49901 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gC2vx-000810-Ci for submit@debbugs.gnu.org; Mon, 15 Oct 2018 09:29:21 -0400 Received: from mail-pg1-f170.google.com ([209.85.215.170]:39366) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1gC2vv-00080n-Lm for control@debbugs.gnu.org; Mon, 15 Oct 2018 09:29:19 -0400 Received: by mail-pg1-f170.google.com with SMTP id r9-v6so9173470pgv.6 for ; Mon, 15 Oct 2018 06:29:19 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=to:from:message-id:date:user-agent:mime-version:content-language :content-transfer-encoding; bh=ERMZcaPPvl6soqkEEL7KQa21ZvlQzs6QOlHEU55/gxw=; b=K+RUVMTZ7h3cw2YC6WzQmCQGSy9wE/4SBmrn5wZzyXJrVr+13Cjpx4AzGmYoGeedEq tsMAcG40KD7yf7ozbNbZBi7wmYvEQEFWKqOqxAvJwGOl4SJBP1XWfrQqJWGYdIGaTKn9 QS2xKPmjm4GnSG3OOylvl/zSnva0IE0TL9dYNvkrggSREPhxka7wOX3HewiwpQ8NsQnw ZUTP0n8h8aiAfASQyZEewWXXtKmIV4zcyIlb3sGztkU+HTKknv4tnY9H0MMLuaVaU5o+ H3CSCsiZklgBL9Ac4jmQ5ybwU9nwc0ntt9A4vCYt5fK1a3TAMf5ZyNcYH7f/XvB+m/nY JPhA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:from:message-id:date:user-agent:mime-version :content-language:content-transfer-encoding; bh=ERMZcaPPvl6soqkEEL7KQa21ZvlQzs6QOlHEU55/gxw=; b=K280B9D2nn2EsmD6pHqOzEK2rLxaIfBDjEOA5Ng2IMk5hYsm6/0nOQTDIR/foE6R7E APqXuwqDn8Tc7c5uWMHlNM+vN/itShP7QJZORw8IGeqWnjVujWJauDUlOmXnOPe8V1Xp NRwdBftrnvOuWMsbfeslxq3fRKXhuiLUuLxrJzY18keEMAf0sc5y1HPum9RKRuZw8HTC KMwuIHX2rqzn6pO8uhf9jwKWGJXXfODJj6X/77xsBW037IWb97E6tWE4SOoI3ghtgs5h eD9mcl1pncOczO1vCKTWPSM+l2decWnpufRh65jjzGBWeYyknaA6+zvX4pg5h9WOmKh9 75oA== X-Gm-Message-State: ABuFfojCLYh/sjBDkd5Ygi2WZ0cV2LU8Ss7in1Cxv04izCCJOKEcT3NE 7cTobABI3AiQlwaLlp9nrOmn3Bai X-Google-Smtp-Source: ACcGV62+dwUg/XQyncwWernuFSG5hoasFwbso9sqTqboyy1BM5FpIbQbjF0nODpG8UsoEAfIGWHFrw== X-Received: by 2002:a63:a012:: with SMTP id r18-v6mr16371478pge.282.1539610153116; Mon, 15 Oct 2018 06:29:13 -0700 (PDT) Received: from tomato.housegordon.com (moose.housegordon.com. [184.68.105.38]) by smtp.googlemail.com with ESMTPSA id o24-v6sm20963382pfa.90.2018.10.15.06.29.11 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Mon, 15 Oct 2018 06:29:11 -0700 (PDT) To: control@debbugs.gnu.org From: Assaf Gordon Message-ID: Date: Mon, 15 Oct 2018 07:29:10 -0600 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.9.1 MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Spam-Score: 2.0 (++) X-Spam-Report: Spam detection software, running on the system "debbugs.gnu.org", has NOT identified this incoming email as spam. The original message has been attached to this so you can view it or label similar future email. If you have any questions, see the administrator of that system for details. Content preview: severity 8103 wishlist tags 8103 easy close 8271 tags 8411 fixed close 8411 [...] Content analysis details: (2.0 points, 10.0 required) pts rule name description ---- ---------------------- -------------------------------------------------- -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [209.85.215.170 listed in list.dnswl.org] 0.0 RCVD_IN_MSPIKE_H3 RBL: Good reputation (+3) [209.85.215.170 listed in wl.mailspike.net] 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (assafgordon[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.8 MISSING_SUBJECT Missing Subject: header 0.2 NO_SUBJECT Extra score for no subject 0.0 RCVD_IN_MSPIKE_WL Mailspike good senders X-Debbugs-Envelope-To: control X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: debbugs-submit-bounces@debbugs.gnu.org Sender: "Debbugs-submit" X-Spam-Score: 1.0 (+) severity 8103 wishlist tags 8103 easy close 8271 tags 8411 fixed close 8411 tags 8527 fixed close 8527 From unknown Sat Aug 16 15:54:08 2025 Received: (at fakecontrol) by fakecontrolmessage; To: internal_control@debbugs.gnu.org From: Debbugs Internal Request Subject: Internal Control Message-Id: bug archived. Date: Tue, 13 Nov 2018 12:24:05 +0000 User-Agent: Fakemail v42.6.9 # This is a fake control message. # # The action: # bug archived. thanks # This fakemail brought to you by your local debbugs # administrator