setuid confusion

alex at crackpot.org alex at crackpot.org
Thu Nov 1 13:40:45 MST 2007 

Quoting Alex LeDonne <aledonne.listmail at gmail.com>:

> On Nov 1, 2007 4:24 PM,  <alex at crackpot.org> wrote:
>> When I log in as wwwlive and run the update, it's fine.
>> [wwwlive]$ ./live_svn_update
>> Real UID        = 100313
>> Effective UID   = 100313
>> Real GID        = 20023
>> Effective GID   = 20023
>> At revision 3.
>>
>> When I run it as myself, you can see that the UID and GID are changing
>> to those of wwwlive, but that doesn't need to give me the permissions
>> I need to perform the update.
>> [alexd]$ ./live_svn_update
>> Real UID        = 110115
>> Effective UID   = 100313
>> Real GID        = 20014
>> Effective GID   = 20023
>> svn: Can't open file '/www/live/.svn/lock': Permission denied
>>
>> So... I'm kinda stumped at the moment.  Anyone see anything I've
>> missed, or something else I ought to try?
>>
>> thanks,
>> alex
>
> For completeness, what are the permissions on
> /www/live/.svn
> /www/live/.svn/lock
> ?

They are owned by wwwlive:wwwlive.  .svn/lock doesn't exist.  It's  
created by svn as part of the update process.  The error I'm seeing is  
due to the fact that, for some reason, I don't appear to have write  
permissions on /www/live/.svn when running the setuid program as alexd.

Additionally, if I 'chmod -R o+w /www/live', everything works great.   
Of course that totally defeats the whole purpose, so its not really a  
solution.  But it seems to make it clear that I'm having a  
file-permissions problem.

[alexd]$ pwd
/www/live

[alexd]$ ls -la
total 16
drwxr-xr-x  4 wwwlive wwwlive         4096 Nov  1 12:50 .
drwxrwxr-x  7 alexd   wwwdev          4096 Nov  1 12:51 ..
drwxr-xr-x  3 wwwlive wwwlive         4096 Nov  1 12:50 htdocs
drwxr-xr-x  7 wwwlive wwwlive         4096 Nov  1 12:54 .svn

[alexd]$ ls -la .svn
total 40
drwxr-xr-x  7 wwwlive wwwlive 4096 Nov  1 12:54 .
drwxr-xr-x  4 wwwlive wwwlive 4096 Nov  1 12:50 ..
-r--r--r--  1 wwwlive wwwlive    0 Nov  1 12:50 empty-file
-r--r--r--  1 wwwlive wwwlive  420 Nov  1 12:54 entries
-r--r--r--  1 wwwlive wwwlive    2 Nov  1 12:50 format
drwxr-xr-x  2 wwwlive wwwlive 4096 Nov  1 12:50 prop-base
drwxr-xr-x  2 wwwlive wwwlive 4096 Nov  1 12:50 props
-r--r--r--  1 wwwlive wwwlive  118 Nov  1 12:50 README.txt
drwxr-xr-x  2 wwwlive wwwlive 4096 Nov  1 12:50 text-base
drwxr-xr-x  6 wwwlive wwwlive 4096 Nov  1 12:54 tmp
drwxr-xr-x  2 wwwlive wwwlive 4096 Nov  1 12:50 wcprops

More information about the PLUG-discuss mailing list