0

I have structure like:

/home/reed/, user=reed, group=reed
  - apache-conf, user=reed, group=reed
  - apache-web, user=reed, group=apache, perm=0770
      - www.website.com, user=reed, group=apache, perm=0770
          - index.php, user=reed, group=apache, perm=0660

I'm using umask 007 in /etc/profile so my directories & files are created with these same permissions. & that worked.

I ran chmod g+s /home/reed/apache-web; and chmod g+s /home/reed/apache-web/www.website.com so new directories will keep the group=apache

So I mkdir /home/reed/apache-web/test/, then ls -la ... & it shows reed is both the user & the group.

I tried using chmod 4770 /home/reed/apache-web/test/, but mkdir still sets both user & group to reed (or root if I'm running with sudo)

I tried it in the www.website.com dir as well with the same results.

I'm on Debian 10 with root access available. I also tried switching to user=apache & group=reed, then using chmod u+s thedir, but again, mkdir makes both the user & the group the current shell user. I also tried logging out & logging back in

Reed
  • 141
  • 4
  • 1
    Please check if the setgid flag is really set on the directories. `chmod g+s thedir` doesn't seem to have an effect (without `sudo`) on my system if my current user doesn't belong to the directories' group. – Freddy Aug 25 '20 at 21:50
  • I thought I had done that! That appears to have fixed it :) – Reed Aug 25 '20 at 21:56

1 Answers1

0

I guess you have /home mounted with the nosuid option:

   nosuid Do not allow set-user-identifier or set-group-identifier bits to
          take effect.
Ángel
  • 3,383
  • 1
  • 13
  • 16
  • My `/etc/fstab` file has `UUID=[the_uuid] / ext4 errors=remount-ro 0 1`. I'm assuming I would see here `nosuid` if that were the case? – Reed Aug 25 '20 at 21:38
  • 1
    Probably, but you wouldn't put a `nosuid` on /. Some distributions place it on `/home`, but generally that doesn't need setuid/setdid programs. Are you sure `/home` isn't on its own partition? What is the output of `mount` with no parameters? – Ángel Aug 25 '20 at 21:41
  • Looks like `tmpfs on /run/user/#### type tmpfs (rw,nosuid,nodev,relatime,size=101368k,mode=700,uid=####,gid=####)` is the one I'm concerned with. It's cloud-hosting. I assume there's a config file somewhere that I can remove the `nosuid` param? – Reed Aug 25 '20 at 21:54
  • Running `sudo chmod g+s` made it start working. Though I'm now confused as to why `nosuid` isn't being respected... – Reed Aug 25 '20 at 21:57
  • 1
    No, `/run/user` is quite different from `/home`. as you mention `sudo chmod` made it work, it is possible that the kernel has a CONFIG_ parameter set to only allow setgid to succeed if done by root. – Ángel Aug 25 '20 at 21:59