About this list Date view Thread view Subject view Author view Attachment view

From: Gregory (Grisha) Trubetskoy (grisha_at_ispol.com)
Date: Sat 15 May 2004 - 00:03:04 BST


Sorry - this was vs1.26.

I changed my fs/ext3/ioctl.c like this:

--- fs/ext3/ioctl.c.orig 2004-05-14 18:56:21.000000000 -0400
+++ fs/ext3/ioctl.c 2004-05-14 18:44:22.000000000 -0400
@@ -47,6 +47,10 @@
                /* The JOURNAL_DATA flag is modifiable only by root */
                jflag = flags & EXT3_JOURNAL_DATA_FL;

+ /* Immutable files cannot be changed */
+ if (oldflags & flags & EXT3_IMMUTABLE_FILE_FL)
+ return -EPERM;
+
                /*
                 * The IMMUTABLE_* and APPEND_ONLY flags can only be changed
                 * by the relevant capability.

This seems to give the "expected" behaviour. I think the fix for ext2 is
identical, and I didn't look at reiserfs or any other filesystem.

Anyway, hopefully this is at list a little bit helpful :-)

Grisha

On Fri, 14 May 2004, Herbert Poetzl wrote:

> On Fri, May 14, 2004 at 05:12:34PM -0400, Gregory (Grisha) Trubetskoy wrote:
> >
> > It looks like the attributes that do not require CAP_LINUX_IMMUTABLE (i.e.
> > anything except IMMUTABLE_[FILE|LINK]FL and APPEND_FL) can by modified by
> > root from within a vserver:
> >
> > ]# vserver grisha enter
> > ipv4root is now 192.168.1.33
> > New security context is 10033
> > [root_at_vserver:grisha /]lsattr /bin/ls
> > ----i------t- /bin/ls
> > [root_at_vserver:grisha /]chattr +d /bin/ls
> > [root_at_vserver:grisha /]lsattr /bin/ls
> > ----i-d----t- /bin/ls
> >
> > I'm not sure this is workng "as expected". It seems that an immutable file
> > should be immutable including attribute changes. This doesn't seem like a
>
> yep, should not be allowed ...
> at least not on 'unified' files (i.e. with immutable set)
>
> please, always include some basic system information
> like kernel version, patch version, etc ...
>
> TIA,
> Herbert
>
> > VServer, but rather a general Linux problem, but I wonder if the VServer
> > patches should insist that immutability includes flag changing.
> >
> > Grisha
> > _______________________________________________
> > Vserver mailing list
> > Vserver_at_list.linux-vserver.org
> > http://list.linux-vserver.org/mailman/listinfo/vserver
>
_______________________________________________
Vserver mailing list
Vserver_at_list.linux-vserver.org
http://list.linux-vserver.org/mailman/listinfo/vserver


About this list Date view Thread view Subject view Author view Attachment view
[Next/Previous Months] [Main vserver Project Homepage] [Howto Subscribe/Unsubscribe] [Paul Sladen's vserver stuff]
Generated on Sat 15 May 2004 - 00:02:44 BST by hypermail 2.1.3