On 01/30/2017 09:25 AM, Alan McKinnon wrote: >> >> Any user can create a hard link in its home directory to /etc/shadow, so >> long as (a) they live on the same filesystem, and (b) there are no >> special kernel protections in place to prevent it. If you call chown on >> that hard link, it will change the ownership of /etc/shadow. > > That is absolutely not true, at least for the case of classic Unix > filesystems. > > ... > > I cannot chmod, chown or chgrp > /etc/shadow because I do not own it, and the kernel will not let me ln > it either: > > alan@khamul /alan $ ln /etc/shadow > ln: failed to create hard link './shadow' => '/etc/shadow': Operation > not permitted >
You have the fs.protected_hardlinks sysctl enabled. We patch that in gentoo-sources, but it's off by default in vanilla-sources. Try again with it disabled (and don't forget to turn it back on). Once the hard link has been created, a "chown -R foo /alan" or the equivalent "find ..." command will change the ownership of /etc/shadow.
