This bug is missing log files that will aid in diagnosing the problem.
While running an Ubuntu kernel (not a mainline or third-party kernel)
please enter the following command in a terminal window:
apport-collect 1877151
and then change the status of the bug to 'Confirmed'.
If, due to the nature of the issue you have encountered, you are unable
to run this command, please add a comment stating that fact and change
the bug status to 'Confirmed'.
This change has been made by an automated script, maintained by the
Ubuntu Kernel Team.
** Changed in: linux (Ubuntu)
Status: New => Incomplete
--
You received this bug notification because you are a member of Kernel
Packages, which is subscribed to linux in Ubuntu.
https://bugs.launchpad.net/bugs/1877151
Title:
root unable to write to file in directory with sticky bit with
fs.protected_regular set
Status in linux package in Ubuntu:
Incomplete
Bug description:
In Focal (kernel 5.4), given the following scenario...
1. Directory owned by root:root with mode 1775 (sticky bit set)
2. File inside directory owned by www-data:www-data with mode 0664
3. fs.protected_regular set to non-0 value (the default is now 2)
... root is unable to write to the file if O_CREAT is set when opening
it. Setting fs.protected_regular=0 works around the problem.
This seems to be the result of this change:
https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=30aba6656f61ed44cba445a3c0d38b296fa9e8f5
It's not explicit in the commit message or documentation, but i
wouldn't expect this restriction to apply to root... right?
Replication:
% lsb_release -sd; cat /proc/version_signature
Ubuntu 20.04 LTS
Ubuntu 5.4.0-29.33-generic 5.4.30
# Create directory and file
% sudo -u www-data touch /tmp/myfile
% \ls -ld /tmp
/tmp/myfile
drwxrwxrwt 13 root root 4096 May 6 11:18 /tmp
-rw-rw-r-- 1 www-data www-data 0 May 6 11:18 /tmp/myfile
# Write by owner: OK
% sudo -u www-data sh -c 'whoami > /tmp/myfile'
% cat /tmp/myfile
www-data
# Write by root, fs.protected_regular=2 (default): FAIL
% sudo sysctl fs.protected_regular
fs.protected_regular = 2
% sudo -u root sh -c 'whoami > /tmp/myfile'
sh: 1: cannot create /tmp/myfile: Permission denied
% cat /tmp/myfile
www-data
# Write by root, fs.protected_regular=1: FAIL
# (NOTE: This one seems to succeed if /tmp/myfile is owned by www-data:root
# instead of www-data:www-data)
% sudo sysctl fs.protected_regular=1
fs.protected_regular = 1
% sudo -u root sh -c 'whoami > /tmp/myfile'
sh: 1: cannot create /tmp/myfile: Permission denied
% cat /tmp/myfile
www-data
# Write by root, fs.protected_regular=0: OK
% sudo sysctl fs.protected_regular=0
fs.protected_regular = 0
% sudo -u root sh -c 'whoami > /tmp/myfile'
% cat /tmp/myfile
root
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/linux/+bug/1877151/+subscriptions
--
Mailing list: https://launchpad.net/~kernel-packages
Post to : kernel-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~kernel-packages
More help : https://help.launchpad.net/ListHelp
