chmod returns Operation not permitted

marian_cerny

marian_cerny

When I call chmod on a new FreeBSD 9.2 server with ZFS on a directory that I am not an owner, I get Operation not permitted even when I am setting the same permissions.

Code: 
user1@server:~ % uname -srmi
FreeBSD 9.2-RELEASE amd64 GENERIC

user1@server:~ % ls -ld /var/log
drwxr-xr-x  3 root  wheel  27 Nov  4 01:00 /var/log

user1@server:~ % chmod 750 /var/log
chmod: /var/log: Operation not permitted

It works fine (no error message is written) on FreeBSD 7.2, 8.2, 9.2-RC4 with UFS as well as on 8.x with ZFS. Has the behavior changed with FreeBSD 9.2+ZFS or is it something specific to my configuration? Thanks for any tips.
 
Are you positive it worked before? I've never been able to change permissions on files or directories I didn't own. It goes against the basic principles of file ownership.
 
Yes, it worked before. I am not trying to change permissions. I am setting the exact same permissions which was a NOP before but now it somehow tries to change the permissions.

On FreeBSD 7.2:

Code: 
user1@server:~ % chmod -vv 755 /var/log

root@server:~ # chmod -vv 755 /var/log

On FreeBSD 9.2:

Code: 
user1@server:~ % chmod -vv 755 /var/log
chmod: /var/log: Operation not permitted

root@server:~ # chmod -vv 755 /var/log
/var/log: 040755 [drwxr-xr-x ] -> 040755 [drwxr-xr-x ]

Of course it should not possible to change the permissions of files or directories that are not owned by the user. I am trying to find out why the behavior has changed when setting the exact same permissions (for files or directories that are not owned by the user).
 
Solved

The reason why it behaves differently is because FreeBSD now support NFSv4 ACLs on ZFS. There is an exception for NFSv4 ACLs in bin/chmod/chmod.c that calls chmod() even when the permissions do not change.

Code: 
               /*
                * With NFSv4 ACLs, it is possible that applying a mode
                * identical to the one computed from an ACL will change
                * that ACL.
                */
               if (may_have_nfs4acl(p, hflag) == 0 &&
                   (newmode & ALLPERMS) == (p->fts_statp->st_mode & ALLPERMS))
                               continue;
 
You must log in or register to reply here.
Back
Top