kern/40933: tmpfs and chown issue

[mark%ecs.vuw.ac.nz@localhost]

>Number:         40933
>Category:       kern
>Synopsis:       tmpfs and chown issue
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    kern-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sun Mar 01 13:05:00 +0000 2009
>Originator:     Mark Davies
>Release:        NetBSD 5.0_RC2
>Organization:
ECS, Victoria Uni. of Wellington, New Zealand.
>Environment:
        
        
System: NetBSD paramount.ecs.vuw.ac.nz 5.0_RC2 NetBSD 5.0_RC2 (ECS_SERVER) #0: 
Sat Feb 14 09:13:20 NZDT 2009 
mark%turakirae.ecs.vuw.ac.nz@localhost:/local/SAVE/build.obj/src/work/5/src/sys/arch/i386/compile/ECS_SERVER
 i386
Architecture: i386
Machine: i386
>Description:
        chown() on a file run by root seteuid to the owner of the file fails 
when run on
        tmpfs but works on mfs and ffs.

        This breaks setting up of the kerberos credential cache from sshd when 
using pam
        and pam_krb5.so and /tmp is a tmpfs.
        
>How-To-Repeat:
        compile the below program (call it foo).  On a tmpfs filesystem run as 
root
                touch foobar; chown 1002 foobar; foo
        observe that the chown() in foo fails.
        repeat on an ffs filesystem or mfs filesystem and observe that it works.

#include <unistd.h>
#include <stdio.h>
#include <errno.h>

main ()
{
    setegid(1020);
    seteuid(1002);
   if (chown ("foobar", 1002, 1020) == -1) {
        printf ("failed %s\n", strerror(errno));
   } else {
        printf ("good\n");
   }
}

        
>Fix:
        

>Unformatted: