Subject: NFS misbehaviour with Linux server
To: None <firstname.lastname@example.org>
From: Matthias Drochner <M.Drochner@fz-juelich.de>
Date: 09/28/2006 14:01:31
when I did a system rebuild after our (my company's) NFS
server was switched from a DEC OSF/1 cluster to a Linux box
I had to find out that all SUID bits of my (diskless)
development system disappeared.
I tracked it down to the following:
-NetBSD's "install" program does a fchmod() on the open file
descriptor of the file being installed, and a close()
afterwards. This makes, due to caching etc that an NFS
WRITE is done to the file after the SETATTR.
-Linux (Debian, 2.6 kernel) appearently deletes the SUID bits
if a file is written to. The NFS WRITE reply contains the
new non-suid attributes.
Is this legal, or well-known, behaviour? I couldn't find
anything in the NFSv3 spec telling that the server is allowed
to change attributes unrequested, or that the client should
check every attribute coming back whether it has changed
Or is this a Linux security feature which I can hopefully
(I can send a tcpdump capture file if anyone is interested.)