Advanced Programming in the UNIX® Environment

(lily) #1
ptg10805159

110 Files and Directories Chapter 4


These four functions operate similarly unless the referenced file is a symbolic link. In
that case,lchownandfchownat(with theAT_SYMLINK_NOFOLLOWflag set) change
the owners of the symbolic link itself, not the file pointed to by the symbolic link.
Thefchownfunction changes the ownership of the open file referenced by thefd
argument. Since it operates on a file that is already open, it can’t be used to change the
ownership of a symbolic link.
Thefchownatfunction behaves like eitherchownorlchownwhen thepathname
argument is absolute or when thefdargument has the value AT_FDCWDand the
pathname argument is relative. In these cases,fchownat acts likelchown if the
AT_SYMLINK_NOFOLLOWflag is set in theflag argument, or it acts like chownif
theAT_SYMLINK_NOFOLLOWflag is clear.When thefdargument is set to the file
descriptor of an open directory and thepathnameargument is a relative pathname,
fchownatevaluates thepathnamerelative to the open directory.
Historically,BSD-based systems have enforced the restriction that only the
superuser can change the ownership of a file. This is to prevent users from giving away
their files to others, thereby defeating any disk space quota restrictions. SystemV,
however,has allowed all users to change the ownership of any files they own.

POSIX.1 allows either form of operation, depending on the value of
_POSIX_CHOWN_RESTRICTED.
With Solaris 10, this functionality is a configuration option, whose default value is to enforce
the restriction. FreeBSD 8.0, Linux 3.2.0, and Mac OS X 10.6.8 always enforce thechown
restriction.

Recall from Section 2.6 that the_POSIX_CHOWN_RESTRICTEDconstant can optionally
be defined in the header<unistd.h>,and can always be queried using either the
pathconffunction or the fpathconf function. Also recall that this option can
depend on the referenced file; it can be enabled or disabled on a per file system basis.
We’ll use the phrase ‘‘if _POSIX_CHOWN_RESTRICTEDis in effect,’’ to mean ‘‘if it
applies to the particular file that we’retalking about,’’regardless of whether this actual
constant is defined in the header.
If_POSIX_CHOWN_RESTRICTEDis in effect for the specified file, then


  1. Onlyasuperuser process can change the user ID of the file.

  2. A nonsuperuser process can change the group ID of the file if the process owns
    the file (the effective user ID equals the user ID of the file),owneris specified as
    −1 or equals the user ID of the file, andgroupequals either the effective group ID
    of the process or one of the process’s supplementary group IDs.


This means that when_POSIX_CHOWN_RESTRICTEDis in effect, you can’t change the
user ID of your files.Youcan change the group ID of files that you own, but only to
groups that you belong to.
If these functions arecalled by a process other than a superuser process, on
successful return, both the set-user-ID and the set-group-ID bits arecleared.
Free download pdf