Hello,
Does anyone have any idea regarding what could be the problem here, i.e. why do I get "Permission denied"?
Code:
[andreas@loony /tmp]$ ls -al
total 40
drwxrwxrwt 4 root root 4096 Jul 14 10:28 .
drwxr-xr-x 28 root root 4096 May 18 10:55 ..
-rw-r--r-- 1 root root 1696 Dec 17 2009 bar
drwxrwxrwt 2 root root 4096 May 18 10:55 .font-unix
drwxrwxrwt 2 root root 4096 May 18 10:55 .ICE-unix
-rwxr-sr-x 1 root tripdb 27 Jul 14 10:26 sas.sh
-rw-r----- 1 root tripdb 26 Jul 14 10:27 textfil.txt
[andreas@loony /tmp]$ ./sas.sh
cat: textfil.txt: Permission denied
[andreas@loony /tmp]$ cat sas.sh
#!/bin/sh
cat textfil.txt
[andreas@loony /tmp]$
Since the s-bit is set for the group for sas.sh, it should run with the permissions of the group tripdb, which has read rights to textfil.txt. However, it does not work on any of our Linux systems that I have tried it on. We also have one machine running Sun Solaris, and there exactly the same thing works.
SELinux is disabled, so that is not the problem.
It is RHEL and CentOS that I have tried it on.
Edit:
A colleague told me that this does not work for shell scripts (even though apparently it does work for shell scripts under Solaris). However, this is not the problem per se, because I discovered this problem when using a binary program that needs the s-bit feature. I only made the small shell script to make sure that I understand everything that is going on and that it is not the binary program that is behaving badly... but I do believe that the problem is not in the program but in the operating system.
Edit:
Set uid works. It is only set gid that does not work. That is, setting the s-bit for the owner works, but setting the s-bit for the group does not.