file system uid and gid in linux

linux filesystems users
8,581

Who would have thought that this question would drag out such a collection of overconfident and underinformed responses!

The file system uid or fsuid is a Linux feature designed to help the NFS server implementation. It is an extra (non-POSIX) uid which is used only for file permission checks. For any process that doesn't call setfsuid (basically any process that's not trying to be an NFS server), the fsuid is the same as the effective uid.

There's even a man page for it, so excuse for claiming it doesn't exist.

Update: I was inspired to go find the origin of fsuid. When it was added in Linux 1.1.44, this comment was put above the new sys_setfsuid function:

+/*
+ * "setfsuid()" sets the fsuid - the uid used for filesystem checks. This
+ * is used for "access()" and for the NFS daemon (letting nfsd stay at
+ * whatever uid it wants to). It normally shadows "euid", except when
+ * explicitly set by setfsuid() or for access..
+ */

and this change was made in the comment above sys_access:

- * XXX we should use the real ids for checking _all_ components of the
- * path.  Now we only use them for the final component of the path.
+ * access() needs to use the real uid/gid, not the effective uid/gid.
+ * We do this by temporarily setting fsuid/fsgid to the wanted values

So NFS was one of the original two purposes. The other was making access() work correctly. access() is used by setuid programs to determine whether the real user would have access to a file without the additional privileges of the setuid. Before 1.1.44 it was buggy. Since then, it's been using a temporary change of fsuid to do the work. Since the fsuid is restored before the access() system call returns, you'll never actually see the change from userspace.

Share:
8,581

Related videos on Youtube

Lukas
Author by

Lukas

Updated on September 18, 2022

Comments

  • Lukas
    Lukas almost 2 years

    I came across a linux kernel tutorial and there they talked about 4 pairs of identifiers and one of them was file system uid and gid.

    Could someone explain me what it is and how it is different from uid and gid?

    • jlliagre
      jlliagre almost 12 years
      There is no such thing as file system uid/gid. Perhaps are you confusing with file/inode uid/gid. Can you point to a precise page in the tutorial ? In any case, an uid is an uid, regardless to what Unix object it applies to.
    • Admin
      Admin almost 12 years
      its in processes subtopic of the tutorial
    • Gilles 'SO- stop being evil'
      Gilles 'SO- stop being evil' almost 12 years
      @jlliagre There is such a thing. It's specific to Linux, and doesn't get much use. It's the fourth column in the UID and GID lines of /proc/$pid/status.
    • jlliagre
      jlliagre almost 12 years
      @Gilles Indeed there is such a thing. The question was lacking context and my misinformed comment helped anyway figuring out what it was really about.
  • Admin
    Admin almost 12 years
    could you please elaborate on how it is useful..
  • Alan Curry
    Alan Curry almost 12 years
    As I am not an NFS server author, I probably can't do better than what's in the man page.
  • phemmer
    phemmer almost 12 years
    If you're going to call all the other answers 'overconfident underinformed responses', you might want to make sure yours isn't the same. This feature was not created for NFS. In fact the standard linux NFS server implementation doesn't use it at all as the NFS server is built into the kernel, not an application. The userspace NFS server is just an example of an application which uses it, but usage of the userspace NFS server is very rare.
  • Alan Curry
    Alan Curry almost 12 years
    The state of the art in NFS may have moved on, but all historical information I can find indicates that the fsuid/fsgid was created for the sole purpose of supporting unfsd, and nothing else ever made use of it. And since the other answers denied the existence of the fsuid/fsgid I think I'm still pretty far ahead.
  • phemmer
    phemmer almost 12 years
    good information to have. Digging up a 1.1.44 kernel must have been a chore :-)
  • Alan Curry
    Alan Curry almost 12 years
    @Patrick there are git repositories available with most of the history. I used one that covers 0.10 through 2.4.0-prerelease. It used to be git://git.kernel.org/pub/scm/linux/kernel/git/davej/history.‌​git but that URL doesn't work anymore... googling "davej history.git" finds some working mirrors.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Cannot change owner of mounted drive
How to install squashfs-tools on Ubuntu?
Adding a new device to a btrfs volume, but the available size is hardly growing
what is file hole and how can it be used?
Hook functions for Linux filesystem
How and when to use /dev/shm for efficiency?
Shell script - Find files modified today, create directory, and move them there
How To Mount A Hard Disk Of File-System Type "devtmpfs"
Read-only file-system on yocto
Create a loop in a Linux filesystem