[OpenAFS] Re: file ownership for root (UID 0)

[Andrew Deason]

On Thu, 14 Jan 2010 12:52:48 +0100
"Karl Ti=DFner" <tissner@gmx.de> wrote:

> > What problems are you encountering when files are not shown to be
> > owned by root?
>=20
> Some Debian Packages (man-db, the daily used aptitude) check, if their
> created files are owned bei the creator, which leads to errors like
>   fopen: Permission denied
> or=20
>   E: Could not get lock /var/lib/dpkg/lock - open (11: Resource
>   temporarily unavailable)
>   E: Unable to lock the administration directory (/var/lib/dpkg/), is
>   another process using it?
>
> Other programs of course refuse to run, if sensitive data is not
> properly protected.

While I believe that some programs will complain or refuse to work if
the owner is not root... are you sure that's what is causing these
specific error messages? The first one looks like a plain EACCES, which
the owner uid will have little impact on (in AFS anyway), and the second
one looks like a failure to grab the fcntl lock orthogonal to
permissions/ownership issues.

If you look at an strace for the programs causing those two error
messages, I would imagine you'd see an EACCES on open() for the first
one, and an EAGAIN for an fcntl() on the second.

I haven't worked with debian systems with afs-root or anything like
that, so I could be very wrong here and I'll shut up. But at first
glance, that doesn't quite look like the issue here. (For example, if I
'chown -R adeason /var/lib/dpkg' on a regular lenny box,
apt-get/aptitude still seems to work)

--=20
Andrew Deason
adeason@sinenomine.net