Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!wuarchive!emory!emcard!dekalb!douglas From: douglas@dekalb.UUCP (Douglas B. Jones) Newsgroups: comp.unix.wizards Subject: Re: restore tar archives with different uid? Message-ID: <1053@dekalb.UUCP> Date: 3 Sep 90 19:26:53 GMT References: <1740@yenta.alb.nm.us> <2932@anasaz.UUCP> Reply-To: douglas@dekalb.UUCP (Douglas B. Jones) Distribution: comp Organization: DeKalb College, Clarkston GA Lines: 99 In article <2932@anasaz.UUCP> chad@anasaz.UUCP (Chad R. Larson) writes: >In article <1740@yenta.alb.nm.us> dt@yenta.alb.nm.us (David B. Thomas) writes: >+--------------- >| Is there a way to restore a tar archive, but force all the files >| thus created to be owned by you? >+--------------- >Well, you don't tell which version of tar you are playing with (DOS? SysV? >BSD?), but it sure sounds like a RTFM question to me. >SysVr3.2 TAR(1) partial extract, speaking of key arguments: > "o" - Causes the extracted files to assume the owner and group ID > of the user running the program rather than those on the > archive tape. >-- >Chad R. Larson ...{mcdphx,asuvax}!anasaz!chad or chad@anasaz.UUCP >Anasazi, Inc. - 7500 North Dreamy Draw Drive, Suite 120, Phoenix, Az 85020 >(602) 870-3330 "I read the news today, oh boy!" -- John Lennon Under Ultrix 3.0 , "o" means: --------- o Suppress the normal directory information. On output, tar normally places information specifying owner and modes of directories in the archive. Former versions of tar, when encountering this information will give error message of the form, /: cannot create tar will place information specifying owner and modes of directories in the archive. --------- A better question than: >+--------------- >| Is there a way to restore a tar archive, but force all the files >| thus created to be owned by you? >+--------------- might be to say: "Is there an option to set files to uids/gids that are specified by the user. Of course if the user is Fred, he should not be able to set his tar files to Joe or Joe's tar files to Fred. But, "root" should be able to set them as wished. Personally, I think it would be nice if tar and restore would allow for the setting of user and group ids. Restore sets them according to what was dumped, but in restoreing files the root person might want to set them to another id. Many a time I have created a student id from quarters past, but with a differecnt uid/gid number. Restore asked me do I want to set uid and gid and I said yes. Even if the login name was the same, it set the uid and gid of each file and directory to what came from tape, which in many cases was another user current uid and/or gid numbers. Anyway, from Chad's response, it appears the "o" (and maybe other options as well) have different meanings. One other point: the tape drive devices should not be open to the general user. Tar/restore should be able to access them for the general user, but have the appropriate security to prevent Joe from getting Freds files. Here on this system (Ultrix 3.0), I set the devices to: crw-rw---- 1 root system 36, 12 Apr 13 1989 /dev/nrmt0h crw-rw---- 1 root system 36, 4 Dec 20 1988 /dev/nrmt0l crw-rw---- 1 root system 16, 12 Dec 20 1988 /dev/nrmt1h crw-rw---- 1 root system 36, 8 Aug 31 14:30 /dev/rmt0h crw-rw---- 1 root system 36, 0 Dec 20 1988 /dev/rmt0l crw-rw---- 1 root system 16, 8 Feb 22 1990 /dev/rmt1h This is a quick fix that only allows root and people in system (trusted people) to have access to the drives. Since we are a small shop, the only way a user gets/store stuff from/on tape is to ask a super-user (only 3 of us). So, I have not bothered to check tar/restore/dump out for more security. Once the security measures wanted were defined, I imagine the codeing would not be a major undertaking.... Above, I said "tape drive devices". This should also apply to other devices that exist now days. Notice how the disk drives are set up. (partial listing from /dev). brw------- 1 root system 9, 0 Oct 16 1989 /dev/ra0a brw------- 1 root system 9, 1 Dec 20 1988 /dev/ra0b crw------- 1 root system 9, 6 Aug 30 22:01 /dev/rra0g brw------- 1 root system 9, 8 Feb 7 1990 /dev/ra1a brw------- 1 root system 9, 14 Dec 20 1988 /dev/ra1g brw------- 1 root system 9, 15 Dec 20 1988 /dev/ra1h crw------- 1 root system 9, 0 Dec 20 1988 /dev/rra0a crw------- 1 root system 9, 1 Aug 30 22:09 /dev/rra0b crw------- 1 root system 9, 6 Aug 30 22:01 /dev/rra0g crw------- 1 root system 9, 8 Aug 30 22:08 /dev/rra1a crw------- 1 root system 9, 14 Aug 30 22:09 /dev/rra1g crw------- 1 root system 9, 15 Aug 30 22:08 /dev/rra1h Improved security here would help move Ultrix (U*X) more into the commercial world.... Maybe some U*X have already addressed this.... Douglas -- Doulas B. Jones douglas@dekalb Academic Computer Center or gatech!dekalb!douglas DeKalb College 555 N. Indian Creek Drive/Clarkston, Ga. 30021 (404) 299-4233