On Fri, 10 Oct 2014, Alan Stern wrote: > On Fri, 10 Oct 2014, Mike wrote: > > > On Fri, 10 Oct 2014, Alan Stern wrote: > > > > > Sorry if this question has been asked many times before. > > > > > > On a new CentOS 7 system, when I create files they end up with strange > > > permissions. For example, as root: > > > > > > [root at server ~]# umask > > > 0000 > > > [root at server ~]# touch a > > > [root at server ~]# ls -l a > > > -r--r----- 1 root root 0 Oct 10 11:45 a > > > > > > As a regular user: > > > > > > [stern at server ~]$ umask > > > 0000 > > > [stern at server ~]$ touch b > > > [stern at server ~]$ ls -l b > > > -rw------- 1 stern stern 0 Oct 10 11:47 b > > > > > > In both cases the permsissions should have been -rw-rw-rw-. What on > > > earth is going on, and how can I fix it? > > > > > > Thanks, > > > > > > Alan Stern > > > > > > _______________________________________________ > > > CentOS mailing list > > > CentOS at centos.org > > > http://lists.centos.org/mailman/listinfo/centos > > > > > > > I'm sure I don't have an answer, but the last time I saw something like > > that the problem was related to a fat or vfat file system (I believe). > > What type of filesystem is "/"? What is the output from 'df -Th' ? > > I appreciate any suggestions for places to look, since I am baffled. > > The filesystem is ext4. "df -Th /" says as much, and also says that > teh filesystem is 18% full. > > But you're right that the filesystem is somehow involved. When I do > exactly the same thing in the /run directory, which is tmpfs, it works > as expected. > > The output from "mount" doesn't help much: > > /dev/md5 on / type ext4 (rw,relatime,seclabel,data=ordered) > > Trying this on /boot (a separate ext4 filesystem in a different disk > partition) gives yet a different result; the file ends up with > -r--r--r-- permission. > > I know that this isn't caused by selinux, because I get the same > results after booting with selinux turned off. I found the answer: There are bad default ACL's associated with these directories. For detailed information about default ACLs, check out "man 5 acl" as well as "man setfacl" and "man getfacl". In short, a directory's default ACLs affect the permissions of files created within that directory. The filesystems on this computer were created by un-tarring archives created on another system, using tar's --acls option. I guess this option doesn't work right (a bug in tar!); the unpacked system contains ACLs that were not present on the source system. Alan Stern