Loading...

Type: Story
Resolution: Done
Priority: Undefined
Fix Version/s: None
Affects Version/s: None
Labels:
- coreos-ignition
- upstream

Activity Type:
Upstream
Story Points:
5
Blocked:
False
Blocked Reason:

Hide

None

Show
None
Ready:
False
Intelligence Requested:
Market:

Sprint:
CoreOS West - 270, CoreOS West - 271

SFDC Cases Links:
SFDC Cases Open:
SFDC Cases Counter:

[2945919466] Upstream Reporter: Brian Exelbierd
Upstream issue status: Closed
Upstream description:

Bug #

Operating System Version ##

Reproduced on Flatcar and Fedora CoreOS

Ignition Version ##

Environment ##

BareMetal and Azure

Expected Behavior ##

Files setgid and setuid

Actual Behavior ##

Files not setgid or setuid

Reproduction Steps ##

Flatcar:

```
$ ls -l /opt/setuid-setgid-test/
total 97632
-rwxr-xr-x. 1 op op 24990551 Mar 16 16:49 normal
-rwxr-xr-x. 1 op op 24990551 Mar 16 16:49 setgid
-rwxr-xr-x. 1 op op 24990551 Mar 16 16:49 setuid
-rwxr-xr-x. 1 op op 24990551 Mar 16 16:49 setuid+setgid
```

Using:

```
variant: flatcar
version: 1.1.0

passwd:
users:

name: core
ssh_authorized_keys:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC1N+xhi9y/rHURF3P0c6TiEGizwFnTBKH5GbQI46uyb

name: op
ssh_authorized_keys:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC1N+xhi9y/rHURF3P0c6TiEGizwFnTBKH5GbQI46uyb

storage:
files:

path: /opt/setuid-setgid-test/setuid+setgid
mode: 06755 # Set UID and GID
user:
name: op
group:
name: op
contents:
source: https://github.com/bexelbie/op-secret-manager/releases/latest/download/op-secret-manager-linux-amd64

path: /opt/setuid-setgid-test/setgid
mode: 02755
user:
name: op
group:
name: op
contents:
source: https://github.com/bexelbie/op-secret-manager/releases/latest/download/op-secret-manager-linux-amd64

path: /opt/setuid-setgid-test/setuid
mode: 04755
user:
name: op
group:
name: op
contents:
source: https://github.com/bexelbie/op-secret-manager/releases/latest/download/op-secret-manager-linux-amd64

path: /opt/setuid-setgid-test/normal
mode: 0755
user:
name: op
group:
name: op
contents:
source: https://github.com/bexelbie/op-secret-manager/releases/latest/download/op-secret-manager-linux-amd64
```

Fedora CoreOS:

```
core@localhost:~$ stat /opt/setuid-setgid-test/setuid+setgid
File: /opt/setuid-setgid-test/setuid+setgid
Size: 24990551 Blocks: 48816 IO Block: 4096 regular file
Device: 252,4 Inode: 29360257 Links: 1
Access: (0755/-rwxr-xr-x) Uid: ( 1001/ op) Gid: ( 1001/ op)
Context: system_u:object_r:var_t:s0
Access: 2025-03-20 09:20:34.188000000 +0000
Modify: 2025-03-20 09:20:36.847000000 +0000
Change: 2025-03-20 09:20:43.430000000 +0000
Birth: 2025-03-20 09:20:34.188000000 +0000
core@localhost:~$ cat /etc/os-release
NAME="Fedora Linux"
VERSION="41.20250302.3.2 (CoreOS)"
RELEASE_TYPE=stable
ID=fedora
VERSION_ID=41
VERSION_CODENAME=""
PLATFORM_ID="platform:f41"
PRETTY_NAME="Fedora CoreOS 41.20250302.3.2"
ANSI_COLOR="0;38;2;60;110;180"
LOGO=fedora-logo-icon
CPE_NAME="cpe:/o:fedoraproject:fedora:41"
HOME_URL="https://getfedora.org/coreos/"
DOCUMENTATION_URL="https://docs.fedoraproject.org/en-US/fedora-coreos/"
SUPPORT_URL="https://github.com/coreos/fedora-coreos-tracker/"
BUG_REPORT_URL="https://github.com/coreos/fedora-coreos-tracker/"
REDHAT_BUGZILLA_PRODUCT="Fedora"
REDHAT_BUGZILLA_PRODUCT_VERSION=41
REDHAT_SUPPORT_PRODUCT="Fedora"
REDHAT_SUPPORT_PRODUCT_VERSION=41
SUPPORT_END=2025-12-15
VARIANT="CoreOS"
VARIANT_ID=coreos
OSTREE_VERSION='41.20250302.3.2'
```

Using

```

variant: fcos
version: 1.6.0

passwd:
users:

name: core
ssh_authorized_keys:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAACAQDPKIbw6kZVnn7mih7Av2wk+eNZNIag8yZkKT54vICh1tcUro/PtCin+xlyJeN5yrokF3n7UMIMcwPe+QGEaoAPImSGxstpXzSXSxFo9npmcsA3cbJQReiwjVU6NDRBbYGrCgYdPtshHOMN19J+vIbRPCBZtZZbguQTBO9gDn/5uhzikZ3b7J2VWy2cOtkfBP6AwVM+9ZmKwLaF6CWIEx23BLJjpLtkuNHOjtg0SuqAF1D+lEEf7Ld77zVDMst1waCz2HfSEIr+a7J1/VaBMvxqG8iHwnVV3JcxuYZpYy7lGLAVb9V1SHbAbV54rKdqS5Eetqk9Woo2ABdaCZB//bn9Qs0q5kjw6cUlGleqKZzEFtxMZr6fJIzcd8TGLX+QOBlSMfszCcsdo6/LG8X3ySvDE+vqGTlHPXpeaHJv9Z21rZTnXIB/toVo/6iMrJseBrb6FUkp3oIqSWVTivEoKprTM2cc1ft4mRsmHWLCo1yonX9WfA8etgp/bAiAb4fwpG2oE7E/Mf5y+hS0EH5M88LBfxJMpNkjTkaWxcYfHUQHJGVv//fN5r4JC4ZNVc/PyU5WqmHoTBtQeCZ1p8o7VEwOJCRDl+Np/ykrPB1AobnSsNeiuUD1uCPs3KjzggTt3AeNRXKX2q0N9/dfsFEBTmJFZuSfTcoGUSBEUadfWucIww== mathieu.tortuyaux@gmail.com

name: op
ssh_authorized_keys:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIC1N+xhi9y/rHURF3P0c6TiEGizwFnTBKH5GbQI46uyb

storage:
files:

path: /opt/setuid-setgid-test/setuid+setgid
mode: 06755 # Set UID and GID
user:
name: op
group:
name: op
contents:
source: https://github.com/bexelbie/op-secret-manager/releases/latest/download/op-secret-manager-linux-amd64

path: /opt/setuid-setgid-test/setgid
mode: 02755
user:
name: op
group:
name: op
contents:
source: https://github.com/bexelbie/op-secret-manager/releases/latest/download/op-secret-manager-linux-amd64

path: /opt/setuid-setgid-test/setuid
mode: 04755
user:
name: op
group:
name: op
contents:
source: https://github.com/bexelbie/op-secret-manager/releases/latest/download/op-secret-manager-linux-amd64

path: /opt/setuid-setgid-test/normal
mode: 0755
user:
name: op
group:
name: op
contents:
source: https://github.com/bexelbie/op-secret-manager/releases/latest/download/op-secret-manager-linux-amd64
```

Other Information ##

See also https://github.com/flatcar/Flatcar/issues/1688

links to

Upstream issue

Details

Description

Attachments

Issue Links

Easy Agile Planning Poker

Activity

People

Dates