0

I have just set up an EC2 instance to play around with and am testing file permissions; however, I notice that the execution bit is not being passed down to the lower level (read and write are, just not execution).

[ec2-user@server www]$ touch web/hi
[ec2-user@server www]$ ls -l web/
total 4
-rw-rw-r-- 1 ec2-user apache  0 May 27 19:02 hi
-rwxrwxr-x 1 ec2-user apache 43 May 27 05:15 index.php
[ec2-user@server www]$ getfacl --all-effective web/
# file: web/
# owner: ec2-user
# group: apache
# flags: -s-
user::rwx
group::rwx
other::r-x
default:user::rwx
default:group::rwx
default:other::r-x

What am I missing to get the execution bit to pass down?

Gilles 'SO- stop being evil'
  • 829,060
AWippler
  • 143

1 Answers1

1

Try testing mkdir instead, that's what most people would be worrying about?

touch doesn't create executable files. It masks those bits off in the mode parameter to sys_open(). Source code:

 133       /* Try to open FILE, creating it if necessary.  */
 134       fd = fd_reopen (STDIN_FILENO, file,
 135                       O_WRONLY | O_CREAT | O_NONBLOCK | O_NOCTTY, MODE_RW_UGO)

Note there is no X in the mode argument. You can't force programs to create executable (or world-readable, etc) files if they don't allow for it. A lot of file creation is going to look like that. Installing executable files is the less common case.

The system calls used by touch are also described by the POSIX standard.

sourcejedi
  • 50,249