(TW) Tar extract run as user creates files the user cannot delete

I’m seeing an odd problem with GNU Tar (tar-1.35-3.1.x86_64) on Tumbleweed (ver. 20240807). After extracting a tar backup of the root (/) filesystem, as a normal user, many extracted files and directories can’t be deleted by the user. The files do not have immutable type extended attributes, according to ‘lsattr’ (C) and ‘getfacl’ (none). The problem occurs on both Btrfs and Ext4 mounts. However, the privileged root user is able to delete the files. Also Leap 15.6 doesn’t have this issue.

Here’s a sample run:

root# tar cf root-backup.tar.zst --zstd --one-files-system --exclude=".snapshots" /

user$ mkdir root
user$ tar xf root-backup.tar.zst --zstd -C root
user$ rm -rf root
...
rm: cannot remove 'root/usr/sbin/vncsession': Permission denied
...
user$ ls -l root/usr/sbin/vncsession
-rwxr-x-r-x 1 user user 22648 Feb 26 06:29 root/usr/sbin/vncsession
user$ lsattr root/usr/sbin/vncsession
---------------C------ root/usr/sbin/vncsession
user$ getfacl root/usr/sbin/vncsession
# file: root/usr/sbin/vncsession
# owner: user
# group: user
user::rwx
group::r-x
other::r-x

Has anyone encountered this issue? Any tips on finding the cause or workaround?

Thanks.

File permissions are in most cases irrelevant here. Show root/usr/sbin permissions.

When you are not allowed to remove a file, you should look at the permissions of the directory the file is in. Not at those of the file itself.

Adding, removing, changing names, ownership, permissions all involve reading and writing and having inode access of the directory that this happens to be in!

Ah yes, you’re right, the file’s parent directory is read-only and prevents deletion. Now I see the directory permissions differ on Tumbleweed’s root directory (/) from Leap, which led to the confusion. Thanks for your help!

user$ ls -ld root/usr/bin
dr-xr-xr-x 1 user user 46008 Aug  8 21:37 root/usr/bin

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.