backup-by-copying-when-privileged-mismatch applies to file gid, too.

* lisp/files.el (backup-by-copying-when-privileged-mismatch):  In addition
to checking the file uid, a second test is added: if the file gid is not
greater than backup-by-copying-when-privileged-mismatch,
backup-by-copying-when-mismatch will also be forced on.

* doc/emacs/files.texi, doc/lispref/backups.texi: Updated documentation.

Also fixed a typo in the Emacs reference manual, changing "higher" to
"no greater" so that the limit is no longer documented reversed.

diff --git a/doc/emacs/files.texi b/doc/emacs/files.texi
index 7221edcc1b2083a050a7567b84369b6cca0c9d44..f5dd408cc9f54fbab65ac04c55bccbd96673002a 100644 (file)
--- a/doc/emacs/files.texi
+++ b/doc/emacs/files.texi
@@ -690,8 +690,9 @@ non-@code{nil} (the default is @code{t}), and renaming would change
 the file's owner or group, use copying.
 
 If you change @code{backup-by-copying-when-mismatch} to @code{nil},
-Emacs checks the numeric user-id of the file's owner.  If this is
-higher than @code{backup-by-copying-when-privileged-mismatch}, then it
+Emacs checks the numeric user-id of the file's owner and the numeric
+group-id of the file's group.  If either is
+no greater than @code{backup-by-copying-when-privileged-mismatch}, then it
 behaves as though @code{backup-by-copying-when-mismatch} is
 non-@code{nil} anyway.
 

diff --git a/doc/lispref/backups.texi b/doc/lispref/backups.texi
index 6a5b6d1661d4236dda79e749ef0e7ea67b3deaad..c17d98eb190efb877a8ee858a5c9144bd4b75ade 100644 (file)
--- a/doc/lispref/backups.texi
+++ b/doc/lispref/backups.texi
@@ -232,11 +232,11 @@ non-@code{nil}.
 @defopt backup-by-copying-when-privileged-mismatch
 This variable, if non-@code{nil}, specifies the same behavior as
 @code{backup-by-copying-when-mismatch}, but only for certain user-id
-values: namely, those less than or equal to a certain number.  You set
-this variable to that number.
+and group-id values: namely, those less than or equal to a certain number.
+You set this variable to that number.
 
 Thus, if you set @code{backup-by-copying-when-privileged-mismatch}
-to 0, backup by copying is done for the superuser only,
+to 0, backup by copying is done for the superuser and group 0 only,
 when necessary to prevent a change in the owner of the file.
 
 The default is 200.

diff --git a/etc/NEWS b/etc/NEWS
index 6e0b039ce3069afe96e9048af06e981d0a9271a6..678139ecbcf13b5d344e18f8fab97c18e2c2b57e 100644 (file)
--- a/etc/NEWS
+++ b/etc/NEWS
@@ -533,6 +533,11 @@ The HIST argument of 'read-from-minibuffer' now works correctly with
 buffer-local variables.  This means that different buffers can have
 their own separated input history list if desired.
 
+** 'backup-by-copying-when-privileged-mismatch' applies to file gid, too.
+In addition to checking the file owner uid, Emacs also checks that the
+group gid is not greater than backup-by-copying-when-privileged-mismatch;
+if so, backup-by-copying-when-mismatch will be forced on.
+
 \f
 * Editing Changes in Emacs 27.1
 

diff --git a/lisp/files.el b/lisp/files.el
index a384e7136e89c557c3a5f7e37bf3c6ca2c4ba970..96f1e8d47e74a886229f935aca47df7f2598c607 100644 (file)
--- a/lisp/files.el
+++ b/lisp/files.el
@@ -134,10 +134,11 @@ This variable is relevant only if `backup-by-copying' is nil."
 (defcustom backup-by-copying-when-privileged-mismatch 200
   "Non-nil means create backups by copying to preserve a privileged owner.
 Renaming may still be used (subject to control of other variables)
-when it would not result in changing the owner of the file or if the owner
-has a user id greater than the value of this variable.  This is useful
-when low-numbered uid's are used for special system users (such as root)
-that must maintain ownership of certain files.
+when it would not result in changing the owner of the file or if the
+user id and group id of the file are both greater than the value of
+this variable.  This is useful when low-numbered uid's and gid's are
+used for special system users (such as root) that must maintain
+ownership of certain files.
 This variable is relevant only if `backup-by-copying' and
 `backup-by-copying-when-mismatch' are nil."
   :type '(choice (const nil) integer)
@@ -4634,8 +4635,10 @@ BACKUPNAME is the backup file name, which is the old file renamed."
                                      (let ((attr (file-attributes
                                                   real-file-name
                                                   'integer)))
-                                       (<= (file-attribute-user-id attr)
-                                           copy-when-priv-mismatch))))
+                                        (or (<= (file-attribute-user-id attr)
+                                                copy-when-priv-mismatch)
+                                            (<= (file-attribute-group-id attr)
+                                                copy-when-priv-mismatch)))))
                             (not (file-ownership-preserved-p real-file-name
                                                              t)))))
                   setmodes)