Bug 17718

Summary:	the init-script should check the intended access permissions configuration
Product:	Branch 4.1	Reporter:	Ivan Zakharyaschev <imz>
Component:	klogd	Assignee:	Nobody's working on this, feel free to take it <nobody>
Status:	CLOSED WONTFIX	QA Contact:	qa-4.1 <qa-4.1>
Severity:	enhancement
Priority:	P2
Version:	unspecified
Hardware:	all
OS:	Linux
Bug Depends on:	17719
Bug Blocks:	17250

Description Ivan Zakharyaschev 2008-10-29 00:59:24 MSK

klogd-1.4.1-alt28

As https://bugzilla.altlinux.org/show_bug.cgi?id=17250 has shown, an error in the configuration of access permissions can lead to unnoticed failures of klogd: the primary group of the user "klogd" (/etc/passwd) didn't match the group named "klogd" (/etc/group), which was the owner of the working directories for klogd (/var/lib/klogd/...).

The init-script could check whether the actual configuration (/etc/passwd, /etc/group, access permissions) matches the intended configuration. The intended configuration is a known thing: now, it is expressed by the commands in the RPM preinstall script:

# rpm -q klogd --scripts 
preinstall scriptlet (through /bin/sh):
/usr/sbin/groupadd -r -f klogd
/usr/sbin/useradd -r -g klogd -d /dev/null -s /dev/null -n klogd >/dev/null 2>&1 ||:

So, the init script could check that the primary gid of the user "klogd" is indeed the group named "klogd" (and perhaps that /var/lib/klogd/... is indeed owned by the group).

Comment 1 Michael Shigorin 2014-11-05 20:41:08 MSK

В 4.1/branch исправления не будут вноситься уже технически (заглушена очередь на сборку), поэтому прошу ошибки, актуальные для sisyphus/p7/t7, перевесить на текущие ветки или сизиф.