Bug 17718

Summary: the init-script should check the intended access permissions configuration
Product: Branch 4.1 Reporter: Ivan Zakharyaschev <imz>
Component: klogdAssignee: Nobody's working on this, feel free to take it <nobody>
Status: CLOSED WONTFIX QA Contact: qa-4.1 <qa-4.1>
Severity: enhancement    
Priority: P2    
Version: unspecified   
Hardware: all   
OS: Linux   
Bug Depends on: 17719    
Bug Blocks: 17250    

Description Ivan Zakharyaschev 2008-10-29 00:59:24 MSK
klogd-1.4.1-alt28

As https://bugzilla.altlinux.org/show_bug.cgi?id=17250 has shown, an error in the configuration of access permissions can lead to unnoticed failures of klogd: the primary group of the user "klogd" (/etc/passwd) didn't match the group named "klogd" (/etc/group), which was the owner of the working directories for klogd (/var/lib/klogd/...).

The init-script could check whether the actual configuration (/etc/passwd, /etc/group, access permissions) matches the intended configuration. The intended configuration is a known thing: now, it is expressed by the commands in the RPM preinstall script:

# rpm -q klogd --scripts 
preinstall scriptlet (through /bin/sh):
/usr/sbin/groupadd -r -f klogd
/usr/sbin/useradd -r -g klogd -d /dev/null -s /dev/null -n klogd >/dev/null 2>&1 ||:

So, the init script could check that the primary gid of the user "klogd" is indeed the group named "klogd" (and perhaps that /var/lib/klogd/... is indeed owned by the group).
Comment 1 Michael Shigorin 2014-11-05 20:41:08 MSK
В 4.1/branch исправления не будут вноситься уже технически (заглушена очередь на сборку), поэтому прошу ошибки, актуальные для sisyphus/p7/t7, перевесить на текущие ветки или сизиф.