Bug 14728
| Summary: | If umask is 077 authconfig leaves /etc/nsswitch.conf readable only to root | ||
|---|---|---|---|
| Product: | [Retired] Red Hat Linux | Reporter: | Jarno Huuskonen <jarno.huuskonen> |
| Component: | authconfig | Assignee: | Nalin Dahyabhai <nalin> |
| Status: | CLOSED RAWHIDE | QA Contact: | |
| Severity: | medium | Docs Contact: | |
| Priority: | medium | ||
| Version: | 6.2 | ||
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | i386 | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | Bug Fix | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2000-07-27 13:41:44 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
Authconfig has been largely rewritten for our next release. It does not appear to have this problem any more. |
Hi ! If roots umask is 077 authconfig sets /etc/nsswitch.conf mode to 0600 and after that normal users can't read the file and fail to resolve own hostname etc... (for example emacs takes ages to start) I've included a small patch that should chmod the /etc/nsswitch.conf to 0644. (Note: Somebody should check more thoroughly if umask 077 breaks anything else in authconfig). -Jarno Huuskonen (jhuuskon.fi) diff -u -r authconfig-3.0.3-orig/authconfig.c authconfig-3.0.3/authconfig.c --- authconfig-3.0.3-orig/authconfig.c Wed Feb 16 22:50:13 2000 +++ authconfig-3.0.3/authconfig.c Thu Jul 27 16:31:00 2000 @@ -13,6 +13,7 @@ #include <locale.h> #include <newt.h> #include <popt.h> +#include <sys/types.h> /* For chmod */ #include <sys/stat.h> #include <stdio.h> #include <stdlib.h> @@ -1118,7 +1119,9 @@ /* rename the temporary file */ unlink("/etc/nsswitch.conf"); rename("/etc/nsswitch.conf-", "/etc/nsswitch.conf"); - + /* Jarno Huuskonen: chmod the new config to 0644 ! */ + chmod("/etc/nsswitch.conf", (mode_t) 0644); + /* * don't return an error if we don't find the line -- it may not * be there the first time they run the tool.