Bug 166699

Summary: squirrelmail update screwed permissions
Product: [Fedora] Fedora Reporter: Dan Hollis <goemon>
Component: squirrelmailAssignee: Warren Togami <wtogami>
Status: CLOSED CANTFIX QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 3CC: wtogami
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2005-08-26 02:01:16 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dan Hollis 2005-08-24 18:36:26 UTC 
Description of problem:
squirrelmail update screwed permissions

Version-Release number of selected component (if applicable):
squirrelmail-1.4.6-0.cvs20050812.1.fc3

How reproducible:
always

Steps to Reproduce:
1.install older squirrelmail
2.run yum update
3.try to login to squirrelmail
  
Actual results:
squirrelmail aborts in login page complaining it can't read default_pref

Expected results:
It should work, but doesn't.

Additional info:
The squirrelmail-1.4.6-0.cvs20050812.1.fc3 update changed ownership of
/etc/squirrelmail/default_pref and it should not have done this.
Comment 1 Warren Togami 2005-08-24 22:06:57 UTC 
What is the exact package version of the older version?
Comment 2 Dan Hollis 2005-08-24 22:27:41 UTC 
squirrelmail-1.4.4-1.FC3

actually i see what the problem is.

we run apache with a different user/group, so ownership/permissions on
/etc/squirrelmail/default_pref had to be different for apache to read it.

the upgrade to 1.4.6 stomped the ownership and permissions of
/etc/squirrelmail/default_pref. this should not happen as this is a user site
specific config file.
Comment 3 Warren Togami 2005-08-26 02:01:16 UTC 
There is no way of fixing this, and this problem is nothing new with this
version of the RPM.  Unfortunately you are using it in an unsupported way.  Sorry.
Comment 4 Dan Hollis 2005-08-26 02:14:05 UTC 
this is terrifying to anyone using fedora in a production environment, if fedora
rpms can stomp permissions of any site-specific configuration file.

is there any _clearly stated_ list of fedora 100% supported policies for apache,
php and squirrelmail? there doesn't seem to be any documentation on officially
supported policies, just 'how to set up apache' with no warnings about policy.
Comment 5 Mike A. Harris 2005-09-13 01:35:07 UTC 
man chattr

chattr +i <filename>