Bug 1738692

Summary: ghost file "/var/lib/setroubleshoot/email_alert_recipients" is created with incorrect mode - compared to RPM specfile
Product: Red Hat Enterprise Linux 7 Reporter: sgardner
Component: setroubleshootAssignee: Vit Mojzis <vmojzis>
Status: CLOSED ERRATA QA Contact: Milos Malik <mmalik>
Severity: medium Docs Contact:
Priority: medium    
Version: 7.5CC: david.deaderick, lvrabec, mmalik, plautrba, zpytela
Target Milestone: rcKeywords: Triaged
Target Release: 7.8   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: setroubleshoot-3.2.30-8.el7 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of:
: 1741960 1973361 (view as bug list) Environment:
Last Closed: 2020-03-31 20:00:29 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 1741960    

Description sgardner 2019-08-07 21:30:08 UTC 
Description of problem:

ghost file  "/var/lib/setroubleshoot/email_alert_recipients" is created with incorrect mode - when compared to RPM specfile which is breaking STIG verifications 

Spec file shows 644 permissions
 /var/lib/setroubleshoot/email_alert_recipients 0100644

File is created with 600 permissions
 -rw-------. 1 setroubleshoot setroubleshoot 0 Aug  1 11:26 /var/lib/setroubleshoot/email_alert_recipients



Version-Release number of selected component (if applicable):

- This started with RHEL7.5 when rpm started listing ghost files in checks.



How reproducible:

- Easily - Any new installation of RHEL7.5+



Actual results:
 -rw-------. 1 setroubleshoot setroubleshoot 0 Aug  1 11:26



Expected results:
 -rw-r--r--. 1 setroubleshoot setroubleshoot 0 Aug  1 11:26



Additional info:  

- This is breaking STIG verifications.  This BZ is part of a larger issue created by RPM verifications including ghost files.
Comment 2 sgardner 2019-08-07 21:35:03 UTC 
Forgot to mention this is for package setroubleshoot-server.

Specifically setroubleshoot-server-3.2.30-3.el7.x86_64  In the customers current setup.
Comment 11 David Deaderick 2019-09-24 19:54:05 UTC 
Issue still exists for setroubleshoot-server-3.2.30-7.el7.x86_64
Comment 14 errata-xmlrpc 2020-03-31 20:00:29 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2020:1103