Bug 194203

Summary: /var/run/avahi-daemon has wrong permissions
Product: [Fedora] Fedora Reporter: Michael Sullivan <m.t.sullivan>
Component: avahiAssignee: Martin Stransky <stransky>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 5   
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2007-08-12 17:05:48 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Michael Sullivan 2006-06-06 04:25:51 UTC 
Description of problem:
/var/run/avahi-daemon is created with permission 0750, but it should be 0755.
This prevents access by ordinary users to the daemon's socket needed for the
"simple protocol" used, for example, by the external nss-mdns project.

Version-Release number of selected component (if applicable):
avahi-0.6.9-9.FC5.i386

How reproducible:
always

Steps to Reproduce:
1. ls -ld /var/run/avahi-daemon
  
Actual results:
drwxr-x--- 2 avahi avahi 4096 Jun  5 22:31 /var/run/avahi-daemon

Expected results:
drwxr-xr-x 2 avahi avahi 4096 Jun  5 22:31 /var/run/avahi-daemon


Additional info:

This fragment of the make_runtime_dir function in avahi-daemon/main.c
demonstrates the intended permissions of the directory:

    if (mkdir(AVAHI_DAEMON_RUNTIME_DIR, 0755) < 0 && errno != EEXIST) {
        avahi_log_error("mkdir(\""AVAHI_DAEMON_RUNTIME_DIR"\"): %s",
strerror(errno));
        goto fail;
    }

P.S. Any update to fix this problem should also update to avahi 0.6.10
since 0.6.9 is known to have security sensitive bugs.
Comment 1 Jason Vas Dias 2006-06-07 15:49:46 UTC 
This is now fixed with avahi-0.6.10-1.FC5 / avahi-0.6.10-2.FC6 .
Comment 2 Fedora Update System 2006-06-07 23:40:09 UTC 
avahi-0.6.10-1.FC5 has been pushed for fc5, which should resolve this issue.  If these problems are still present in this version, then please make note of it in this bug report.
Comment 3 Lennart Poettering 2007-08-12 17:05:48 UTC 
I think this bug can be closed now. And I also remembered to having fixed this
upstram years ago.