Bug 2069297

Summary: Wrong permissions on /var/lib/fprint after reboot
Product: Red Hat Enterprise Linux 9 Reporter: Milan Lysonek <mlysonek>
Component: fprintdAssignee: Bastien Nocera <bnocera>
Status: ASSIGNED --- QA Contact: Desktop QE <desktop-qa-list>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 9.0CC: bnocera, jkoten, tpelka, vpolasek
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Milan Lysonek 2022-03-28 16:37:20 UTC 
Description of problem:
After reboot, the /var/lib/fprint file gets wrong permissions than what rpm database expects.


Version-Release number of selected component (if applicable):
fprintd-1.94.0-3.el9.x86_64


How reproducible:
100%


Steps to Reproduce:
1. Check wrong permissions using rpm -Va
# rpm -Va | awk '{ if (substr($0,2,1)=="M") print $NF }' | grep fprint
/var/lib/fprint

2. Set the permissions according to rpm database
# rpm --setperms fprintd

3. Verify that /var/lib/fprint has correct permissions now
# rpm -Va | awk '{ if (substr($0,2,1)=="M") print $NF }' | grep fprint

4. Reboot

5. Check permissions again
# rpm -Va | awk '{ if (substr($0,2,1)=="M") print $NF }' | grep fprint
/var/lib/fprint


Actual results:
/var/lib/fprint permissions are changed after reboot

Expected results:
/var/lib/fprint has correct permissions according to rpm db after reboot


Additional info:
Expected permissions:
# rpm -q --queryformat="[%{FILEMODES:perms} %{FILENAMES}\n]" fprintd | grep "/var/lib/fprint"
drwxr-xr-x /var/lib/fprint

Permissions after reboot:
# ls -ld /var/lib/fprint
drwx------. 2 root root 6 Aug 26  2021 /var/lib/fprint
Comment 1 Benjamin Berg 2022-03-28 18:08:33 UTC 
Yeah:

$ cat /usr/lib/systemd/system/fprintd.service | grep State
StateDirectory=fprint
StateDirectoryMode=0700

0700 makes sense really, the RPM should just be updated.
Comment 4 Bastien Nocera 2023-02-15 11:15:34 UTC 
Fixed in fprintd-1.94.2-7.fc39 for rawhide
Comment 5 Sandro Bonazzola 2023-05-16 07:58:01 UTC 
It failed fedora-ci.koji-build.tier0.functional: https://bodhi.fedoraproject.org/updates/FEDORA-2023-44380b4879 
so it's not landed yet in rawhide repos.
Comment 6 Bastien Nocera 2023-06-30 08:06:20 UTC 
Removing the needinfo pending package reassigment.