Bug 2138431

Summary: ubi8-minimal sticky bit removed from /tmp
Product: Red Hat Enterprise Linux 8 Reporter: rseip
Component: ubi8-minimal-containerAssignee: Jindrich Novy <jnovy>
Status: CLOSED DUPLICATE QA Contact: atomic-bugs <atomic-bugs>
Severity: low Docs Contact:
Priority: unspecified    
Version: 8.6CC: dornelas, jwboyer, mapandey
Target Milestone: rcKeywords: Triaged
Target Release: ---   
Hardware: x86_64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2022-11-09 18:57:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description rseip 2022-10-28 19:12:27 UTC 
Description of problem:

The sticky bit has been removed from /tmp directory in ubi8/ubi-minimal:8.6-985. It was present in previous image ubi8/ubi-minimal:8.6-941.

Version-Release number of selected component (if applicable):

ubi8/ubi-minimal:8.6-985

How reproducible: see Steps to Reproduce below.

Steps to Reproduce:
1. podman run -ti registry.access.redhat.com/ubi8-minimal:8.6-941 ls -ld /tmp
2. podman run -ti registry.access.redhat.com/ubi8-minimal:8.6-985 ls -ld /tmp

Actual results:

drwxrwxrwx. 2 root root 58 Oct 19 04:57 /tmp

Expected results:

drwxrwxrwt. 2 root root 58 Oct 19 04:57 /tmp


Additional info:

No longer compliant with https://static.open-scap.org/ssg-guides/ssg-rhel8-guide-stig.html#xccdf_org.ssgproject.content_rule_dir_perms_world_writable_sticky_bits
Comment 5 Derrick Ornelas 2022-11-09 18:57:32 UTC 
This appears to be an issue with podman and not the individual images. Closing this in favor of BZ 2138434.

*** This bug has been marked as a duplicate of bug 2138434 ***