Bug 495066
Summary: | rpc.statd is running as root | ||||||
---|---|---|---|---|---|---|---|
Product: | Red Hat Enterprise Linux 5 | Reporter: | isakmt | ||||
Component: | nfs-utils | Assignee: | Steve Dickson <steved> | ||||
Status: | CLOSED ERRATA | QA Contact: | yanfu,wang <yanwang> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 5.3 | ||||||
Target Milestone: | rc | ||||||
Target Release: | --- | ||||||
Hardware: | All | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | nfs-utils-1.0.9-52.el5 | Doc Type: | Bug Fix | ||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2011-07-21 11:24:49 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
isakmt
2009-04-09 15:01:34 UTC
Created attachment 338929 [details]
patch for nfs-utils.spec
mkdir sm dir and chown it in postinstall script
prevents rpc.statd from mkdir the directory
with root privilege.
reproduced on nfs-utils-1.0.9-51.el5 using comment #0: [root@hp-dl2x170g6-01 ~]# ps -fp `cat /var/run/rpc.statd.pid` UID PID PPID C STIME TTY TIME CMD root 4095 1 0 01:15 ? 00:00:00 rpc.statd # vim /var/log/messages ... May 16 01:18:32 hp-dl2x170g6-01 rpc.statd[4179]: statd running as root. chown /var/lib/nfs/statd/sm to choose different user verified against nfs-utils-1.0.9-52.el5 on i386 and x86_64: [root@hp-xw6400-02 ~]# rpm -ivh nfs-utils-1.0.9-52.el5.x86_64.rpm Preparing... ########################################### [100%] package nfs-utils-1.0.9-52.el5.x86_64 is already installed [root@hp-xw6400-02 ~]# /etc/init.d/nfslock start Starting NFS statd: [ OK ] [root@hp-xw6400-02 ~]# ps -fp `cat /var/run/rpc.statd.pid` UID PID PPID C STIME TTY TIME CMD rpcuser 5447 1 0 01:26 ? 00:00:00 rpc.statd An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1048.html |