Bug 554567

Summary: cobblerd wronly sets permissions of files inside /tftpboot/pxelinux.cfg/*
Product: Red Hat Satellite 5 Reporter: Martin Osvald 🛹 <mosvald>
Component: ServerAssignee: Justin Sherrill <jsherril>
Status: CLOSED ERRATA QA Contact: Šimon Lukašík <slukasik>
Severity: medium Docs Contact:
Priority: medium    
Version: 530CC: cperry, jhutar, tao
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2010-04-23 07:10:32 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 518256    
Attachments:
Description Flags
a patch which fixes the bug none

Description Martin Osvald 🛹 2010-01-12 00:38:54 UTC 
Description of problem:

When you log in the satellite webui as a satellite admin and run cobbler sync, the permissions of files inside /tftpboot/pxelinux.cfg/* get world writible persmissions.

This is caused by cobblerd, which wrongly sets its umask to 0 causing it to create files with 0666 permissions.


Version-Release number of selected component (if applicable):

cobbler-1.6.6-3.el5sat


How reproducible:

always


Steps to Reproduce:

1. log in webui as a satellite admin

2. go to Admin -> RHN Satellite Configuration -> Cobbler

3. push the "Update" button to run cobbler sync

  
Actual results:

Sets wrong permissions inside /tftpboot/pxelinux.cfg/

# ls -l /tftpboot/pxelinux.cfg/
total 24
-rw-rw-rw-  1 root root  314 Jan 11 19:10 xx-xx-xx-xx-xx-xx-xx
-rw-rw-rw-  1 root root 8997 Jan 11 19:10 default
#


Expected results:

# ls -l /tftpboot/pxelinux.cfg/
total 24
-rw-r--r--  1 root root  314 Jan 11 19:10 xx-xx-xx-xx-xx-xx-xx
-rw-r--r--  1 root root 8997 Jan 11 19:10 default
#


Additional info:

A patch which fixes the bug has been attached.
Comment 1 Martin Osvald 🛹 2010-01-12 00:40:26 UTC 
Created attachment 383127 [details]
a patch which fixes the bug
Comment 2 Justin Sherrill 2010-03-08 18:50:54 UTC 
submitted patch upstream and committed in 3rd party git in commit: 2e9a1091d18d507864cfe108a31bf8824b3d0390
Comment 5 Šimon Lukašík 2010-04-02 11:04:26 UTC 
Changing to verified:

Testing procedure:
1) Reproduced bug with old set of packages: *-0.5.28-49
# ls -l /tftpboot/pxelinux.cfg/
-rw-rw-rw- 1 root root 211 Apr  2 03:50 default
2) Verifying with new set of packages: *-0.5.28-40.x.2
[root@rlx-0-14 2010:9477]# ls -l /tftpboot/pxelinux.cfg/
-rw-r--r-- 1 root root 211 Apr  2 04:23 default

Note:
Content of /tftpboot/images and /tftpboot/s390x was also created with 0666 permissions.
New set of packeges fixes this as well.

Verified against: (on rhel-i386-server-5-u4 and rhel-s390x-as-4-u8)
*-0.5.28-40.x.2
Comment 7 errata-xmlrpc 2010-04-23 07:10:32 UTC 
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2010-0369.html