Bug 58306

Summary: rpm 4.0.3-6x rebuilddb resets db uids / gids
Product: [Retired] Red Hat Linux Reporter: Ned Ulbricht <nedu>
Component: rpmAssignee: Jeff Johnson <jbj>
Status: CLOSED DEFERRED QA Contact:
Severity: low Docs Contact:
Priority: medium    
Version: 7.2CC: herrold
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2002-01-14 18:09:58 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Ned Ulbricht 2002-01-13 22:45:12 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-kim.1 i486)

Description of problem:
The rpm-4.0.3-6x postinstall scriptlet executes
'/bin/chown rpm.rpm /var/lib/rpm/[A-Z]*'

But a subsequent 'rpm --rebuilddb' (executed in a root shell) resets
/var/lib/rpm/[A-Z]* to root.root.



Version-Release number of selected component (if applicable):
rpm-4.0.3-6x.i386.rpm

How reproducible:
Didn't try

Steps to Reproduce:
(previously using db3 rpm db from rpm-4.0.2-6x)
]# rpm -Uvh rpm*.i386.rpm popt-1.6.3-6x.i386.rpm 
(snip -- upgrade ok)         
# ls -l /var/lib/rpm
total 11476
-rw-r--r--    1 rpm      rpm       2629632 Jan 13 01:33 Basenames
-rw-r--r--    1 rpm      rpm         12288 Jan 13 01:32 Conflictname
-rw-r--r--    1 rpm      rpm         12288 Jan 13 01:33 Group
-rw-r--r--    1 rpm      rpm         24576 Jan 13 01:33 Name
-rw-r--r--    1 rpm      rpm       9392128 Jan 13 01:33 Packages
-rw-r--r--    1 rpm      rpm         90112 Jan 13 01:33 Providename
-rw-r--r--    1 rpm      rpm         98304 Jan 13 01:33 Requirename
-rw-r--r--    1 rpm      rpm         12288 Jan 13 01:15 Triggername
[# rpm --rebuilddb
[# ls -l /var/lib/rpm
total 11856
-rw-r--r--    1 root     root      2646016 Jan 13 01:47 Basenames
-rw-r--r--    1 root     root        12288 Jan 13 01:46 Conflictname
-rw-r--r--    1 root     root       311296 Jan 13 01:47 Dirnames
-rw-r--r--    1 root     root        12288 Jan 13 01:47 Group
-rw-r--r--    1 root     root         8192 Jan 13 01:47 Installtid
-rw-r--r--    1 root     root        24576 Jan 13 01:47 Name
-rw-r--r--    1 root     root      9388032 Jan 13 01:47 Packages
-rw-r--r--    1 root     root        86016 Jan 13 01:47 Providename
-rw-r--r--    1 root     root        28672 Jan 13 01:47 Provideversion
-rw-r--r--    1 root     root        98304 Jan 13 01:47 Requirename
-rw-r--r--    1 root     root        40960 Jan 13 01:47 Requireversion
-rw-r--r--    1 root     root        12288 Jan 13 01:46 Triggername


Additional info:

The CHANGES file documents only
4.0.2 -> 4.0.3:
   - database has rpm.rpm g+w permissions to share db3 mutexes.

But none of the database files, nor the db directory have g+w permissions
$ ls -ld /var/lib/rpm
drwxr-xr-x    2 rpm      rpm          4096 Jan 13 04:07 /var/lib/rpm/

At the very least there is a documentation error here.  

And really, a change in the security framework needs to be explained to 
administrators just a little bit more in depth than with a one-line cryptic
entry 
in a changelog.  (I'd add a ;) but I'm not kidding).

Is it the intention to limit the damage that a run-away database update can do? 
Or is the intention to allow db mutexes to be set by non-privileged users?
Comment 1 R P Herrold 2002-01-14 18:09:53 UTC 
over-reaction on my part ... re-clasify status -- see rpm-list archives today 
for explanation
Comment 2 Jeff Johnson 2002-02-05 17:52:41 UTC 
Yes, the uid/gid are reset with --rebuilddb in rpm-4.0.4 and
earlier. The fix will be to put a setgid helper into rpm, which
will happen when it happens. For the moment, owner rpm.rpm
is exactly equivalent (for security audit purposes) to root.root,
adequate for now.