Bug 855905
| Summary: | yum-plugin-versionlock may change the permissions of its version-locks file | ||
|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Gianni Giardina <gigiardin> |
| Component: | yum-utils | Assignee: | Valentina Mukhamedzhanova <vmukhame> |
| Status: | CLOSED WONTFIX | QA Contact: | BaseOS QE Security Team <qe-baseos-security> |
| Severity: | low | Docs Contact: | |
| Priority: | low | ||
| Version: | 6.3 | CC: | jzeleny, tcallawa, tlavigne |
| Target Milestone: | rc | ||
| Target Release: | --- | ||
| Hardware: | Unspecified | ||
| OS: | Unspecified | ||
| Whiteboard: | |||
| Fixed In Version: | Doc Type: | If docs needed, set a value | |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2017-12-06 10:39:33 UTC | Type: | Bug |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
| Bug Depends On: | |||
| Bug Blocks: | 1499211 | ||
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux. commit 5895426f12354ac6ca26de8aea59d200e8fbd26c
Author: Zdeněk Pavlas <zpavlas>
Date: Mon Sep 24 16:18:08 2012 +0200
Keep "/etc/yum/pluginconf.d/versionlock.list" user-readable. BZ 855905
This request was evaluated by Red Hat Product Management for inclusion in the current release of Red Hat Enterprise Linux. Because the affected component is not scheduled to be updated in the current release, Red Hat is unable to address this request at this time. Red Hat invites you to ask your support representative to propose this request, if appropriate, in the next release of Red Hat Enterprise Linux. Red Hat Enterprise Linux 6 is in the Production 3 Phase. During the Production 3 Phase, Critical impact Security Advisories (RHSAs) and selected Urgent Priority Bug Fix Advisories (RHBAs) may be released as they become available. The official life cycle policy can be reviewed here: http://redhat.com/rhel/lifecycle This issue does not meet the inclusion criteria for the Production 3 Phase and will be marked as CLOSED/WONTFIX. If this remains a critical requirement, please contact Red Hat Customer Support to request a re-evaluation of the issue, citing a clear business justification. Note that a strong business justification will be required for re-evaluation. Red Hat Customer Support can be contacted via the Red Hat Customer Portal at the following URL: https://access.redhat.com/ |
Description of problem ---------------------- After removing a version-lock entry with the command: # yum versionlock delete <entry-wildcard> it becomes no more possible to run "yum ceck-update" as a normal user. This is because the reading permissions of the versionlock.list file have been removed. Version-Release number of selected component -------------------------------------------- yum-3.2.29-30.el6.noarch yum-plugin-versionlock-1.1.30-14.el6.noarch Steps to Reproduce ------------------ 1. Check the permission of versionlock.list: # ls -l /etc/yum/pluginconf.d/versionlock.list -rw-r--r--. 1 root root 36 Sep 10 11:04 /etc/yum/pluginconf.d/versionlock.list 2. Verify that they are the right ones: # rpm -V yum-plugin-versionlock S.5....T. c /etc/yum/pluginconf.d/versionlock.list 3. Remove a version-lock entry: # yum versionlock delete 0:mdadm-3.2.2-9.el6.* Loaded plugins: aliases, changelog, downloadonly, fastestmirror, filter-data, : list-data, post-transaction-actions, presto, priorities, : refresh-packagekit, remove-with-leaves, security, show-leaves, : tmprepo, verify, versionlock Deleting versionlock for: 0:mdadm-3.2.2-9.el6.* 4. Check the permission of versionlock.list again: # ls -l /etc/yum/pluginconf.d/versionlock.list -rw-------. 1 root root 36 Sep 10 11:04 /etc/yum/pluginconf.d/versionlock.list Actual results -------------- If you try to run "yum check-update" as a normal user you get the following error message: Unable to read version lock configuration: [Errno 14] Could not open/read file:///etc/yum/pluginconf.d/versionlock.list Expected results ---------------- As a normal user, I should be able to run "yum check-update" as like as most yum "query" commands. Workaround ---------- # chmod a+r /etc/yum/pluginconf.d/versionlock.list after any "yum versionlock delete ..." but is annoying.