Bug 876241
| Summary: | Anacron comes from a broken HOME | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Ted Rule <ejtr> | |
| Component: | cronie | Assignee: | Marcela Mašláňová <mmaslano> | |
| Status: | CLOSED NEXTRELEASE | QA Contact: | qe-baseos-daemons | |
| Severity: | low | Docs Contact: | ||
| Priority: | low | |||
| Version: | 6.3 | |||
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | All | |||
| OS: | Linux | |||
| Whiteboard: | ||||
| Fixed In Version: | Doc Type: | Bug Fix | ||
| Doc Text: | Story Points: | --- | ||
| Clone Of: | ||||
| : | 878032 962842 (view as bug list) | Environment: | ||
| Last Closed: | 2013-05-14 14:45:35 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 878032, 962842 | |||
Hi, thank for your very thorough report. I'll look at settings of HOME at least for the upstream project. I'll clone other bugs to their components. Thanks, Marcela I would prefer to fix it in upstream project and fix it in next release. |
Description of problem: This is a variant of the problem already reported in Bugzilla 575419 where /etc/crontab incorrectly set HOME=/ such that the cron.daily Job was unable to make use of root-specific configuration files such as /root/.my.cnf Because of the reworking of Cron/Anacron under RHEL6, cron.daily's environment is now effectively controlled by /etc/cron.d/0hourly which also has a HOME-/ setting. Our recommendation is to comment out HOME=/ from BOTH /etc/crontab and /etc/cron.d/0hourly in RHEL6 and /etc/crontab in RHEL5. Version-Release number of selected component (if applicable): cronie-1.4.4-7.el6.i686 How reproducible: Create a cron.daily Job which reports HOME - by simply executing /bin/env for instance. Additional info: In the course of trying to debug this problem, we found two additional problems when trying to read /root/.my.cnf from within a /etc/logrotate.d/mysql script within logrotate within cron.daily. The first problem is that /etc/cron.daily/logrotate erroneously - in our view - redirects STDOUT and STDERR to /dev/null under RHEL6, whereas it redirects into cron.daily's sendmail PIPE under RHEL5. Surely this NULLing should be removed? The second problem is that under RHEL6, /root/* has an SELinux Label of admin_home_t whereas it had a Label of user_home_t under RHEL5. The side-effect is that logrotate_t has no read permissions to /root/* under RHEL6, even though it did under RHEL5. Consequently we added this permission to get our particular logrotate script working: allow logrotate_t admin_home_t:dir { list_dir_perms }; allow logrotate_t admin_home_t:file { read_file_perms }; Is it reasonable to add this permission to RHEL6?