Bug 9372

Summary: lilo.conf permissions changed on upgrade
Product: [Retired] Red Hat Linux Reporter: Jeremy Katz <katzj>
Component: installerAssignee: Michael Fulbright <msf>
Status: CLOSED RAWHIDE QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: 6.2Keywords: Security
Target Milestone: ---   
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2000-02-14 16:14:46 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Jeremy Katz 2000-02-12 02:34:11 UTC 
On an upgrade, /etc/lilo.conf is changed to contain information on the new
kernel images, and removes the information on old kernels installed via
RPM.  Otherwise, it largely leaves the file "as-is".  But, when it does so,
it opens a completely new file for the new /etc/lilo.conf (after moving the
old one to .rpmsave).  Without checking permissions on the rpmsave, it sets
them to 0644.  This is a problem on systems which have the "restrict"
keyword and a password in the file to prevent users from booting into
single user mode and now to also prevent being able to boot into anaconda
reconfig mode.

As /etc/lilo.conf.rpmsave maintains the correct permissions, probably the
easiest thing to do would be to check the permissions on it and use them
for the chmod instead if it exists in the write function of lilo.py
Comment 1 Jay Turner 2000-02-12 12:53:59 UTC 
Mr. Katz to the rescue again :-)
I am not in front of a machine right now, but am 99% sure that you are right
about this.  Will add it to list of things for fixing.
Comment 2 Jay Turner 2000-02-14 16:14:59 UTC 
This issue is fixed and the fix will show up in the next RawHide that we cut.