Bug 989514

Summary: avoid setting insecure LD_LIBRARY_PATH
Product: Red Hat Enterprise Linux 6 Reporter: Bala.FA <barumuga>
Component: glusterfsAssignee: Amar Tumballi <amarts>
Status: CLOSED ERRATA QA Contact: Cluster QE <mspqa-list>
Severity: urgent Docs Contact:
Priority: urgent    
Version: 6.5CC: barumuga, dpati, grajaiya, shaines, vraman
Target Milestone: rc   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: glusterfs-3.4.0.22rhs-2 Doc Type: Bug Fix
Doc Text:
Cause: mount.glusterfs uses LD_LIBRARY_PATH which is insecure and rpmdiff test on errata fails Consequence: attaching build to errata fails in rpmdiff test Fix: remove LD_LIBRARY_PATH usage which is no longer needed in mount.glusterfs Result: now rpmdiff doesn't report failure when attaching builds
 Story Points: ---
Clone Of:
: 989689 (view as bug list) Environment:
Last Closed: 2013-11-21 11:59:00 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On:    
Bug Blocks: 989689, 989858    

Description Bala.FA 2013-07-29 12:23:31 UTC 
mount.glusterfs uses insecure LD_LIBRARY_PATH.  We would need to avoid using it as it fails in errata process.
Comment 1 Amar Tumballi 2013-08-23 18:24:58 UTC 
removed all the reference to LD_LIBRARY_PATH from the code.
Comment 3 Amar Tumballi 2013-10-09 05:18:47 UTC 
before the fix (tried on glusterfs-3.4.0.10rhs or earlier)

amar@ganaka:~/work/rhs-glusterfs$ grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs
54:    LD_LIBRARY_PATH=@libdir@:${LD_LIBRARY_PATH}
55:    export LD_LIBRARY_PATH

with latest (anything above glusterfs-3.4.0.22rhs)

amar@ganaka:~/work/rhs-glusterfs$ grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs 
amar@ganaka:~/work/rhs-glusterfs$
Comment 4 Gowrishankar Rajaiyan 2013-10-09 06:13:30 UTC 
Verified.

[root@dhcp201-162 ~]# grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs
[root@dhcp201-162 ~]# 

[root@dhcp201-162 ~]# rpm -qf /sbin/mount.glusterfs 
glusterfs-fuse-3.4.0.34rhs-1.el6.x86_64
Comment 5 errata-xmlrpc 2013-11-21 11:59:00 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1641.html