Bug 989514
Summary: | avoid setting insecure LD_LIBRARY_PATH | |||
---|---|---|---|---|
Product: | Red Hat Enterprise Linux 6 | Reporter: | Bala.FA <barumuga> | |
Component: | glusterfs | Assignee: | Amar Tumballi <amarts> | |
Status: | CLOSED ERRATA | QA Contact: | Cluster QE <mspqa-list> | |
Severity: | urgent | Docs Contact: | ||
Priority: | urgent | |||
Version: | 6.5 | CC: | barumuga, dpati, grajaiya, shaines, vraman | |
Target Milestone: | rc | |||
Target Release: | --- | |||
Hardware: | Unspecified | |||
OS: | Unspecified | |||
Whiteboard: | ||||
Fixed In Version: | glusterfs-3.4.0.22rhs-2 | Doc Type: | Bug Fix | |
Doc Text: |
Cause: mount.glusterfs uses LD_LIBRARY_PATH which is insecure and rpmdiff test on errata fails
Consequence: attaching build to errata fails in rpmdiff test
Fix: remove LD_LIBRARY_PATH usage which is no longer needed in mount.glusterfs
Result: now rpmdiff doesn't report failure when attaching builds
|
Story Points: | --- | |
Clone Of: | ||||
: | 989689 (view as bug list) | Environment: | ||
Last Closed: | 2013-11-21 11:59:00 UTC | Type: | Bug | |
Regression: | --- | Mount Type: | --- | |
Documentation: | --- | CRM: | ||
Verified Versions: | Category: | --- | ||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
Cloudforms Team: | --- | Target Upstream Version: | ||
Embargoed: | ||||
Bug Depends On: | ||||
Bug Blocks: | 989689, 989858 |
Description
Bala.FA
2013-07-29 12:23:31 UTC
removed all the reference to LD_LIBRARY_PATH from the code. before the fix (tried on glusterfs-3.4.0.10rhs or earlier) amar@ganaka:~/work/rhs-glusterfs$ grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs 54: LD_LIBRARY_PATH=@libdir@:${LD_LIBRARY_PATH} 55: export LD_LIBRARY_PATH with latest (anything above glusterfs-3.4.0.22rhs) amar@ganaka:~/work/rhs-glusterfs$ grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs amar@ganaka:~/work/rhs-glusterfs$ Verified. [root@dhcp201-162 ~]# grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs [root@dhcp201-162 ~]# [root@dhcp201-162 ~]# rpm -qf /sbin/mount.glusterfs glusterfs-fuse-3.4.0.34rhs-1.el6.x86_64 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1641.html |