Bug 1037866 - lynis-1.3.5-1.fc19.noarch: broken permissions
lynis-1.3.5-1.fc19.noarch: broken permissions
Status: CLOSED ERRATA
Product: Fedora
Classification: Fedora
Component: lynis (Show other bugs)
19
Unspecified Unspecified
unspecified Severity unspecified
: ---
: ---
Assigned To: Christopher Meng
Fedora Extras Quality Assurance
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2013-12-03 19:22 EST by Harald Reindl
Modified: 2013-12-27 17:15 EST (History)
1 user (show)

See Also:
Fixed In Version: lynis-1.3.7-1.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2013-12-07 01:54:01 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Harald Reindl 2013-12-03 19:22:36 EST
- [01:21:03] Warning: Invalid permissions on tests file tests_boot_services [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_kernel [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_memory_processes [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_authentication [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_shells [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_filesystems [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_storage [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_storage_nfs [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_nameservices [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_ports_packages [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_networking [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_printers_spools [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_mail_messaging [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_firewalls [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_webservers [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_ssh [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_snmp [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_databases [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_ldap [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_php [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_squid [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_logging [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_insecure_services [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_banners [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_scheduling [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_accounting [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_time [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_crypto [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_virtualization [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_mac_frameworks [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_file_integrity [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_hardening_tools [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_malware [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_file_permissions [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_homedirs [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_kernel_hardening [test:NONE] [impact:H]
   - [01:21:03] Warning: Invalid permissions on tests file tests_hardening [test:NONE] [impact:H]
Comment 1 Christopher Meng 2013-12-04 00:53:59 EST
1.3.5 demands no more than 600 permissions set on tests_*, I don't know why 644 is considered bad.

I've prepared a patch for 1.3.6(just released but with no fix or explanation of this weird setting), when I get reply from the author I will know if 644 can be allowed or not.
Comment 2 Christopher Meng 2013-12-04 05:01:27 EST
Upstream discourage patching the source to allow 644 permission.

So I will package them with install -pm600.
Comment 3 Fedora Update System 2013-12-04 06:28:57 EST
lynis-1.3.6-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/lynis-1.3.6-1.fc20
Comment 4 Fedora Update System 2013-12-04 06:30:00 EST
lynis-1.3.6-1.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/lynis-1.3.6-1.fc18
Comment 5 Fedora Update System 2013-12-04 06:30:14 EST
lynis-1.3.6-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/lynis-1.3.6-1.fc19
Comment 6 Fedora Update System 2013-12-04 06:31:18 EST
lynis-1.3.6-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/lynis-1.3.6-1.el6
Comment 7 Fedora Update System 2013-12-04 19:36:41 EST
Package lynis-1.3.6-1.fc20:
* should fix your issue,
* was pushed to the Fedora 20 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing lynis-1.3.6-1.fc20'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2013-22700/lynis-1.3.6-1.fc20
then log in and leave karma (feedback).
Comment 8 Fedora Update System 2013-12-07 01:54:01 EST
lynis-1.3.6-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2013-12-08 21:02:13 EST
lynis-1.3.6-1.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2013-12-11 00:59:19 EST
lynis-1.3.7-1.fc20 has been submitted as an update for Fedora 20.
https://admin.fedoraproject.org/updates/lynis-1.3.7-1.fc20
Comment 11 Fedora Update System 2013-12-11 00:59:35 EST
lynis-1.3.7-1.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/lynis-1.3.7-1.fc19
Comment 12 Fedora Update System 2013-12-11 00:59:52 EST
lynis-1.3.7-1.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/lynis-1.3.7-1.el6
Comment 13 Fedora Update System 2013-12-11 21:58:16 EST
lynis-1.3.7-1.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 14 Fedora Update System 2013-12-19 20:54:22 EST
lynis-1.3.7-1.fc20 has been pushed to the Fedora 20 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 15 Fedora Update System 2013-12-27 17:15:48 EST
lynis-1.3.7-1.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.