Bug 1130570 - restarting service under nonprivileged user must fail
Summary: restarting service under nonprivileged user must fail
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: ipset
Version: 6.6
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Thomas Woerner
QA Contact: qe-baseos-daemons
URL:
Whiteboard:
Depends On:
Blocks: 888571 1136257
TreeView+ depends on / blocked
 
Reported: 2014-08-15 14:40 UTC by Radka Skvarilova
Modified: 2014-09-02 09:04 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-08-26 13:22:07 UTC


Attachments (Terms of Use)

Description Radka Skvarilova 2014-08-15 14:40:50 UTC
Version-Release number of selected component (if applicable):
ipset-6.11-2.el6.x86_64


How reproducible:


Steps to Reproduce:
1.service ipset start
2.su randomUser -c 'service ipset restart'
3.

Actual results:
/etc/init.d/ipset: line 46: /etc/sysconfig/iptables-config: Permission denied
/etc/init.d/ipset: line 47: /etc/sysconfig/ip6tables-config: Permission denied
ipset v6.11: Kernel error received: Operation not permitted
rm: cannot remove `/var/lock/subsys/ipset': Permission denied
ipset v6.11: Kernel error received: Operation not permitted
ipset: Loading IP sets:                                    [  OK  ]
touch: cannot touch `/var/lock/subsys/ipset': Permission denied

Return code: 0
Expected results:
Return code: 4


Additional info:

Comment 3 Thomas Woerner 2014-08-26 13:15:25 UTC
Fixes applied to init script altogether with suggestions from https://bugzilla.redhat.com/show_bug.cgi?id=888571#c28

Comment 4 Thomas Woerner 2014-08-26 13:22:07 UTC

*** This bug has been marked as a duplicate of bug 888571 ***

Comment 5 Radka Skvarilova 2014-08-26 13:29:25 UTC
This ticket was merge, becase they belong to same errata.


Note You need to log in before you can comment on or make changes to this bug.