Bug 1194230 - The /etc/sudoers.d/ceilometer have incorrect permissions
Summary: The /etc/sudoers.d/ceilometer have incorrect permissions
Alias: None
Product: RDO
Classification: Community
Component: openstack-ceilometer
Version: Juno
Hardware: Unspecified
OS: Unspecified
Target Milestone: ---
: Juno
Assignee: Eoghan Glynn
QA Contact: Shai Revivo
Depends On:
TreeView+ depends on / blocked
Reported: 2015-02-19 11:29 UTC by Yanis Guenane
Modified: 2016-05-19 15:41 UTC (History)
4 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2016-05-19 15:41:38 UTC

Attachments (Terms of Use)

Description Yanis Guenane 2015-02-19 11:29:44 UTC
Description of problem:

The /etc/sudoers.d/ceilometer file is installed with the wrong (644 instead of 440) file permissions.

Leading to an errored visudo -c output. Other components have fine permissions file.


install -p -D -m 644 %{SOURCE4} %{buildroot}%{_sysconfdir}/sudoers.d/ceilometer

openstack-neutron.spec :

install -p -D -m 440 %{SOURCE2} %{buildroot}%{_sysconfdir}/sudoers.d/neutron

Version-Release number of selected component (if applicable):

* rhel7
* el7ost

How reproducible:


Steps to Reproduce:
1. Install the openstack-ceilometer-ipmi-2014.2.1-1.el7ost.noarch package
2. run visudo -c

Actual results:

/etc/sudoers: parsed OK
/etc/sudoers.d/ceilometer: bad permissions, should be mode 0440
/etc/sudoers.d/cinder: parsed OK
/etc/sudoers.d/neutron: parsed OK
/etc/sudoers.d/nova: parsed OK

Expected results:

/etc/sudoers: parsed OK
/etc/sudoers.d/ceilometer: parsed OK
/etc/sudoers.d/cinder: parsed OK
/etc/sudoers.d/neutron: parsed OK
/etc/sudoers.d/nova: parsed OK

Comment 3 Pradeep Kilambi 2015-12-15 15:55:31 UTC
fix proposed to upstream rdo packaging: https://review.gerrithub.io/255474

Comment 4 Mike McCune 2016-03-28 22:33:16 UTC
This bug was accidentally moved from POST to MODIFIED via an error in automation, please see mmccune@redhat.com with any questions

Comment 5 Chandan Kumar 2016-05-19 15:41:38 UTC
This bug is against a Version which has reached End of Life.
If it's still present in supported release (http://releases.openstack.org), please update Version and reopen.

Note You need to log in before you can comment on or make changes to this bug.