Red Hat Bugzilla – Bug 1253924
systemd and xorg-x11-xfs both list /tmp/.font-unix in /usr/lib/tmpfiles.d
Last modified: 2017-10-13 02:52:59 EDT
[/usr/lib/tmpfiles.d/xfs.conf:1] Duplicate line for path "/tmp/.font-unix", ignoring.
Lo and behold, /tmp/.font-unix is indeed listed twice in /usr/lib/tmpfiles.d:
$ grep font-unix *
x11.conf:d /tmp/.font-unix 1777 root root 10d
xfs.conf:d /tmp/.font-unix 1777 root root
$ rpm -qf x11.conf xfs.conf
Normally I'd say that the package that uses those dirs should have the tmpfiles snippet and not systemd, but there are special considerations here. /tmp is a public space, and by having the files in systemd we avoid a possible attack in the case where X11 is installed later, on an already running system. But this is very special case, and maybe something we shouldn't care about.
If indeed "a very special case" then code something to not warn about duplicate lines for "very special cases".
There shouldn't be that many "special cases", otherwise they wouldn't be "special"
Fedora 22 changed to end-of-life (EOL) status on 2016-07-19. Fedora 22 is
no longer maintained, which means that it will not receive any further
security or bug fix updates. As a result we are closing this bug.
If you can reproduce this bug against a currently maintained version of
Fedora please feel free to reopen this bug against that version. If you
are unable to reopen this bug, please file a new report against the
current release. If you experience problems, please add a comment to this
Thank you for reporting this bug and we are sorry it could not be fixed.
Please drop /usr/lib/tmpfiles.d/xfs.conf.
Longer explanation: normally we'd expect tmpfiles for a specific package to be carried by that package. But xorg-x11-xfs is an optional package (not even installed by default). If this tmpfiles snippet was in xorg-x11-xfs, it would be possible for a normal user to create /tmp/.font-unix after the system is booted, and then trick the administrator into installing the package, thus resulting in wrong permissions on the directory. The simplest solution is to carry the tmpfiles snippet in systemd, as it is currently, so it is always guaranteed to be there.
I still see this issue on an updated F26.
Any progress, patches we could test or otherwise?
As I see it:
We could drop /usr/lib/tmpfiles.d/xfs.conf.
We could also at least stop logging about this issue at the warning level.