Hide Forgot
Description of problem: /var/run/virt-who.pid is world-writable Version-Release number of selected component (if applicable): RHEL 6.7 running virt-who-0.12-10.el6.noarch How reproducible: Always Steps to Reproduce: 1).Install and Configure virt-who on a server in a VM environment. 2. Start virt-who service 3. Check for the permissions of the PID file created. Actual results: PID File created by virt-who is world writable. Expected results: PID File created by virt-who should not be world writable. Reference Case # 01582525
Fixed upstream: https://github.com/virt-who/virt-who/commit/4ddbb759cace9c2c31aec021cdb157712d46b56c
Fixed in virt-who-0.16-5.el6.
Checked it on virt-who-0.16-5.el6.noarch. the authority has update to 600. Can we modify it to 644? [root@hp-z220-07 run]# ll /var/run/virt-who.pid -rw-------. 1 root root 4 Mar 1 16:46 /var/run/virt-who.pid
Is there any reason why it should be 644? Why should non-root processes be able to read virt-who PID?
No special reason, I think the pid is not secret and other related service also show 644. Anyway, I will verify it. [root@intel-piketon-01 ~]# ll /var/run/libvirtd.pid -rw-r--r--. 1 root root 5 Mar 16 02:27 /var/run/libvirtd.pid
Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. https://rhn.redhat.com/errata/RHEA-2016-0859.html