Bug 14728 - If umask is 077 authconfig leaves /etc/nsswitch.conf readable only to root
Summary: If umask is 077 authconfig leaves /etc/nsswitch.conf readable only to root
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: authconfig   
(Show other bugs)
Version: 6.2
Hardware: i386 Linux
Target Milestone: ---
Assignee: Nalin Dahyabhai
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2000-07-27 13:41 UTC by Jarno Huuskonen
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2000-07-27 13:41:44 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)

Description Jarno Huuskonen 2000-07-27 13:41:42 UTC
Hi !

If roots umask is 077 authconfig sets /etc/nsswitch.conf mode to 0600 and
after that normal users can't read the file and fail to resolve own
hostname etc... (for example emacs takes ages to start)

I've included a small patch that should chmod the /etc/nsswitch.conf to
0644. (Note: Somebody should check more thoroughly if umask 077 breaks
anything else in authconfig).
-Jarno Huuskonen (jhuuskon@hytti.uku.fi)

diff -u -r authconfig-3.0.3-orig/authconfig.c authconfig-3.0.3/authconfig.c
--- authconfig-3.0.3-orig/authconfig.c  Wed Feb 16 22:50:13 2000
+++ authconfig-3.0.3/authconfig.c       Thu Jul 27 16:31:00 2000
@@ -13,6 +13,7 @@
 #include <locale.h>
 #include <newt.h>
 #include <popt.h>
+#include <sys/types.h> /* For chmod */
 #include <sys/stat.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -1118,7 +1119,9 @@
   /* rename the temporary file */
   rename("/etc/nsswitch.conf-", "/etc/nsswitch.conf");
+       /* Jarno Huuskonen: chmod the new config to 0644 ! */
+       chmod("/etc/nsswitch.conf", (mode_t) 0644);
    * don't return an error if we don't find the line -- it may not
    * be there the first time they run the tool.

Comment 1 Nalin Dahyabhai 2000-07-27 20:18:03 UTC
Authconfig has been largely rewritten for our next release.  It does not
appear to have this problem any more.

Note You need to log in before you can comment on or make changes to this bug.