Bug 14728 - If umask is 077 authconfig leaves /etc/nsswitch.conf readable only to root
If umask is 077 authconfig leaves /etc/nsswitch.conf readable only to root
Status: CLOSED RAWHIDE
Product: Red Hat Linux
Classification: Retired
Component: authconfig (Show other bugs)
6.2
i386 Linux
medium Severity medium
: ---
: ---
Assigned To: Nalin Dahyabhai
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2000-07-27 09:41 EDT by Jarno Huuskonen
Modified: 2008-05-01 11:37 EDT (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2000-07-27 09:41:44 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jarno Huuskonen 2000-07-27 09:41:42 EDT
Hi !

If roots umask is 077 authconfig sets /etc/nsswitch.conf mode to 0600 and
after that normal users can't read the file and fail to resolve own
hostname etc... (for example emacs takes ages to start)

I've included a small patch that should chmod the /etc/nsswitch.conf to
0644. (Note: Somebody should check more thoroughly if umask 077 breaks
anything else in authconfig).
-Jarno Huuskonen (jhuuskon@hytti.uku.fi)

diff -u -r authconfig-3.0.3-orig/authconfig.c authconfig-3.0.3/authconfig.c
--- authconfig-3.0.3-orig/authconfig.c  Wed Feb 16 22:50:13 2000
+++ authconfig-3.0.3/authconfig.c       Thu Jul 27 16:31:00 2000
@@ -13,6 +13,7 @@
 #include <locale.h>
 #include <newt.h>
 #include <popt.h>
+#include <sys/types.h> /* For chmod */
 #include <sys/stat.h>
 #include <stdio.h>
 #include <stdlib.h>
@@ -1118,7 +1119,9 @@
   /* rename the temporary file */
   unlink("/etc/nsswitch.conf");
   rename("/etc/nsswitch.conf-", "/etc/nsswitch.conf");
-
+       /* Jarno Huuskonen: chmod the new config to 0644 ! */
+       chmod("/etc/nsswitch.conf", (mode_t) 0644);
+       
   /* 
    * don't return an error if we don't find the line -- it may not
    * be there the first time they run the tool.
Comment 1 Nalin Dahyabhai 2000-07-27 16:18:03 EDT
Authconfig has been largely rewritten for our next release.  It does not
appear to have this problem any more.

Note You need to log in before you can comment on or make changes to this bug.