Bug 166699 - squirrelmail update screwed permissions
squirrelmail update screwed permissions
Status: CLOSED CANTFIX
Product: Fedora
Classification: Fedora
Component: squirrelmail (Show other bugs)
3
All Linux
medium Severity medium
: ---
: ---
Assigned To: Warren Togami
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-08-24 14:36 EDT by Dan Hollis
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-08-25 22:01:16 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Dan Hollis 2005-08-24 14:36:26 EDT
Description of problem:
squirrelmail update screwed permissions

Version-Release number of selected component (if applicable):
squirrelmail-1.4.6-0.cvs20050812.1.fc3

How reproducible:
always

Steps to Reproduce:
1.install older squirrelmail
2.run yum update
3.try to login to squirrelmail
  
Actual results:
squirrelmail aborts in login page complaining it can't read default_pref

Expected results:
It should work, but doesn't.

Additional info:
The squirrelmail-1.4.6-0.cvs20050812.1.fc3 update changed ownership of
/etc/squirrelmail/default_pref and it should not have done this.
Comment 1 Warren Togami 2005-08-24 18:06:57 EDT
What is the exact package version of the older version?
Comment 2 Dan Hollis 2005-08-24 18:27:41 EDT
squirrelmail-1.4.4-1.FC3

actually i see what the problem is.

we run apache with a different user/group, so ownership/permissions on
/etc/squirrelmail/default_pref had to be different for apache to read it.

the upgrade to 1.4.6 stomped the ownership and permissions of
/etc/squirrelmail/default_pref. this should not happen as this is a user site
specific config file.
Comment 3 Warren Togami 2005-08-25 22:01:16 EDT
There is no way of fixing this, and this problem is nothing new with this
version of the RPM.  Unfortunately you are using it in an unsupported way.  Sorry.
Comment 4 Dan Hollis 2005-08-25 22:14:05 EDT
this is terrifying to anyone using fedora in a production environment, if fedora
rpms can stomp permissions of any site-specific configuration file.

is there any _clearly stated_ list of fedora 100% supported policies for apache,
php and squirrelmail? there doesn't seem to be any documentation on officially
supported policies, just 'how to set up apache' with no warnings about policy.
Comment 5 Mike A. Harris 2005-09-12 21:35:07 EDT
man chattr

chattr +i <filename>

Note You need to log in before you can comment on or make changes to this bug.