Red Hat Bugzilla – Bug 16672
[src.rpm] Incomplete package if built as non-root
Last modified: 2008-05-01 11:37:58 EDT
When building the package as non-root something goes wrong with the `ksu'
program (see 4th and last line):
making install in clients/ksu...
make: Entering directory
for f in ksu; do \
/usr/bin/install -c -s -m 4755 -o root $f \
/var/tmp/krb5-root/usr/kerberos/bin/`echo $f|sed 's,x,x,'`; \
/usr/bin/install -c -m 644 ./$f.M \
/var/tmp/krb5-root/usr/kerberos/man/man1/`echo $f|sed 's,x,x,'`.1;
/usr/bin/install: /var/tmp/krb5-root/usr/kerberos/bin/ksu: Operation not
Our build system defaults to building packages as a non-root user specifically
to catch these cases. Does the ksu binary still end up in the right place?
I've just rebuilt the package as myself, and the files get included. The error
message is harmless.
# ll /usr/kerberos/bin/ksu
-rwxr-xr-x 1 root root 50364 Aug 21 14:22 /usr/kerberos/bin/ksu
The official install-method tries to install it SUID; but the packaged file
The MIT Kerberos team isn't sure that the previously-fixed vulnerabilities in
ksu were all of the potential problems, so we took the setuid-bit off pending a
complete audit of the sources.