Bug 187682 - tclhttpd fails to create user during install
Summary: tclhttpd fails to create user during install
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: tclhttpd
Version: 5
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Wart
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2006-04-02 16:56 UTC by Wart
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2006-04-02 20:34:10 UTC
Type: ---
Embargoed:

Attachments (Terms of Use)

Description Wart 2006-04-02 16:56:55 UTC 
Description of problem:
tclhttpd runs as a special 'tclhttpd' user to minimize the risk of privilege
escalation attacks.  The installation of tclhttpd in FC-5 fails to create the
tclhttpd user, causing the entire install to abort.

Version-Release number of selected component (if applicable):
tclhttpd-3.5.1-10.fc5

How reproducible:
Always

Steps to Reproduce:
1. Perform a fresh install of FC-5
2. yum install tclhttpd
  
Actual results:
tclhttpd fails with the error message:
Running Transaction
useradd: cannot create directory /var/www/tclhttpd
Tue Mar 28 15:38:13 PST 2006 [28662]: failed with '12'
error: %pre(tclhttpd-3.5.1-10.fc5.i386) scriptlet failed, exit status 12
error:   install: %pre scriptlet failed (2), skipping tclhttpd-3.5.1-10.fc5

Installed: tclhttpd.i386 0:3.5.1-10.fc5
Complete!


Expected results:
tclhttpd installs with no errors

Additional info:
Turning off selinux fixes the problem.  It seems that the useradd fails because
the user's home directory /var/www/tclhttpd is created by the package with a
certain security context, and useradd tries to create it again with a new
security context.  The fix is simple:  use 'useradd -M' to prevent the creation
of the directory.
Comment 1 Wart 2006-04-02 20:34:10 UTC 
Fix committed and built in release -11.
Note You need to log in before you can comment on or make changes to this bug.