Bug 195638 - Upgrade to 4.1-10.EL3 causes cron not to execute cron.d/* file because permissions are wrong "BAD FILE MODE"
Upgrade to 4.1-10.EL3 causes cron not to execute cron.d/* file because permis...
Status: CLOSED NOTABUG
Product: Red Hat Enterprise Linux 3
Classification: Red Hat
Component: vixie-cron (Show other bugs)
3.0
All Linux
medium Severity high
: ---
: ---
Assigned To: Jason Vas Dias
Brock Organ
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-06-16 04:42 EDT by Thomas Poindessous
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-06-16 09:13:12 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Thomas Poindessous 2006-06-16 04:42:05 EDT
Description of problem:

After upgrade to vixie-cron-4.1-10.EL3, cron.d/* failed to start because they
have +x rights and crond reports "BAD FILE MODE"


Version-Release number of selected component (if applicable):

vixie-cron-4.1-10.EL3


How reproducible:

Install ES3 with vixie-cron-3.0.1-76_EL3, write a cron job in a cron.d/test
file. Make it executeable (chmod +x ). Watch it working. Upgrade to
vixie-cron-4.1-10.EL3. Cron job doesn't work anymore.


Steps to Reproduce:
1. echo "*/2 * * * * root echo working" > /etc/cron.d/test_cron
2. chmod +x /etc/cron.d/test_cron
3. receive some mails
4. upgrade to vixie-cron-4.1-10.EL3
5. tail -f /var/log/cron and you should have 

Jun 16 10:41:17 acteon crond[4780]: (CRON) STARTUP (V5.0)
Jun 16 10:41:17 acteon crond[4780]: (*system*) BAD FILE MODE (/etc/cron.d/test_cron)

  
Actual results:

Jun 16 10:41:17 acteon crond[4780]: (CRON) STARTUP (V5.0)
Jun 16 10:41:17 acteon crond[4780]: (*system*) BAD FILE MODE (/etc/cron.d/test_cron)


Expected results:

Maybe a warning, but my crons should be working.

Additional info:
Comment 1 Jason Vas Dias 2006-06-16 09:13:12 EDT
No crontab can or should be executable - sorry, but the attribute checking
in upstream vixie-cron-4.1 was put there for a security reason, and this
default behavior will not be changed.
If you use crontab to edit / create crontab files, this issue would not arise.

There is a very simple workaround:
  # chmod a-x /var/spool/cron/*/* /etc/crontab /etc/cron.d/*

Comment 2 Thomas Poindessous 2006-06-19 04:09:42 EDT
Sure, I know the workaround. I'm just a little amazed that a security change
that changed current behaviour was not mentionned in the errata. My system was
working before this update and it wasn't working anymore after this update.
Errata available for a specific version (ES3 for me) should support any specific
behaviour of previous version or it needs to be written somewhere.

Thanks for your response anyway.

Note You need to log in before you can comment on or make changes to this bug.