Bug 213074 - wrong permissions on /etc/setroubleshoot
wrong permissions on /etc/setroubleshoot
Status: CLOSED NEXTRELEASE
Product: Fedora
Classification: Fedora
Component: setroubleshoot (Show other bugs)
6
All Linux
medium Severity medium
: ---
: ---
Assigned To: John Dennis
Ben Levenson
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2006-10-30 13:55 EST by Ben Liblit
Modified: 2007-11-30 17:11 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2006-10-31 10:43:20 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Ben Liblit 2006-10-30 13:55:34 EST
+++ This bug was initially created as a clone of Bug #211802 +++

Description of problem:


Version-Release number of selected component (if applicable):

setroubleshoot-1.0-1


How reproducible:

Consistently reproducible.


Steps to Reproduce:
1. remove the setroubleshoot rpm
2. manually remove the /etc/setroubleshoot directory
3. reinstall the setroubleshoot rpm
4. as non-root, run "sealert"

Actual results:

Script fails due to insufficient permissions on /etc/setroubleshoot directory,
and prints the following diagnostic output:

  Traceback (most recent call last):
    File "/usr/bin/sealert", line 45, in ?
      from setroubleshoot.browser import *
    File "/usr/lib/python2.4/site-packages/setroubleshoot/__init__.py", line 20,
in ?
      config_init()
    File "/usr/lib/python2.4/site-packages/setroubleshoot/config.py", line 303,
in config_init
      cfg = read_configuration(defaults)
    File "/usr/lib/python2.4/site-packages/setroubleshoot/config.py", line 317,
in read_configuration
      cfg.set(default_section,default_option,value)
    File "/usr/lib/python2.4/ConfigParser.py", line 639, in set
      raise TypeError("option values must be strings")
  TypeError: option values must be strings


Expected results:

Script should run as non-root.  Directory containing required configuration file
should be world readable and world executable.

Additional info:

setroubleshoot package does not claim to own the /etc/setroubleshoot directory.
 The directory is created at package install time, but with permissions that do
not allow access by non-root users.  Incidentally, this will also cause the
directory to be left behind, empty, should setroubleshoot be uninstalled later.
Comment 1 John Dennis 2006-10-31 10:43:20 EST
Thank you for taking the time to diagnose and report the problem, it is very
much appreciated. I have applied the fix to the source tree and it will appear
in the next update.

Note You need to log in before you can comment on or make changes to this bug.