Bug 2144504 - something changes /var/lib/bluetooth access mode
Summary: something changes /var/lib/bluetooth access mode
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: bluez
Version: 39
Hardware: Unspecified
OS: Unspecified
unspecified
medium
Target Milestone: ---
Assignee: Sandro Bonazzola
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
: 2116384 (view as bug list)
Depends On: 2116384
Blocks:
TreeView+ depends on / blocked
 
Reported: 2022-11-21 14:01 UTC by Sandro Bonazzola
Modified: 2023-11-21 02:49 UTC (History)
5 users (show)

Fixed In Version: bluez-5.70-3.fc40 bluez-5.70-3.fc39
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2023-11-19 15:09:35 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Fedora Package Sources bluez pull-request 6 0 None None None 2023-09-25 09:14:25 UTC

Description Sandro Bonazzola 2022-11-21 14:01:26 UTC
Description of problem:

Configuring a fresh Fedora 37 instance and checked the result with:

$ sudo oscap xccdf eval --profile xccdf_org.ssgproject.content_profile_standard --report report.html  /usr/share/xml/scap/ssg/content/ssg-fedora-ds.xml

detected permissions changes on bluez. Manual check also show it:

# rpm -qV bluez
.M.......    /var/lib/bluetooth

# rpm -qlv bluez |grep /var/lib
drwxr-xr-x    2 root     root                        0 set  1 22:27 /var/lib/bluetooth
drwxr-xr-x    2 root     root                        0 set  1 22:27 /var/lib/bluetooth/mesh

# ls -ld /var/lib/bluetooth /var/lib/bluetooth/mesh
drwx------. 1 root root 42  1 set 22.27 /var/lib/bluetooth
drwxr-xr-x. 1 root root  0  1 set 22.27 /var/lib/bluetooth/mesh

Applying the proposed fix `rpm --restore bluez` work for a while, then something changes again the permissions on the directory.
If the required permissions are `drwx------` I think the bluez packaging should be corrected accordingly.
If soomething is changing the permissions there without being supposed to, it should be identified and fixed for not doing it.

Version-Release number of selected component (if applicable):
# rpm -qv bluez
bluez-5.65-3.fc37.x86_64

Comment 1 Sandro Bonazzola 2022-11-25 09:45:21 UTC
Looking at the journal I saw now:
```
systemd[1303]: ConfigurationDirectory 'bluetooth' already exists but the mode is different. (File system: 755 ConfigurationDirectoryMode: 555)
```
so ConfigurationDirectoryMode is different from both the rpm required mode and the filesystem runtime mode.
Not sure if this needs to be tracked on a different bz.

Comment 2 Sandro Bonazzola 2023-05-03 12:54:49 UTC
Still reproducible on Fedora 38: bluez-5.66-5.fc38.x86_64

Comment 3 Peter Robinson 2023-07-01 12:09:33 UTC
*** Bug 2116384 has been marked as a duplicate of this bug. ***

Comment 4 Sandro Bonazzola 2023-09-20 09:58:11 UTC
Still happening in fc39 with bluez-5.69-1.fc39.x86_64

Comment 5 Sandro Bonazzola 2023-09-25 09:14:25 UTC
Sent PR: https://src.fedoraproject.org/rpms/bluez/pull-request/6

Comment 6 Fedora Update System 2023-11-19 13:20:49 UTC
FEDORA-2023-90273d9a29 has been submitted as an update to Fedora 40. https://bodhi.fedoraproject.org/updates/FEDORA-2023-90273d9a29

Comment 7 Fedora Update System 2023-11-19 14:10:27 UTC
FEDORA-2023-113a1e5fcd has been submitted as an update to Fedora 39. https://bodhi.fedoraproject.org/updates/FEDORA-2023-113a1e5fcd

Comment 8 Fedora Update System 2023-11-19 15:09:35 UTC
FEDORA-2023-90273d9a29 has been pushed to the Fedora 40 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 9 Fedora Update System 2023-11-20 02:02:35 UTC
FEDORA-2023-113a1e5fcd has been pushed to the Fedora 39 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --refresh --advisory=FEDORA-2023-113a1e5fcd`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2023-113a1e5fcd

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 10 Fedora Update System 2023-11-21 02:49:16 UTC
FEDORA-2023-113a1e5fcd has been pushed to the Fedora 39 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.