Bug 426760 - rnews can't send spooled news
rnews can't send spooled news
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: inn (Show other bugs)
8
All Linux
low Severity low
: ---
: ---
Assigned To: Ondrej Vasik
Fedora Extras Quality Assurance
:
Depends On:
Blocks: 465223
  Show dependency treegraph
 
Reported: 2007-12-25 19:30 EST by Carl Roth
Modified: 2008-10-02 05:34 EDT (History)
0 users

See Also:
Fixed In Version: 2.4.3-10.fc8
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2008-05-14 17:32:42 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Carl Roth 2007-12-25 19:30:56 EST
Description of problem:

The rnews job that runs out of /etc/cron.hourly/inn-cron-rnews doesn't work.  It
launches 'rnews' as the 'news' user, but rnews is then unable to read spooled
articles in /var/spool/news/incoming.  The reason is that rnews is setuid
'uucp', and the 'incoming' directory is set to 0755,news:news (readable by the
news user, but not writable by the news group or the uucp user).

I can suggest two fixes for this:

1. Change the permissions of /var/spool/news/incoming to 0775 instead of 0755
2. Change the setuid user for 'rnews' to 'news' instead of 'uucp'.

I have to admit that I don't know what the security implications are for these
two solutions.  I'm open to other suggestions.

Version-Release number of selected component (if applicable):

inn-2.4.3

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Carl Roth 2007-12-25 19:33:02 EST
Let me correct that -- it can probably read the spooled articles, but the group
permissions prevent it from unlinking the articles after it spools them.
Comment 2 Ondrej Vasik 2008-04-24 12:00:13 EDT
I like the idea of 0775 directory rights much more. Build as inn-2.4.3-14.fc10.
Was the 0775 solution working for you? (just by chmod) I could make F8 update if
it is enough.
Comment 3 Fedora Update System 2008-04-24 12:25:01 EDT
inn-2.4.3-10.fc8 has been submitted as an update for Fedora 8
Comment 4 Fedora Update System 2008-04-29 16:50:58 EDT
inn-2.4.3-10.fc8 has been pushed to the Fedora 8 testing repository.  If problems still persist, please make note of it in this bug report.
 If you want to test the update, you can install it with 
 su -c 'yum --enablerepo=updates-testing update inn'.  You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F8/FEDORA-2008-3313
Comment 5 Fedora Update System 2008-05-14 17:32:40 EDT
inn-2.4.3-10.fc8 has been pushed to the Fedora 8 stable repository.  If problems still persist, please make note of it in this bug report.

Note You need to log in before you can comment on or make changes to this bug.