Bug 4284 - Samba RPM leaves /etc/services unreadable, killing network clients
Summary: Samba RPM leaves /etc/services unreadable, killing network clients
Keywords:
Status: CLOSED NEXTRELEASE
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: samba
Version: 6.0
Hardware: All
OS: Linux
medium
high
Target Milestone: ---
Assignee: Trond Eivind Glomsrxd
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 1999-07-31 13:11 UTC by glen.turner
Modified: 2008-05-01 15:37 UTC (History)
0 users

Fixed In Version:
Clone Of:
Environment:
Last Closed: 1999-07-31 21:48:16 UTC
Embargoed:


Attachments (Terms of Use)

Description glen.turner 1999-07-31 13:11:35 UTC
Installing samba-2.0.5a-1.i386.rpm with a root umask
of 027 leaves /etc/services and /etc/inetd.conf
not readable globally.  Many network client programs
(such as ftp) need to read /etc/services to find
well-known port numbers.

The situation is worsened because errata RHSA-1999:022-02
suggests using "rpm -e samba" before upgrading to 2.0.5a-1.
So all users with a conservative umask that upgrade
using the errata instructions will be caught.

The philosophy of package management suggests that the
umask of the installing user should have no effect on
the permissions of the installed files.

Fix:

Today: request users type "umask 022" before using RPM.

Short-term: add "umask 022" to the start of the samba
post-install script.

Long-term: RPM should set the umask for install scripts
to a well-known value (such as 022) before executing
the script.

Environment:

RH6.0 with all current errata applied.

$ uname -a
Linux andromache.itd.adelaide.edu.au 2.2.5-22 #1 Wed Jun 2
08:45:51 EDT 1999 i486 unknown
$ rpm -q samba
samba-2.0.5a-1
$ rpm -q samba-client
samba-client-2.0.5a-1
$ rpm -q rpm
rpm-3.0.2-6.0

Comment 1 Bill Nottingham 1999-07-31 21:48:59 UTC
Acutally, if they follow the instructions, the broken %postun script
will *not* get run, so they should be OK... the %postun script
is fixed in the latest samba RPM in Raw Hide.


Note You need to log in before you can comment on or make changes to this bug.