Bug 495946 - Snippets editor ISEs when trying to save a new or existing snippet
Snippets editor ISEs when trying to save a new or existing snippet
Status: CLOSED CURRENTRELEASE
Product: Red Hat Satellite 5
Classification: Red Hat
Component: WebUI (Show other bugs)
530
All Linux
urgent Severity high
: ---
: ---
Assigned To: Partha Aji
Steve Salevan
:
Depends On:
Blocks: 457075
  Show dependency treegraph
 
Reported: 2009-04-15 12:48 EDT by Mike McCune
Modified: 2009-09-10 15:25 EDT (History)
3 users (show)

See Also:
Fixed In Version: sat530
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2009-09-10 15:25:12 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Mike McCune 2009-04-15 12:48:21 EDT
* Login
* Systems
* Kickstarts
* Snippets
* create new snippet
* Try to save it:

2009-04-15 12:47:54,693 [TP-Processor1] ERROR org.apache.catalina.core.ContainerBase.[Catalina].[localhost].[/rhn].[action] - Servlet.service() for servlet action threw exception
java.io.FileNotFoundException: /var/lib/cobbler/snippets/bloop (Permission denied)
Comment 1 Partha Aji 2009-04-20 17:40:30 EDT
This issue should now be resolved... as off.
http://git.fedorahosted.org/git/spacewalk.git?p=spacewalk.git;a=commit;h=b7f234e5fd5f425ceccf40bcd9a9f8948f3b5f64

Following changes were made..

1) A new spacewalk subdirectory was added to /var/lib/cobbler/snippets which will host all the spacewalk specific snippets..

2) /var/lib/cobbler/snippets/spacewalk/org.id will host snippets specfic to that org.

3) A user without root access to the actual box will be only able to update scripts

or snippets listed under /var/lib/cobbler/snippets/spacewalk/org.id

4) All other snippets under /var/lib/cobbler/snippets  other than snippets under /var/lib/cobbler/snippets/spacewalk will be Read Only  to config admins of all orgs... (readable through the UI that is...)

5) The snippets are only one level deep.  as in /var/lib/cobbler/snippets/spacewalk/org.id/snippet_name
One cannot now generate snippets that look like /var/lib/cobbler/snippets/spacewalk/org.id/my_dir/snippet_name

This was done to prevent issues like /var/lib/cobbler/snippets/spacewalk/org.id/../../../../tmp/xyz...
leaving security holes like that..
Comment 2 Partha Aji 2009-04-22 13:42:06 EDT
moving to On_QA
Comment 4 Partha Aji 2009-05-20 10:23:55 EDT
Moving to ON_QA
Comment 5 Steve Salevan 2009-06-01 12:04:20 EDT
Moving to VERIFIED, tested on 5/29 build.
Comment 6 John Matthews 2009-07-28 15:05:48 EDT
Moving to RELEASE_PENDING


Able to create a snippet and save it.
Added it to kickstart profile by putting it as a script and clicking "template"
Verified the snippet shows up in the kickstrt file

ISO: Satellite-5.3.0-RHEL4-re20090724.0-s390x.iso
Comment 7 Brandon Perkins 2009-09-10 15:25:12 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHEA-2009-1434.html

Note You need to log in before you can comment on or make changes to this bug.