From Bugzilla Helper: User-Agent: Mozilla/4.76 [en] (X11; U; Linux 2.4.3-SGI_XFS_1.0.1smp i686) Description of problem: After installing Redhat 7.1 (SGI XFS 1.01) on various machines, We have noticed many files that are user writable, e.g. /etc/fstab, /etc/inittab. These are NFS kickstart installs. Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.NFS kickstart install system 2.check system file permissions 3. Actual Results: Bad permissions as outlined in Additional information. Expected Results: Tighter file permissions on system files. Additional info: # find / -mount -perm 666 -exec ls -l {} \; | grep -v dev -rw-rw-rw- 1 root root 0 Jul 12 2000 /var/lib/games/trojka.scores -rw-rw-rw- 1 root root 0 Jul 13 2000 /var/lib/games/xboing.score -rw-rw-rw- 1 root root 0 Jul 13 2000 /var/lib/games/xjewel.scores -rw-rw-rw- 1 games games 4 Feb 13 2001 /var/lib/games/xhextris-scores -rw-rw-rw- 1 root root 68 Aug 30 13:39 /var/lib/pgsql/.bash_profile -rw-rw-rw- 1 root root 670 Sep 26 10:06 /var/lib/texmf/ls-R -rw-rw-rw- 1 root root 21815 Aug 30 13:46 /var/log/XFree86.9.log -rw-rw-rw- 1 root root 0 Aug 30 13:39 /var/ftp/etc/ld.so.conf srw-rw-rw- 1 root root 0 Sep 26 16:27 /tmp/.gdm_socket -rw-rw-rw- 1 root root 53 Aug 30 13:45 /etc/sysconfig/i18n -rw-rw-rw- 1 root root 89 Aug 30 13:45 /etc/sysconfig/mouse -rw-rw-rw- 1 root root 32 Aug 30 13:45 /etc/sysconfig/keyboard -rw-rw-rw- 1 root root 66 Aug 30 13:45 /etc/sysconfig/network -rw-rw-rw- 1 root root 42 Aug 30 13:45 /etc/sysconfig/clock -rw-rw-rw- 1 root root 11 Aug 30 13:45 /etc/sysconfig/desktop -rw-rw-rw- 1 root root 2724 Aug 30 13:45 /etc/sysconfig/hwconf -rw-rw-rw- 1 root root 14559 Aug 30 13:46 /etc/X11/XF86Config -rw-rw-rw- 1 root root 1842 Aug 30 13:46 /etc/X11/XF86Config-4 -rw-rw-rw- 1 root root 16351 Aug 30 13:45 /etc/X11/XF86Config.old -rw-rw-rw- 1 root root 3740 Aug 30 13:45 /etc/X11/XF86Config-4.old -rw-rw-rw- 1 root root 114 Aug 30 13:43 /etc/ld.so.conf -rw-rw-rw- 1 root root 84 Aug 30 13:45 /etc/shells -rw-rw-rw- 1 root root 984 Aug 30 13:39 /etc/syslog.conf -rw-rw-rw- 1 root root 1756 Aug 30 13:46 /etc/inittab -rw-rw-rw- 1 root root 1199 Aug 30 13:39 /etc/rndc.conf -rw-rw-rw- 1 root root 81 Sep 26 16:23 /etc/resolv.conf -rw-rw-rw- 1 root root 221 Aug 30 13:39 /etc/sgml/sgml-docbook-3.0.cat -rw-rw-rw- 1 root root 194 Aug 30 13:41 /etc/sgml/catalog -rw-rw-rw- 1 root root 221 Aug 30 13:39 /etc/sgml/sgml-docbook-3.1.cat -rw-rw-rw- 1 root root 221 Aug 30 13:39 /etc/sgml/sgml-docbook-4.0.cat -rw-rw-rw- 1 root root 221 Aug 30 13:39 /etc/sgml/sgml-docbook-4.1.cat -rw-rw-rw- 1 root root 220 Aug 30 13:41 /etc/sgml/xml-docbook-4.1.cat -rw-rw-rw- 1 root root 2564 Aug 30 13:43 /etc/pango/pango.modules-rw-rw-rw- 1 root root 104 Aug 30 13:45 /etc/modules.conf~ -rw-rw-rw- 1 root root 543 Sep 17 12:43 /etc/fstab -rw-rw-rw- 1 root root 148 Sep 27 14:40 /etc/hosts -rw-rw-rw- 1 root root 380 Aug 30 13:40 /usr/share/doc/libtool-1.3.5/demo/config.h.in -rw-rw-rw- 1 root root 2 Aug 30 13:44 /usr/share/fonts/default/TrueType/fonts.dir -rw-rw-rw- 1 root root 1436 Aug 30 13:44 /usr/share/fonts/default/TrueType/fonts.scale -rw-rw-rw- 1 root root 21853 Aug 30 13:38 /usr/share/fonts/fontmap-rw-rw-rw- 1 root root 10638 Aug 30 13:40 /usr/share/texmf/web2c/jadetex.log -rw-rw-rw- 1 root root 10599 Aug 30 13:40 /usr/share/texmf/web2c/pdfjadetex.log -rw-rw-rw- 1 root root 1806912 Aug 30 13:40 /usr/share/texmf/web2c/jadetex.fmt -rw-rw-rw- 1 root root 1849935 Aug 30 13:40 /usr/share/texmf/web2c/pdfjadetex.fmt -rw-rw-rw- 1 root root 1325 Aug 30 13:37 /usr/lib/mozilla/chrome/overlayinfo/communicator/content/overlays.rdf -rw-rw-rw- 1 root root 258 Aug 30 13:37 /usr/lib/mozilla/chrome/overlayinfo/navigator/content/overlays.rdf -rw-rw-rw- 1 root root 910 Aug 30 13:37 /usr/lib/mozilla/chrome/overlayinfo/messenger/content/overlays.rdf -rw-rw-rw- 1 root root 242 Aug 30 13:37 /usr/lib/mozilla/chrome/overlayinfo/editor/content/overlays.rdf -rw-rw-rw- 1 root root 4632 Aug 30 13:37 /usr/lib/mozilla/chrome/all-packages.rdf -rw-rw-rw- 1 root root 6494 Aug 30 13:37 /usr/lib/mozilla/chrome/all-locales.rdf -rw-rw-rw- 1 root root 7156 Aug 30 13:37 /usr/lib/mozilla/chrome/all-skins.rdf -rw-rw-rw- 1 root root 1118 Aug 30 13:37 /usr/lib/mozilla/chrome/user-skins.rdf -rw-rw-rw- 1 root root 1496 Aug 30 13:37 /usr/lib/mozilla/chrome/user-locales.rdf -rw-rw-rw- 1 root root 361450 Aug 30 13:37 /usr/lib/mozilla/component.reg -rw-rw-rw- 1 root root 28216 Aug 30 13:44 /usr/X11R6/lib/X11/fonts/misc/fonts.dir -rw-rw-rw- 1 root root 280 Mar 12 2001 /usr/games/Maelstrom/Maelstrom-Scores I will discount some of these, e.g games, but not the files in /etc.
It's a bug in the SGI installer.
Heya, I'm not sure that this is a bug in the SGI installer (or anyone's installer for that matter). We are experiencing the same problems with our kickstarts using RedHat's installer. After removing all modified RPMs and our post-install scripts from a test kickstart server we were still getting world writable files. At this point, we realized that the one thing we had not changed back was the kernel version used on the kickstart boot floppy. This kernel was from the kernel-BOOT-2.4.3-12.2RS RPM (a kernel RPM based on 2.4.3-12 with a few hardware driver updates that we need added in). After moving both the kernel and the modules.cgz in the initrd.img back to the original 2.4.2-2 kernel that came in the original RH bootnet.img the world writable problem went away and proper permissions were set on all files created during the install and not owned by an RPM package. We then replaced the kernel and modules.cgz with files from the official RedHat update 2.4.3-12 (no modifications, downloaded directly from ftp.redhat.com), and suddenly files were being left as world writable again. I feel that the problem is more likely a result of a gremlin in the NFS code of the 2.4.3 kernel used for the 2.4.3-12 RPM rather than in anyone's installer. Bug #53338 appears to be related to this problem. The short term fix appears to be to move the kernel on the floppy back to 2.4.2-2 for the time being. I'm more concerned that we are sure that the problem has been addressed in later releases of the kernel. Versions affected: RH 7.1, kernel-BOOT-2.4.3-12.i386.rpm (update) How repoducible: always How to reproduce: - Build new NFS kickstart floppy image with the 2.4.3-12 kernel image - Run kickstart, wait for it to finish - hit <alt>-<F2>, and ls -l /mnt/sysimage/etc/fstab Actual result: file is set to -rw-rw-rw- Expected result: file set to -rw-r--r-- Have a good one,