Bug 58306 - rpm 4.0.3-6x rebuilddb resets db uids / gids
Summary: rpm 4.0.3-6x rebuilddb resets db uids / gids
Keywords:
Status: CLOSED DEFERRED
Alias: None
Product: Red Hat Linux
Classification: Retired
Component: rpm
Version: 7.2
Hardware: All
OS: Linux
medium
low
Target Milestone: ---
Assignee: Jeff Johnson
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2002-01-13 22:45 UTC by Ned Ulbricht
Modified: 2008-05-01 15:38 UTC (History)
1 user (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2002-01-14 18:09:58 UTC
Embargoed:

Attachments (Terms of Use)

Description Ned Ulbricht 2002-01-13 22:45:12 UTC 
From Bugzilla Helper:
User-Agent: Mozilla/4.77 [en] (X11; U; Linux 2.2.19-kim.1 i486)

Description of problem:
The rpm-4.0.3-6x postinstall scriptlet executes
'/bin/chown rpm.rpm /var/lib/rpm/[A-Z]*'

But a subsequent 'rpm --rebuilddb' (executed in a root shell) resets
/var/lib/rpm/[A-Z]* to root.root.



Version-Release number of selected component (if applicable):
rpm-4.0.3-6x.i386.rpm

How reproducible:
Didn't try

Steps to Reproduce:
(previously using db3 rpm db from rpm-4.0.2-6x)
]# rpm -Uvh rpm*.i386.rpm popt-1.6.3-6x.i386.rpm 
(snip -- upgrade ok)         
# ls -l /var/lib/rpm
total 11476
-rw-r--r--    1 rpm      rpm       2629632 Jan 13 01:33 Basenames
-rw-r--r--    1 rpm      rpm         12288 Jan 13 01:32 Conflictname
-rw-r--r--    1 rpm      rpm         12288 Jan 13 01:33 Group
-rw-r--r--    1 rpm      rpm         24576 Jan 13 01:33 Name
-rw-r--r--    1 rpm      rpm       9392128 Jan 13 01:33 Packages
-rw-r--r--    1 rpm      rpm         90112 Jan 13 01:33 Providename
-rw-r--r--    1 rpm      rpm         98304 Jan 13 01:33 Requirename
-rw-r--r--    1 rpm      rpm         12288 Jan 13 01:15 Triggername
[# rpm --rebuilddb
[# ls -l /var/lib/rpm
total 11856
-rw-r--r--    1 root     root      2646016 Jan 13 01:47 Basenames
-rw-r--r--    1 root     root        12288 Jan 13 01:46 Conflictname
-rw-r--r--    1 root     root       311296 Jan 13 01:47 Dirnames
-rw-r--r--    1 root     root        12288 Jan 13 01:47 Group
-rw-r--r--    1 root     root         8192 Jan 13 01:47 Installtid
-rw-r--r--    1 root     root        24576 Jan 13 01:47 Name
-rw-r--r--    1 root     root      9388032 Jan 13 01:47 Packages
-rw-r--r--    1 root     root        86016 Jan 13 01:47 Providename
-rw-r--r--    1 root     root        28672 Jan 13 01:47 Provideversion
-rw-r--r--    1 root     root        98304 Jan 13 01:47 Requirename
-rw-r--r--    1 root     root        40960 Jan 13 01:47 Requireversion
-rw-r--r--    1 root     root        12288 Jan 13 01:46 Triggername


Additional info:

The CHANGES file documents only
4.0.2 -> 4.0.3:
   - database has rpm.rpm g+w permissions to share db3 mutexes.

But none of the database files, nor the db directory have g+w permissions
$ ls -ld /var/lib/rpm
drwxr-xr-x    2 rpm      rpm          4096 Jan 13 04:07 /var/lib/rpm/

At the very least there is a documentation error here.  

And really, a change in the security framework needs to be explained to 
administrators just a little bit more in depth than with a one-line cryptic
entry 
in a changelog.  (I'd add a ;) but I'm not kidding).

Is it the intention to limit the damage that a run-away database update can do? 
Or is the intention to allow db mutexes to be set by non-privileged users?
Comment 1 R P Herrold 2002-01-14 18:09:53 UTC 
over-reaction on my part ... re-clasify status -- see rpm-list archives today 
for explanation
Comment 2 Jeff Johnson 2002-02-05 17:52:41 UTC 
Yes, the uid/gid are reset with --rebuilddb in rpm-4.0.4 and
earlier. The fix will be to put a setgid helper into rpm, which
will happen when it happens. For the moment, owner rpm.rpm
is exactly equivalent (for security audit purposes) to root.root,
adequate for now.
Note You need to log in before you can comment on or make changes to this bug.