Bug 679748 - mod_nss's postinstall script doesn't work properly
mod_nss's postinstall script doesn't work properly
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: mod_nss (Show other bugs)
5.6
Unspecified Linux
high Severity high
: rc
: ---
Assigned To: Rob Crittenden
Chandrasekar Kannan
: Regression, ZStream
Depends On: 669963
Blocks:
  Show dependency treegraph
 
Reported: 2011-02-23 07:28 EST by RHEL Product and Program Management
Modified: 2015-01-04 18:46 EST (History)
20 users (show)

See Also:
Fixed In Version: mod_nss-1.0.8-4.el5_6.1
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2011-04-04 03:06:11 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description RHEL Product and Program Management 2011-02-23 07:28:59 EST
This bug has been copied from bug #669963 and has been proposed
to be backported to 5.6 z-stream (EUS).
Comment 4 Rob Crittenden 2011-03-02 12:02:27 EST
Backported fix to handle upgrades.
Comment 6 Kashyap Chamarthy 2011-03-15 10:15:58 EDT
Verified successfully.

Env:

RHEL 5.6 - x86_64 
mod_nss-1.0.8-4.el5 (picked the build from -brew-)


Verification procedure (as noted by Rob in Errata)

1/ Install mod_nss 1.0.3 
2/ Confirm that only root can read /etc/httpd/alias/*.db 
3/ Upgrade mod_nss 
4/ Confirm that the db files in /etc/httpd/alias/*.db are mode 0640

Result: Database file in /etc/httpd/alias/ are mode 0640
==============================================================================
[root@tornado mod-nss-test-mar152011]# ls
mod_nss-1.0.3-8.el5.x86_64.rpm  mod_nss-1.0.8-4.el5.x86_64.rpm
==============================================================================
[root@tornado mod-nss-test-mar152011]# rpm -ivh mod_nss-1.0.3-8.el5.x86_64.rpm
Preparing...                ########################################### [100%]
   1:mod_nss                ########################################### [100%]

mod_nss certificate database generated.
==============================================================================
[root@tornado mod-nss-test-mar152011]# ll /etc/httpd/alias/
total 128
-rw------- 1 root root 65536 Mar 15 19:18 cert8.db
-rw------- 1 root root  4395 Mar 15 19:18 install.log
-rw------- 1 root root 16384 Mar 15 19:18 key3.db
lrwxrwxrwx 1 root root    32 Mar 15 19:18 libnssckbi.so -> ../../../usr/lib64/libnssckbi.so
-rw------- 1 root root 16384 Mar 15 19:18 secmod.db
==============================================================================
[root@tornado mod-nss-test-mar152011]# ls
mod_nss-1.0.3-8.el5.x86_64.rpm  mod_nss-1.0.8-4.el5.x86_64.rpm
==============================================================================
[root@tornado mod-nss-test-mar152011]# rpm -Uvh mod_nss-1.0.8-4.el5.x86_64.rpm
Preparing...                ########################################### [100%]
   1:mod_nss                ########################################### [100%]
==============================================================================
[root@tornado mod-nss-test-mar152011]# ll /etc/httpd/alias/
total 128
-rw-r----- 1 root apache 65536 Mar 15 19:18 cert8.db
-rw------- 1 root root    4395 Mar 15 19:18 install.log
-rw-r----- 1 root apache 16384 Mar 15 19:18 key3.db
lrwxrwxrwx 1 root root      33 Mar 15 19:19 libnssckbi.so -> ../../..//usr/lib64/libnssckbi.so
-rw-r----- 1 root apache 16384 Mar 15 19:18 secmod.db
==============================================================================
[root@tornado mod-nss-test-mar152011]# 
==============================================================================
Comment 7 errata-xmlrpc 2011-04-04 03:06:11 EDT
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0411.html

Note You need to log in before you can comment on or make changes to this bug.