Bug 846947 - update to sudo-1.7.2p1-14.el5_8.2 changes permissions on nsswitch.conf
update to sudo-1.7.2p1-14.el5_8.2 changes permissions on nsswitch.conf
Status: CLOSED DUPLICATE of bug 846631
Product: Red Hat Enterprise Linux 5
Classification: Red Hat
Component: sudo (Show other bugs)
5.8
Unspecified Unspecified
unspecified Severity high
: rc
: ---
Assigned To: Daniel Kopeček
Dalibor Pospíšil
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2012-08-09 04:28 EDT by Dalibor Pospíšil
Modified: 2012-10-10 05:39 EDT (History)
2 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2012-08-09 05:03:22 EDT
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:


Attachments (Terms of Use)

  None (edit)
Description Dalibor Pospíšil 2012-08-09 04:28:24 EDT
Description of problem:
Update to sudo-1.7.2p1-14.el5_8.2 changes permissions on nsswitch.conf from 644 to 600.

Version-Release number of selected component (if applicable):
sudo-1.7.2p1-14.el5_8.2

How reproducible:
always

Steps to Reproduce:
1. remove sudo
2. remove sudo stanza from nsswitch.conf
3. install sudo-1.7.2p1-13
4. update to sudo-1.7.2p1-14.el5_8.2
  
Actual results:
# ls -Zl /etc/nsswitch.conf
-rw------- 1 system_u:object_r:etc_t          root root 1717 Apr  9 07:58 /etc/nsswitch.conf

Expected results:
ls -Zl /etc/nsswitch.conf
-rw-r--r-- 1 system_u:object_r:etc_t          root root 1716 Apr  9 07:51 /etc/nsswitch.conf

Additional info:
Using sed -i -e '/^sudoers:/d' ./nsswitch.conf in postin and postun scripts should be a safe way even without restorecon I think.
Comment 1 RHEL Product and Program Management 2012-08-09 04:37:48 EDT
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Comment 2 Erinn Looney-Triggs 2012-08-09 04:55:30 EDT
Yeah this wreaks havoc with IPA as users can no longer look up names, this needs to be fixed and quickly.

Support case 00690572 opened.

-Erinn
Comment 3 Daniel Kopeček 2012-08-09 05:03:22 EDT

*** This bug has been marked as a duplicate of bug 846631 ***

Note You need to log in before you can comment on or make changes to this bug.