Red Hat Bugzilla – Bug 846947
update to sudo-1.7.2p1-14.el5_8.2 changes permissions on nsswitch.conf
Last modified: 2012-10-10 05:39:43 EDT
Description of problem:
Update to sudo-1.7.2p1-14.el5_8.2 changes permissions on nsswitch.conf from 644 to 600.
Version-Release number of selected component (if applicable):
Steps to Reproduce:
1. remove sudo
2. remove sudo stanza from nsswitch.conf
3. install sudo-1.7.2p1-13
4. update to sudo-1.7.2p1-14.el5_8.2
# ls -Zl /etc/nsswitch.conf
-rw------- 1 system_u:object_r:etc_t root root 1717 Apr 9 07:58 /etc/nsswitch.conf
ls -Zl /etc/nsswitch.conf
-rw-r--r-- 1 system_u:object_r:etc_t root root 1716 Apr 9 07:51 /etc/nsswitch.conf
Using sed -i -e '/^sudoers:/d' ./nsswitch.conf in postin and postun scripts should be a safe way even without restorecon I think.
This request was evaluated by Red Hat Product Management for
inclusion in the current release of Red Hat Enterprise Linux.
Because the affected component is not scheduled to be updated in the
current release, Red Hat is unfortunately unable to address this
request at this time. Red Hat invites you to ask your support
representative to propose this request, if appropriate and relevant,
in the next release of Red Hat Enterprise Linux.
Yeah this wreaks havoc with IPA as users can no longer look up names, this needs to be fixed and quickly.
Support case 00690572 opened.
*** This bug has been marked as a duplicate of bug 846631 ***