First Last Prev Next    This bug is not in your last search results.
Bug 902478 - febootstrap-supermin-helper doesn't set supplemental groups
febootstrap-supermin-helper doesn't set supplemental groups
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: febootstrap (Show other bugs)
6.5
Unspecified Unspecified
unspecified Severity unspecified
: rc
: ---
Assigned To: Richard W.M. Jones
Virtualization Bugs
:
Depends On: 902476
Blocks:
  Show dependency treegraph
 
Reported: 2013-01-21 13:35 EST by Richard W.M. Jones
Modified: 2013-12-25 19:07 EST (History)
5 users (show)

See Also:
Fixed In Version: febootstrap-3.21-2.el6
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 902476
Environment:
Last Closed: 2013-11-20 23:42:12 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

  None (edit)
Description Richard W.M. Jones 2013-01-21 13:35:22 EST 
+++ This bug was initially created as a clone of Bug #902476 +++

Description of problem:

febootstrap-supermin-helper has the -g option on the command
which sets the group that it runs under.  However it does not
set supplemental groups.

For comparison see the work done on vhostmd:
https://bugzilla.redhat.com/show_bug.cgi?id=741289

(Reported by Steve Grubb)

Version-Release number of selected component (if applicable):

febootstrap 3.20
Comment 3 Richard W.M. Jones 2013-06-28 06:58:20 EDT 
Fixed upstream in ae302151a7743f324378f520409ee10dd1584860
which is a trivial patch so we should include it in RHEL 6.5.
Comment 8 Lingfei Kong 2013-10-15 00:41:53 EDT 
I can not find febootstrap 3.20 for RHEL6 in https://brewweb.devel.redhat.com/, so I choose febootstrap-3.21-1.el6 and febootstrap-supermin-helper-3.21-1.el6  which are the previous version of febootstrap-3.21-2.el6 to reproduce this bug.

Steps to reproduce:
1. Install RHEL6.5 host 
2. Remove febootstrap-supermin-helper form host if the version is not 3.21-1,
#cp /usr/lib64/guestfs/supermin.d /root/
#yum remove febootstrap-supermin-helper-3.21-4.el6.x86_64

When remove febootstrap-supermin-helper-3.21-4.el6.x86_64, it will remove /usr/lib64/guestfs/supermin.d, this directory is needed by setp 4, so backup it first.

3. Download febootstrap-supermin-helper-3.21-1.el6.x86_64.rpm from https://brewweb.devel.redhat.com/, then install them
[host]#rpm -ivh febootstrap-supermin-helper-3.21-1.el6.x86_64.rpm
Preparing...                ########################################### [100%]
   1:febootstrap-supermin-he########################################### [100%]

4.  Create test.sh to do the test:
#mkdir -p /usr/lib64/guestfs/ && cp /root/supermin.d /usr/lib64/guestfs/
#cat test.sh 

#!/bin/bash

febootstrap-supermin-helper /usr/lib64/guestfs/supermin.d /usr/lib64/guestfs/supermin.d/hostfiles x86_64 kernel initrd -g 501 &
grep ^Groups /proc/$(pidof febootstrap-supermin-helper)/status

Execute test.sh:
#./test.sh 
Groups: 0 

The Groups is 0 not 501 which should be 501.
Comment 9 Lingfei Kong 2013-10-15 00:48:20 EDT 
Verified:
febootstrap and febootstrap-supermin-helper version: 3.21-2

Same steps as Comment 8, but this time I install febootstrap-supermin-helper-3.21-2.el6 on the RHEL6.5 host, and then executed test.sh:
#./test.sh 
Groups: 501 

The Groups is 501 as requested.
Comment 10 Richard W.M. Jones 2013-10-15 04:31:23 EDT 
I agree with the reproducer and verification steps (comment 8, comment 9).
Comment 12 errata-xmlrpc 2013-11-20 23:42:12 EST 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1535.html
Note You need to log in before you can comment on or make changes to this bug.
First Last Prev Next    This bug is not in your last search results.