Bug 902478 - febootstrap-supermin-helper doesn't set supplemental groups
Summary: febootstrap-supermin-helper doesn't set supplemental groups
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: febootstrap
Version: 6.5
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: rc
: ---
Assignee: Richard W.M. Jones
QA Contact: Virtualization Bugs
URL:
Whiteboard:
Depends On: 902476
Blocks:
TreeView+ depends on / blocked
 
Reported: 2013-01-21 18:35 UTC by Richard W.M. Jones
Modified: 2013-12-26 00:07 UTC (History)
5 users (show)

Fixed In Version: febootstrap-3.21-2.el6
Doc Type: Bug Fix
Doc Text:
Clone Of: 902476
Environment:
Last Closed: 2013-11-21 04:42:12 UTC
Target Upstream Version:

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2013:1535 0 normal SHIPPED_LIVE febootstrap bug fix update 2013-11-20 21:40:54 UTC

Description Richard W.M. Jones 2013-01-21 18:35:22 UTC 
+++ This bug was initially created as a clone of Bug #902476 +++

Description of problem:

febootstrap-supermin-helper has the -g option on the command
which sets the group that it runs under.  However it does not
set supplemental groups.

For comparison see the work done on vhostmd:
https://bugzilla.redhat.com/show_bug.cgi?id=741289

(Reported by Steve Grubb)

Version-Release number of selected component (if applicable):

febootstrap 3.20
Comment 3 Richard W.M. Jones 2013-06-28 10:58:20 UTC 
Fixed upstream in ae302151a7743f324378f520409ee10dd1584860
which is a trivial patch so we should include it in RHEL 6.5.
Comment 8 Lingfei Kong 2013-10-15 04:41:53 UTC 
I can not find febootstrap 3.20 for RHEL6 in https://brewweb.devel.redhat.com/, so I choose febootstrap-3.21-1.el6 and febootstrap-supermin-helper-3.21-1.el6  which are the previous version of febootstrap-3.21-2.el6 to reproduce this bug.

Steps to reproduce:
1. Install RHEL6.5 host 
2. Remove febootstrap-supermin-helper form host if the version is not 3.21-1,
#cp /usr/lib64/guestfs/supermin.d /root/
#yum remove febootstrap-supermin-helper-3.21-4.el6.x86_64

When remove febootstrap-supermin-helper-3.21-4.el6.x86_64, it will remove /usr/lib64/guestfs/supermin.d, this directory is needed by setp 4, so backup it first.

3. Download febootstrap-supermin-helper-3.21-1.el6.x86_64.rpm from https://brewweb.devel.redhat.com/, then install them
[host]#rpm -ivh febootstrap-supermin-helper-3.21-1.el6.x86_64.rpm
Preparing...                ########################################### [100%]
   1:febootstrap-supermin-he########################################### [100%]

4.  Create test.sh to do the test:
#mkdir -p /usr/lib64/guestfs/ && cp /root/supermin.d /usr/lib64/guestfs/
#cat test.sh 

#!/bin/bash

febootstrap-supermin-helper /usr/lib64/guestfs/supermin.d /usr/lib64/guestfs/supermin.d/hostfiles x86_64 kernel initrd -g 501 &
grep ^Groups /proc/$(pidof febootstrap-supermin-helper)/status

Execute test.sh:
#./test.sh 
Groups: 0 

The Groups is 0 not 501 which should be 501.
Comment 9 Lingfei Kong 2013-10-15 04:48:20 UTC 
Verified:
febootstrap and febootstrap-supermin-helper version: 3.21-2

Same steps as Comment 8, but this time I install febootstrap-supermin-helper-3.21-2.el6 on the RHEL6.5 host, and then executed test.sh:
#./test.sh 
Groups: 501 

The Groups is 501 as requested.
Comment 10 Richard W.M. Jones 2013-10-15 08:31:23 UTC 
I agree with the reproducer and verification steps (comment 8, comment 9).
Comment 12 errata-xmlrpc 2013-11-21 04:42:12 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

http://rhn.redhat.com/errata/RHBA-2013-1535.html
Note You need to log in before you can comment on or make changes to this bug.