Bug 962842 - Anacron comes from a broken HOME
Summary: Anacron comes from a broken HOME
Keywords:
Status: CLOSED WONTFIX
Alias: None
Product: Fedora
Classification: Fedora
Component: cronie
Version: 20
Hardware: All
OS: Linux
low
low
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On: 876241
Blocks: 878032
TreeView+ depends on / blocked
 
Reported: 2013-05-14 14:42 UTC by Marcela Mašláňová
Modified: 2014-12-02 16:13 UTC (History)
4 users (show)

Fixed In Version:
Clone Of: 876241
Environment:
Last Closed: 2014-12-02 16:13:13 UTC
Type: Bug
Embargoed:


Attachments (Terms of Use)

Description Marcela Mašláňová 2013-05-14 14:42:58 UTC
+++ This bug was initially created as a clone of Bug #876241 +++

Description of problem:

This is a variant of the problem already reported in Bugzilla 575419 where /etc/crontab incorrectly set HOME=/ such that the cron.daily Job was unable to make use of root-specific configuration files such as /root/.my.cnf

Because of the reworking of Cron/Anacron under RHEL6, cron.daily's environment is now effectively controlled by /etc/cron.d/0hourly which also has a HOME-/ setting. 

Our recommendation is to comment out HOME=/ from BOTH /etc/crontab and /etc/cron.d/0hourly in RHEL6 and /etc/crontab in RHEL5.


Version-Release number of selected component (if applicable):

cronie-1.4.4-7.el6.i686


How reproducible:

Create a cron.daily Job which reports HOME - by simply executing /bin/env for instance.


Additional info:

In the course of trying to debug this problem, we found two additional problems when trying to read /root/.my.cnf from within a /etc/logrotate.d/mysql script within logrotate within cron.daily.

The first problem is that /etc/cron.daily/logrotate erroneously - in our view - redirects STDOUT and STDERR to /dev/null under RHEL6, whereas it redirects into cron.daily's sendmail PIPE under RHEL5. Surely this NULLing should be removed?

The second problem is that under RHEL6, /root/* has an SELinux Label of admin_home_t whereas it had a Label of user_home_t under RHEL5. The side-effect is that logrotate_t has no read permissions to /root/* under RHEL6, even though it did under RHEL5. Consequently we added this permission to get our particular logrotate script working:

allow logrotate_t admin_home_t:dir { list_dir_perms };
allow logrotate_t admin_home_t:file { read_file_perms };

Comment 1 Marcela Mašláňová 2013-05-14 14:44:14 UTC
The setting of HOME in anacron is a problem. The rest of issues seems to disappear.

Comment 2 Fedora End Of Life 2013-09-16 13:55:14 UTC
This bug appears to have been reported against 'rawhide' during the Fedora 20 development cycle.
Changing version to '20'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora20

Comment 3 Fedora Admin XMLRPC Client 2014-09-04 12:15:10 UTC
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.


Note You need to log in before you can comment on or make changes to this bug.