Bug 962842 - Anacron comes from a broken HOME
Anacron comes from a broken HOME
Status: CLOSED WONTFIX
Product: Fedora
Classification: Fedora
Component: cronie (Show other bugs)
20
All Linux
low Severity low
: ---
: ---
Assigned To: Tomas Mraz
Fedora Extras Quality Assurance
:
Depends On: 876241
Blocks: 878032
  Show dependency treegraph
 
Reported: 2013-05-14 10:42 EDT by Marcela Mašláňová
Modified: 2014-12-02 11:13 EST (History)
4 users (show)

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: 876241
Environment:
Last Closed: 2014-12-02 11:13:13 EST
Type: Bug
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Marcela Mašláňová 2013-05-14 10:42:58 EDT
+++ This bug was initially created as a clone of Bug #876241 +++

Description of problem:

This is a variant of the problem already reported in Bugzilla 575419 where /etc/crontab incorrectly set HOME=/ such that the cron.daily Job was unable to make use of root-specific configuration files such as /root/.my.cnf

Because of the reworking of Cron/Anacron under RHEL6, cron.daily's environment is now effectively controlled by /etc/cron.d/0hourly which also has a HOME-/ setting. 

Our recommendation is to comment out HOME=/ from BOTH /etc/crontab and /etc/cron.d/0hourly in RHEL6 and /etc/crontab in RHEL5.


Version-Release number of selected component (if applicable):

cronie-1.4.4-7.el6.i686


How reproducible:

Create a cron.daily Job which reports HOME - by simply executing /bin/env for instance.


Additional info:

In the course of trying to debug this problem, we found two additional problems when trying to read /root/.my.cnf from within a /etc/logrotate.d/mysql script within logrotate within cron.daily.

The first problem is that /etc/cron.daily/logrotate erroneously - in our view - redirects STDOUT and STDERR to /dev/null under RHEL6, whereas it redirects into cron.daily's sendmail PIPE under RHEL5. Surely this NULLing should be removed?

The second problem is that under RHEL6, /root/* has an SELinux Label of admin_home_t whereas it had a Label of user_home_t under RHEL5. The side-effect is that logrotate_t has no read permissions to /root/* under RHEL6, even though it did under RHEL5. Consequently we added this permission to get our particular logrotate script working:

allow logrotate_t admin_home_t:dir { list_dir_perms };
allow logrotate_t admin_home_t:file { read_file_perms };
Comment 1 Marcela Mašláňová 2013-05-14 10:44:14 EDT
The setting of HOME in anacron is a problem. The rest of issues seems to disappear.
Comment 2 Fedora End Of Life 2013-09-16 09:55:14 EDT
This bug appears to have been reported against 'rawhide' during the Fedora 20 development cycle.
Changing version to '20'.

More information and reason for this action is here:
https://fedoraproject.org/wiki/BugZappers/HouseKeeping/Fedora20
Comment 3 Fedora Admin XMLRPC Client 2014-09-04 08:15:10 EDT
This package has changed ownership in the Fedora Package Database.  Reassigning to the new owner of this component.

Note You need to log in before you can comment on or make changes to this bug.