Bug 989514
| Summary: | avoid setting insecure LD_LIBRARY_PATH | |||
|---|---|---|---|---|
| Product: | Red Hat Enterprise Linux 6 | Reporter: | Bala.FA <barumuga> | |
| Component: | glusterfs | Assignee: | Amar Tumballi <amarts> | |
| Status: | CLOSED ERRATA | QA Contact: | Cluster QE <mspqa-list> | |
| Severity: | urgent | Docs Contact: | ||
| Priority: | urgent | |||
| Version: | 6.5 | CC: | barumuga, dpati, grajaiya, shaines, vraman | |
| Target Milestone: | rc | |||
| Target Release: | --- | |||
| Hardware: | Unspecified | |||
| OS: | Unspecified | |||
| Whiteboard: | ||||
| Fixed In Version: | glusterfs-3.4.0.22rhs-2 | Doc Type: | Bug Fix | |
| Doc Text: |
Cause: mount.glusterfs uses LD_LIBRARY_PATH which is insecure and rpmdiff test on errata fails
Consequence: attaching build to errata fails in rpmdiff test
Fix: remove LD_LIBRARY_PATH usage which is no longer needed in mount.glusterfs
Result: now rpmdiff doesn't report failure when attaching builds
|
Story Points: | --- | |
| Clone Of: | ||||
| : | 989689 (view as bug list) | Environment: | ||
| Last Closed: | 2013-11-21 11:59:00 UTC | Type: | Bug | |
| Regression: | --- | Mount Type: | --- | |
| Documentation: | --- | CRM: | ||
| Verified Versions: | Category: | --- | ||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | ||
| Cloudforms Team: | --- | Target Upstream Version: | ||
| Embargoed: | ||||
| Bug Depends On: | ||||
| Bug Blocks: | 989689, 989858 | |||
|
Description
Bala.FA
2013-07-29 12:23:31 UTC
removed all the reference to LD_LIBRARY_PATH from the code. before the fix (tried on glusterfs-3.4.0.10rhs or earlier)
amar@ganaka:~/work/rhs-glusterfs$ grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs
54: LD_LIBRARY_PATH=@libdir@:${LD_LIBRARY_PATH}
55: export LD_LIBRARY_PATH
with latest (anything above glusterfs-3.4.0.22rhs)
amar@ganaka:~/work/rhs-glusterfs$ grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs
amar@ganaka:~/work/rhs-glusterfs$
Verified. [root@dhcp201-162 ~]# grep LD_LIBRARY_PATH -n /sbin/mount.glusterfs [root@dhcp201-162 ~]# [root@dhcp201-162 ~]# rpm -qf /sbin/mount.glusterfs glusterfs-fuse-3.4.0.34rhs-1.el6.x86_64 Since the problem described in this bug report should be resolved in a recent advisory, it has been closed with a resolution of ERRATA. For information on the advisory, and where to find the updated files, follow the link below. If the solution does not work for you, open a new bug report. http://rhn.redhat.com/errata/RHBA-2013-1641.html |