Home | Content | Search | Navigation | Indexes
 

Mailinglist Archive: opensuse-bugs (4256 mails)

< Previous Next >
[Bug 737535] New: trousers preinstall scriptlet invokes useradd without -r option giving system user tss default supplemental groups
  • From: bugzilla_noreply@xxxxxxxxxx
  • Date: Sun, 18 Dec 2011 15:03:38 +0000
  • Message-id: <bug-737535-21960@http.bugzilla.novell.com/>

https://bugzilla.novell.com/show_bug.cgi?id=737535

https://bugzilla.novell.com/show_bug.cgi?id=737535#c0


Summary: trousers preinstall scriptlet invokes useradd without
-r option giving system user tss default supplemental
groups
Classification: openSUSE
Product: openSUSE 11.4
Version: Final
Platform: x86
OS/Version: openSUSE 11.4
Status: NEW
Severity: Normal
Priority: P5 - None
Component: Other
AssignedTo: bnc-team-screening@xxxxxxxxxxxxxxxxxxxxxx
ReportedBy: nedu@xxxxxxxxxxxx
QAContact: qa@xxxxxxx
Found By: ---
Blocker: ---


User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.24)
Gecko/20111101 SUSE/3.6.24-0.2.1 Firefox/3.6.24

The rpm preinstall scriptlet for openSUSE 11.4 package trousers-0.3.6-3.1.i586
invokes useradd to add the tss system user with uid 98 and primary group tss.
But the -r option is not given to useradd, so the tss system user also gains
supplemental group membership in the default groups defined in
/etc/default/useradd.

$ rpm -q --scripts trousers
preinstall scriptlet (using /bin/sh):
/usr/sbin/groupadd -g 98 tss 2> /dev/null || :
/usr/sbin/useradd -u 98 -o -g tss -s /bin/false -c "TSS daemon" -d /var/lib/tpm
tss 2> /dev/null || :


Reproducible: Always

Steps to Reproduce:
1. zypper rm trousers
2. userdel tss
3. in /etc/default/useradd, ensure GROUPS=video
4 zypper in trousers

Actual Results:
In /etc/group, system user tss has been given supplemental membership in video
group

Expected Results:
The tss user should not gain membership in the default supplemental groups.

To fix this, the preinstall scriptlet should invoke useradd with the -r option.

This bug also exists in openSUSE 11.3 package trousers-0.3.6-3.1.i586

--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

< Previous Next >