https://bugzilla.novell.com/show_bug.cgi?id=668466 https://bugzilla.novell.com/show_bug.cgi?id=668466#c0 Summary: map file permissions set to low breaks autofs Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: x86-64 OS/Version: openSUSE 11.3 Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: marc@marcchamberlin.com QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.13) Gecko/20101203 SUSE/3.6.13-0.2.1 Firefox/3.6.13 Being one user who is sick and tired of all the undocumented, inconsistent and obtuse security found on Linux, I often just give up and start opening up permissions to make things as permissive as possible in order to get things up and working on my OWN computers and my OWN network. As a sole user I OUGHT to be able to USE my computers without all this hassle. That said, I was trying to set up autofs to automatically mount file systems from other computers on my network. I set up my auto.master using references to other map files for mounting directories from other computers. For example with in auto.master I had lines such as - /mnt/auto/bigbang /etc/auto.bigbang --timeout=5 --ghost /mnt/auto/darkstar /etc/auto.darkstar --timeout=5 --ghost etc... This initially failed on me, and after many hours of debugging and trying to figure out why it was failing I finally discovered that when I had created my map files, such as /etc/auto.bigbang, the editor had saved the file with permissions of rwxr-xr-x and the executable permissions was the cause of failure. NO error messages, log messages, NOTHING gave me any clue as to why autofs was failing with these file permissions. And to an untrained eye, this does NOT appear to be an unreasonable setting for the map file permissions. To make matters worse, I tried as one of my experiments to simply chmod all the map files to 0x777 so as to open up the files for access by anyone and all users. That too failed! THIS IS YET ANOTHER EXAMPLE OF UNREASONABLE SECURITY PRACTICES and should be corrected. Either remove this restriction, or give the user clear concise error messages as to why this failure occurs. I would prefer the former. Reproducible: Always Steps to Reproduce: 1.Create map files with low file permissions. i.e. chmod them with 0x777 2. Try to use autofs and automount directories from another computer on your network. 3. Actual Results: autofs fails silently to automount files as described in the map files. Expected Results: I don't expect low/easy file permissions on map files to block autofs from mounting files specified in the map files. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.