Bug ID 1171164
Summary permission handling: %_libexecdir changes from /usr/lib to /usr/libexec
Classification openSUSE
Product openSUSE Tumbleweed
Version Current
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter dimstar@opensuse.org
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

In accordance to FHS-3.0, libexecdir is being changed from /usr/lib to
/usr/libexec.

The permission definitiions lists files in /usr/lib, which are now moving, e.g:

the dbus-1 package now fails with:

[  277s] dbus-1.x86_64: E: permissions-file-setuid-bit (Badness: 10000)
/usr/libexec/dbus-1/dbus-daemon-launch-helper is packaged with setuid/setgid
bits (04750)
[  277s] If the package is intended for inclusion in any SUSE product
[  277s] please open a bug report to request review of the program by the
[  277s] security team. Please refer to
[  277s]
https://en.opensuse.org/openSUSE:Package_security_guidelines#audit_bugs for
[  277s] more information.

The file used to be /usr/lib/dbus-1/dbus-daemon-launch-helper (on 32bit and 64
bit systems)

We need to list those /usr/lib/* things also as /usr/libexec (for a migration
time probably in parallel, to not dead-lock future changes)

You are receiving this mail because: