http://bugzilla.novell.com/show_bug.cgi?id=542051 User suse@tlinx.org added comment http://bugzilla.novell.com/show_bug.cgi?id=542051#c3 --- Comment #3 from L. A. Walsh <suse@tlinx.org> 2009-10-02 10:44:46 MDT --- the rc and conf scripts require 1) user.group == nscd.nscd be created by install 2) NOTE install script must not use -u optionn to startproc, or nscd will exit with failure (won't be able to switch itself to 'nscd and it's associated groups) 3) default perms on /var/run/nscd/socket, need to be set to /var/run/nscd/ nscd:nscd 755 /var/run/nscd/socket nscd:nscd 666 It's currently set to be owned by root. /etc/permissions{X} changes: (Using bits rwx=421 (in case my memory is faulty, documenting my assumption): for ugo:) 3) /etc/permissions should have: (allow all read/write access - normal) /var/run/nscd set to nscd:nscd 3755 /var/run/nscd/socket to nscd:nscd 666 4) /etc/permissions.secure to /var/run/nscd/ set to nscd:nscd 3751 /var/run/ncsd/socket to nscd:nscd 666 (Requires users be in group nscd to read dir contents but others would still be able to use nscd). 5) /etc/permissions.paranoid to: /var/run/nscd/ set to nscd:nscd 3710 /var/run/ncsd/socket to nscd:nscd 660 6) <separate package bug: texlive creates permissions files in /etc/permissions.d: texlive, texlive.paranoid) -- it should NOT reset permissions on 'var/cache, var/cache/ls-R. (minimum), and probably should not set permissions on subdirs, inconsistent with parent (should follow from above permissions). But MINIMUM -- shouldn't be resetting 'xfs' owned "/var/cache/fonts"... (no one can see contents of dir except root & user nscd; ONLY users in group nscd dir can use the nscd caching daemon) - others get whatever other defaults are configured in /etc/nsswitch... NOTE: I haven't tested the 'secure' or 'paranoid' settings -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.