[Bug 737535] New: trousers preinstall scriptlet invokes useradd without -r option giving system user tss default supplemental groups
https://bugzilla.novell.com/show_bug.cgi?id=737535 https://bugzilla.novell.com/show_bug.cgi?id=737535#c0 Summary: trousers preinstall scriptlet invokes useradd without -r option giving system user tss default supplemental groups Classification: openSUSE Product: openSUSE 11.4 Version: Final Platform: x86 OS/Version: openSUSE 11.4 Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: nedu@netscape.net QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.24) Gecko/20111101 SUSE/3.6.24-0.2.1 Firefox/3.6.24 The rpm preinstall scriptlet for openSUSE 11.4 package trousers-0.3.6-3.1.i586 invokes useradd to add the tss system user with uid 98 and primary group tss. But the -r option is not given to useradd, so the tss system user also gains supplemental group membership in the default groups defined in /etc/default/useradd. $ rpm -q --scripts trousers preinstall scriptlet (using /bin/sh): /usr/sbin/groupadd -g 98 tss 2> /dev/null || : /usr/sbin/useradd -u 98 -o -g tss -s /bin/false -c "TSS daemon" -d /var/lib/tpm tss 2> /dev/null || : Reproducible: Always Steps to Reproduce: 1. zypper rm trousers 2. userdel tss 3. in /etc/default/useradd, ensure GROUPS=video 4 zypper in trousers Actual Results: In /etc/group, system user tss has been given supplemental membership in video group Expected Results: The tss user should not gain membership in the default supplemental groups. To fix this, the preinstall scriptlet should invoke useradd with the -r option. This bug also exists in openSUSE 11.3 package trousers-0.3.6-3.1.i586 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=737535 https://bugzilla.novell.com/show_bug.cgi?id=737535#c1 --- Comment #1 from Ned Ulbricht <nedu@netscape.net> 2011-12-18 15:06:23 UTC --- Sorry. Last sentence should have been: This bug also exists in openSUSE 11.3 package trousers-0.3.4-2.3.i586 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=737535 https://bugzilla.novell.com/show_bug.cgi?id=737535#c Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team-screening@forge.pr |meissner@suse.com |ovo.novell.com | -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=737535 https://bugzilla.novell.com/show_bug.cgi?id=737535#c2 Marcus Meissner <meissner@suse.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |RESOLVED Resolution| |FIXED --- Comment #2 from Marcus Meissner <meissner@suse.com> 2012-08-01 07:43:04 UTC --- is basically fixed in current opensuse -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com