https://bugzilla.novell.com/show_bug.cgi?id=737321 https://bugzilla.novell.com/show_bug.cgi?id=737321#c0 Summary: SuSEconfig doesn't set file permissions - only warns Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Security AssignedTo: security-team@suse.de ReportedBy: madworm_de.novell@spitzenpfeil.org QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux i686; rv:8.0) Gecko/20100101 Firefox/8.0 As I need /var/lock to be writable by members of the 'lock' group I have added a custom permission file to /etc/permissions.d and assumed I would be done with it. But to my surprise /var/lock was changed back to root:root by something. Now /etc/sysconfig/security: # SuSEconfig can call chkstat to check permissions and ownerships for # files and directories (using /etc/permissions). # Setting to "set" will correct it, "warn" produces warnings, if # something strange is found. Disable this feature with "no". # CHECK_PERMISSIONS="set" is set correctly as far as I can tell. Setting it to "no" correctly disables the permission checks when running SuSEconfig. Fine. Running 'chkstat --suseconfig --set' by hand works though! It seems /sbin/conf.d/SuSEconfig.permissions is supposed to call chkstat like so: /usr/bin/chkstat --suseconfig $mode .. This looks exactly like this one: https://bugzilla.novell.com/show_bug.cgi?id=683017 ARGH! Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.