[Bug 652877] New: /var/run/utmp has wrong ownership with systemd
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c0 Summary: /var/run/utmp has wrong ownership with systemd Classification: openSUSE Product: openSUSE 11.4 Version: Factory Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: meissner@novell.com ReportedBy: aj@novell.com QAContact: qa@suse.de CC: ro@novell.com, kasievers@novell.com Found By: Product Management Blocker: --- utempter cannot write in /var/run/utmp with systemd. Problem is: aj@byrd:~> ls -l /var/run/utmp -rw-rw-r-- 1 root utmp 3456 Nov 11 09:54 /var/run/utmp aj@byrd:~> ls -l /usr/sbin/utempter -rwxr-sr-x 1 root tty 10680 Nov 2 11:14 /usr/sbin/utempter After a chgrp tty to /var/run/utmp it works fine. Marcus, Kay, how shall we solve this? utempter.spec has: %attr(02755, root, %{utmpGroup}) /usr/sbin/utempter I propose to change utmpGroup from tty to utmp - or where could this bite us? This also needs changes in aaa_base for creation of /var/run/utmp. Everybody ok with these changes or what should be done? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c1 Marcus Meissner <meissner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |meissner@novell.com --- Comment #1 from Marcus Meissner <meissner@novell.com> 2010-11-11 13:25:10 UTC --- well, we need to adjust aaa_base based booting. /etc/init.d/boot.cleanup: chown root:tty /var/run/utmp Redhat uses a specific "utmp" group too in utempter, so I guess we could switch to it. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c2 --- Comment #2 from Ludwig Nussel <lnussel@novell.com> 2010-11-15 09:06:31 CET --- there are files in /var/log/ that are writeable by group tty too. Also gnome-pty-helper is setgid tty. setgid tty on utempter is quite old, there are no records why group tty was chosen instead of introducing yet another group. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c3 Marcus Meissner <meissner@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |NEEDINFO InfoProvider| |okir@novell.com --- Comment #3 from Marcus Meissner <meissner@novell.com> 2010-11-15 12:45:57 UTC --- Olaf, do you know why you chose tty instead of utmp at the time of addition? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c4 Olaf Kirch <okir@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW CC| |okir@novell.com InfoProvider|okir@novell.com | --- Comment #4 from Olaf Kirch <okir@novell.com> 2010-11-15 15:07:27 UTC --- My original packaging had utempter sgid utmp, I think. Not sure how and why that changed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c5 --- Comment #5 from Ludwig Nussel <lnussel@novell.com> 2010-11-15 16:19:55 CET --- the first utempter package in 8.0 already used group tty :-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c6 --- Comment #6 from Olaf Kirch <okir@novell.com> 2010-11-15 15:44:23 UTC --- Surprising. I was pretty sure that I had used group utmp - but I just checked, you're right. SLES8 has utmpGroup defined as tty. So, I don't recall. Possibly some old implementation of konsole or screen requiring setgid tty, and thus couldn't be made setgid utmp. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c7 --- Comment #7 from Andreas Jaeger <aj@novell.com> 2010-11-16 09:24:42 UTC --- (In reply to comment #2)
there are files in /var/log/ that are writeable by group tty too. Also gnome-pty-helper is setgid tty. setgid tty on utempter is quite old, there are no records why group tty was chosen instead of introducing yet another group.
I see only utmp related files with group tty in /var/log. Which ones do you have? I'm updating gnome-pty-helper, permissions, aaa_base and utempter now - first on my own system ;) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c8 --- Comment #8 from Andreas Jaeger <aj@novell.com> 2010-11-16 10:35:23 UTC --- Created an attachment (id=400433) --> (http://bugzilla.novell.com/attachment.cgi?id=400433) patch to fix permissions for utmp change -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c9 Andreas Jaeger <aj@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|meissner@novell.com |lnussel@novell.com --- Comment #9 from Andreas Jaeger <aj@novell.com> 2010-11-16 10:36:11 UTC --- Ok, rebooted and everything works that I tested. I submitted now the following requests to their devel projects: 53133 - for vte 53134 - for aaa_base 53136 - for utempter I'm appending my patch for permissions. Ludwig, could you take care of that, please? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c10 --- Comment #10 from Ludwig Nussel <lnussel@novell.com> 2010-11-16 11:41:12 CET --- (In reply to comment #7)
(In reply to comment #2)
there are files in /var/log/ that are writeable by group tty too. Also gnome-pty-helper is setgid tty. setgid tty on utempter is quite old, there are no records why group tty was chosen instead of introducing yet another group.
I see only utmp related files with group tty in /var/log. Which ones do you have?
/var/log/wtmp* and /var/log/lastlog*. The latter comes from aaa_base -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEW |ASSIGNED -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c11 --- Comment #11 from Andreas Jaeger <aj@novell.com> 2010-11-16 10:47:55 UTC --- wtmp and lastlog are "utmp related", I changed their permissions as well. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c12 --- Comment #12 from Ludwig Nussel <lnussel@novell.com> 2010-11-17 13:29:49 CET --- hmm, lastlog is actually mode 644, I wonder why it has a group other than root anyways. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c13 --- Comment #13 from Ludwig Nussel <lnussel@novell.com> 2010-11-18 14:46:17 CET --- anyways, fixed. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c14 Ludwig Nussel <lnussel@novell.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|ASSIGNED |RESOLVED Resolution| |FIXED --- Comment #14 from Ludwig Nussel <lnussel@novell.com> 2010-11-29 08:58:56 CET --- . -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=652877 https://bugzilla.novell.com/show_bug.cgi?id=652877#c15 --- Comment #15 from Bernhard Wiedemann <bwiedemann@suse.com> 2011-10-31 22:03:13 CET --- This is an autogenerated message for OBS integration: This bug (652877) was mentioned in https://build.opensuse.org/request/show/89843 Tumbleweed / permissions -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
participants (1)
-
bugzilla_noreply@novell.com