http://bugzilla.opensuse.org/show_bug.cgi?id=953807 Bug ID: 953807 Summary: An encrypted tmp directory is mounted with wrong permissions Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening@forge.provo.novell.com Reporter: tmp_prince-commercial@yahoo.it QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- If an encrypted /tmp directory with random password is created, the directory is mounted at boot with wrong permissions (drwxr-xr-x instead of drwxrwxrwx) making impossible to login (graphically) to users other than root. /etc/crypttab: cr_tmp /dev/disk/by-id/ata-Hitachi_HDS721050CLA362_JP1512FN0NUN8K-part1 /dev/urandom tmp cr_ata-Hitachi_HDS721050CLA362_JP1512FN0NUN8K-part2 /dev/disk/by-id/ata-Hitachi_HDS721050CLA362_JP1512FN0NUN8K-part2 none none /etc/fstab: UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa / btrfs defaults 0 0 /dev/mapper/cr_tmp /tmp ext4 acl,user_xattr,nofail 0 2 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /boot/grub2/i386-pc btrfs subvol=@/boot/grub2/i386-pc 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /boot/grub2/x86_64-efi btrfs subvol=@/boot/grub2/x86_64-efi 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /srv btrfs subvol=@/srv 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /usr/local btrfs subvol=@/usr/local 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/crash btrfs subvol=@/var/crash 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/libvirt/images btrfs subvol=@/var/lib/libvirt/images 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/mailman btrfs subvol=@/var/lib/mailman 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/mariadb btrfs subvol=@/var/lib/mariadb 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/mysql btrfs subvol=@/var/lib/mysql 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/named btrfs subvol=@/var/lib/named 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/pgsql btrfs subvol=@/var/lib/pgsql 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/log btrfs subvol=@/var/log 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/opt btrfs subvol=@/var/opt 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/spool btrfs subvol=@/var/spool 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/tmp btrfs subvol=@/var/tmp 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /.snapshots btrfs subvol=@/.snapshots 0 0 UUID=8813-76F7 /boot/efi vfat umask=0002,utf8=true 0 0 /dev/mapper/cr_ata-Hitachi_HDS721050CLA362_JP1512FN0NUN8K-part2 /home xfs nofail 0 2 UUID=c0870f60-8c7c-48f2-87aa-e3cf07908685 /opt btrfs defaults 0 0 A (not elegant) but working workaround is to add: chmod 777 /tmp to /etc/init.d/after.local -- You are receiving this mail because: You are on the CC list for the bug.