[Bug 953807] New: An encrypted tmp directory is mounted with wrong permissions
http://bugzilla.opensuse.org/show_bug.cgi?id=953807 Bug ID: 953807 Summary: An encrypted tmp directory is mounted with wrong permissions Classification: openSUSE Product: openSUSE Distribution Version: Leap 42.1 Hardware: Other OS: Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem Assignee: bnc-team-screening@forge.provo.novell.com Reporter: tmp_prince-commercial@yahoo.it QA Contact: qa-bugs@suse.de Found By: --- Blocker: --- If an encrypted /tmp directory with random password is created, the directory is mounted at boot with wrong permissions (drwxr-xr-x instead of drwxrwxrwx) making impossible to login (graphically) to users other than root. /etc/crypttab: cr_tmp /dev/disk/by-id/ata-Hitachi_HDS721050CLA362_JP1512FN0NUN8K-part1 /dev/urandom tmp cr_ata-Hitachi_HDS721050CLA362_JP1512FN0NUN8K-part2 /dev/disk/by-id/ata-Hitachi_HDS721050CLA362_JP1512FN0NUN8K-part2 none none /etc/fstab: UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa / btrfs defaults 0 0 /dev/mapper/cr_tmp /tmp ext4 acl,user_xattr,nofail 0 2 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /boot/grub2/i386-pc btrfs subvol=@/boot/grub2/i386-pc 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /boot/grub2/x86_64-efi btrfs subvol=@/boot/grub2/x86_64-efi 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /srv btrfs subvol=@/srv 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /usr/local btrfs subvol=@/usr/local 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/crash btrfs subvol=@/var/crash 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/libvirt/images btrfs subvol=@/var/lib/libvirt/images 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/mailman btrfs subvol=@/var/lib/mailman 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/mariadb btrfs subvol=@/var/lib/mariadb 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/mysql btrfs subvol=@/var/lib/mysql 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/named btrfs subvol=@/var/lib/named 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/lib/pgsql btrfs subvol=@/var/lib/pgsql 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/log btrfs subvol=@/var/log 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/opt btrfs subvol=@/var/opt 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/spool btrfs subvol=@/var/spool 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /var/tmp btrfs subvol=@/var/tmp 0 0 UUID=296d0a9b-a6c5-4094-bd67-94ef30dd5afa /.snapshots btrfs subvol=@/.snapshots 0 0 UUID=8813-76F7 /boot/efi vfat umask=0002,utf8=true 0 0 /dev/mapper/cr_ata-Hitachi_HDS721050CLA362_JP1512FN0NUN8K-part2 /home xfs nofail 0 2 UUID=c0870f60-8c7c-48f2-87aa-e3cf07908685 /opt btrfs defaults 0 0 A (not elegant) but working workaround is to add: chmod 777 /tmp to /etc/init.d/after.local -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c8
--- Comment #8 from Carlo Alberto Sanjust
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c15
Marco M.
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c16
--- Comment #16 from Marco M.
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c17
--- Comment #17 from Franck Bui
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c18
Franck Bui
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c22
--- Comment #22 from Franck Bui
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c23
Franck Bui
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c24
Stefan Hundhammer
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c25
--- Comment #25 from Franck Bui
Reassigning to yast2-maintainers so the bug enters the YaST bug process.
Please notice that a bug assigned directly to yast-internal without a corresponding Trello card will never show up in anybody's task list, so this is almost as good as deleting the bug.
Also please notice that setting yast2-maintainers is pretty pointless since that is a mailing list (for our incoming bugs).
Sorry I wasn't aware of the yast process. I didn't see any prob in assigning yast2-maintainers (mailing list) because it's how systemd bugs are currently assigned to us. -- You are receiving this mail because: You are on the CC list for the bug.
http://bugzilla.opensuse.org/show_bug.cgi?id=953807
http://bugzilla.opensuse.org/show_bug.cgi?id=953807#c33
Marco M.
participants (1)
-
bugzilla_noreply@novell.com