[Bug 246813] New: gdm permission packaging problems
https://bugzilla.novell.com/show_bug.cgi?id=246813 Summary: gdm permission packaging problems Product: openSUSE 10.3 Version: Alpha 1 Platform: All OS/Version: All Status: NEW Severity: Normal Priority: P5 - None Component: GNOME AssignedTo: bnc-team-gnome@forge.provo.novell.com ReportedBy: andreas.hanke@gmx-topmail.de QAContact: qa@suse.de The gdm package installs 2 directories with special ownership (i.e., not root:root): drwxr-x--- 2 gdm gdm 0 Feb 12 22:55 /var/lib/gdm drwxr-x--- 2 gdm gdm 0 Feb 12 22:55 /var/log/gdm This does not look correct to me for 2 reasons: 1) The Makefile.am does something different: chown root:root $(DESTDIR)$(logdir) || : ; \ chown root:gdm $(DESTDIR)$(authdir) || : ; \ 2) At runtime, gdm changes the ownership of /var/lib/gdm (=authdir) to root:gdm. This causes "rpm -V gdm" to complain about /var/lib/gdm ownership if gdm has been used: # rpm -V gdm M...U.. /var/lib/gdm This should be cleaned up, the packaging should match Makefile.am and runtime behaviour. The Makefile.am behaviour is: 0755 root:root /var/log/gdm 1770 root:gdm /var/lib/gdm -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=246813 maw@novell.com changed: What |Removed |Added ---------------------------------------------------------------------------- AssignedTo|bnc-team- |bnc-team-gnome-build@forge.provo.novell.com |gnome@forge.provo.novell.com| -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=246813 ------- Comment #1 from jpr@novell.com 2007-02-21 16:25 MST ------- I believe running as the user gdm is intentional, should probably be checked with the security team. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=246813 ------- Comment #2 from andreas.hanke@gmx-topmail.de 2007-02-21 16:43 MST ------- gdm doesn't run as user gdm, it runs as root. Otherwise it wouldn't be able to change gdm:gdm (=permissions in the package) to root:gdm (=permissions after running gdm once), which is what it currently does. If it's intended that gdm should run as user gdm, this does not work correctly. Who knows why, maybe another disappeared patch. # ps aux | grep gdm root 3314 0.0 0.3 12448 1872 ? S Feb15 0:00 /usr/sbin/gdm root 3395 0.0 0.2 13284 1160 ? S Feb15 0:00 /usr/sbin/gdm root 3398 1.3 8.9 56324 45508 tty7 Ss+ Feb15 120:05 /usr/bin/X :0 -audit 0 -br -auth /var/lib/gdm/:0.Xauth -nolisten tcp vt7 -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug, or are watching someone who is.
https://bugzilla.novell.com/show_bug.cgi?id=246813
JP Rosevear
https://bugzilla.novell.com/show_bug.cgi?id=246813#c3
Hans Petter Jansson
https://bugzilla.novell.com/show_bug.cgi?id=246813
Rodrigo Moya
https://bugzilla.novell.com/show_bug.cgi?id=246813
User captain.magnus@opensuse.org added comment
https://bugzilla.novell.com/show_bug.cgi?id=246813#c4
Magnus Boman
participants (1)
-
bugzilla_noreply@novell.com