[opensuse] Update of aaa_base removes permissions to /dev/null, again!
Hello, a long time ago (opensuse-11.1), I experienced a problem with permissions of /dev/null beeing set to 0600 when aaa_base package is updated. The whole discussion about that issue can be found at http://marc.info/?t=123642237800003&r=1&w=2 http://marc.info/?l=opensuse&m=123671162813621&w=2 suggests that the bug has been fixed. Unfortunately, Ruediger's original message don't seem to be archived anywhere on the net. Tonight, it happened again. /dev/null became chmod'ed to 0600 on opensuse-13.1 Has the fix been lost somewhere during its 5 years lasting transision from FACTORY to opensuse-13.1? -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2014-06-13 09:37, Josef Wolf wrote:
Hello,
a long time ago (opensuse-11.1), I experienced a problem with permissions of /dev/null beeing set to 0600 when aaa_base package is updated.
The whole discussion about that issue can be found at http://marc.info/?t=123642237800003&r=1&w=2
http://marc.info/?l=opensuse&m=123671162813621&w=2 suggests that the bug has been fixed. Unfortunately, Ruediger's original message don't seem to be archived anywhere on the net.
I think it would have this Message-ID: In-Reply-To: <alpine.LNX.2.00.0903100026320.30508@Fatou.suse.de> and it was perhaps sent privately. I did a search, and I have never seen a post from him on the opensuse general mail list. Only factory, security, and bugzillas.
Tonight, it happened again. /dev/null became chmod'ed to 0600 on opensuse-13.1
Has the fix been lost somewhere during its 5 years lasting transision from FACTORY to opensuse-13.1?
What happened in that case was that you had /root/.bash_history symlinked to /dev/null, and the postinstall script of the aaa_base rpm did: touch root/.bash_history chmod 600 root/.bash_history which changed /dev/null, not the symlink (which is impossible). The solution, according to Cristian, would be to «"touch & chmod" only if it the file doesnt exists.» But I don't see in the thread a bugzilla number for the issue. The procedure for finding out the culprit this time would be to repeat the steps again ;-) -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On 06/13/2014 11:47 AM, Carlos E. R. wrote:
What happened in that case was that you had /root/.bash_history symlinked to /dev/null, and the postinstall script of the aaa_base rpm did: touch root/.bash_history chmod 600 root/.bash_history
which changed /dev/null, not the symlink (which is impossible).
The solution, according to Cristian, would be to «"touch & chmod" only if it the file doesnt exists.»
But I don't see in the thread a bugzilla number for the issue.
The procedure for finding out the culprit this time would be to repeat the steps again ;-)
$ rpm -q --scripts aaa_base | grep -B5 -A6 'bash_history.*600' while read file owner mode; do test -e "$file" || touch "$file" chmod "$mode" "$file" chown "$owner" "$file" done <<EOT /root/.bash_history root:root 600 /var/log/lastlog root:root 644 /var/log/faillog root:root 600 /var/log/wtmp root:utmp 664 /var/log/btmp root:root 600 /run/utmp root:utmp 664 EOT Have fun, Berny -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2014-06-13 12:05, Bernhard Voelker wrote:
On 06/13/2014 11:47 AM, Carlos E. R. wrote:
The procedure for finding out the culprit this time would be to repeat the steps again ;-)
$ rpm -q --scripts aaa_base | grep -B5 -A6 'bash_history.*600' while read file owner mode; do test -e "$file" || touch "$file" chmod "$mode" "$file" chown "$owner" "$file" done <<EOT /root/.bash_history root:root 600 /var/log/lastlog root:root 644 /var/log/faillog root:root 600 /var/log/wtmp root:utmp 664 /var/log/btmp root:root 600 /run/utmp root:utmp 664 EOT
Ah. So if checks for the existence of the file before touching it, but not for changing its permissions, or not doing it if it is a link. Bug found. Now Josef has to create Bugzilla ;-) And: rpm -q --changelog aaa_base | less shows this: * Mon Mar 09 2009 ro@suse.de - touch and chmod some files only if they do not exist before leave them alone otherwise The most recent entries I see there are dated January. Do we have a recent update? Mine was built 2014-01-27. If there has been an update, maybe the change log shows a reversal of that change. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On Fri, Jun 13, 2014 at 01:08:23PM +0200, Carlos E. R. wrote:
Bug found. Now Josef has to create Bugzilla ;-)
I just tried, but my old account seems to be deleted =:-O Tried to create a new account, but _lots_ of private information is required to create an account. I'd rather not supply _that_ much private information just to file a bug... :-// -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2014-06-13 18:29, Josef Wolf wrote:
On Fri, Jun 13, 2014 at 01:08:23PM +0200, Carlos E. R. wrote:
Bug found. Now Josef has to create Bugzilla ;-)
I just tried, but my old account seems to be deleted =:-O
Do you have an old bugzilla number of yours? Clicking on your name there would say which is your account - but the link is not active unless somebody else does it for you, logged in. I googled for your name, did not find any hit on bugzilla.
Tried to create a new account, but _lots_ of private information is required to create an account. I'd rather not supply _that_ much private information just to file a bug...
:-//
No, no, there is another page that asks nothing. Register at <http://en.opensuse.org/> Click SignUp (upper right corner). Or go directly to <https://secure-www.novell.com/selfreg/jsp/createOpenSuseAccount.jsp> -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
Hi Josef, On Fri, Jun 13, 2014 at 06:29:12PM +0200, Josef Wolf wrote:
On Fri, Jun 13, 2014 at 01:08:23PM +0200, Carlos E. R. wrote:
Bug found. Now Josef has to create Bugzilla ;-)
I just tried, but my old account seems to be deleted =:-O
Tried to create a new account, but _lots_ of private information is required to create an account. I'd rather not supply _that_ much private information just to file a bug...
https://secure-www.novell.com/selfreg/jsp/createOpenSuseAccount.jsp is there to please you. And even the reactivation of an old account with a forgotten password is quite easy. Open https://bugzilla.novell.com/ and follow the 'Log In' and next the 'Can't access your account?' link. Thanks for driving this forward anyhow! Don't forget to report us the bug ID back as requested with Message-id: <20140613121817.GA10950@hip.suse.com> There is written: Nevertheless a bug has to be opened and the ID reported back to this list. Ensure to assign the bug directly to the bug owener of aaa_base (osc maintainer -e aaa_base), please. By reporting back to this list it was intended to express to report the bug ID back to this tread. Also be this nice and add the starting point http://lists.opensuse.org/opensuse/2014-06/msg00748.html of this discussion to the bug report. Cheers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2014-06-13 22:55, Lars Müller wrote:
Hi Josef,
...
Also be this nice and add the starting point http://lists.opensuse.org/opensuse/2014-06/msg00748.html of this discussion to the bug report.
And the 2009 one: http://lists.opensuse.org/opensuse/2009-03/msg00515.html It is the same issue, solved back then... :-) And this bit of info showing the result of that thread: rpm -q --changelog aaa_base | less shows this: * Mon Mar 09 2009 ro@suse.de - - touch and chmod some files only if they do not exist before leave them alone otherwise - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlObaqoACgkQtTMYHG2NR9V6IQCfVMGlCwKIP+K0HnNal8n+JVNQ JhQAnRrVgR4gT4vr1lXHNzAawrjq4HMq =QONG -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Fri, 2014-06-13 at 23:18 +0200, Carlos E. R. wrote:
On 2014-06-13 22:55, Lars Müller wrote:
Hi Josef,
...
Also be this nice and add the starting point http://lists.opensuse.org/opensuse/2014-06/msg00748.html of this discussion to the bug report.
And the 2009 one:
http://lists.opensuse.org/opensuse/2009-03/msg00515.html
It is the same issue, solved back then... :-)
And this bit of info showing the result of that thread:
rpm -q --changelog aaa_base | less
shows this:
* Mon Mar 09 2009 ro@suse.de - touch and chmod some files only if they do not exist before leave them alone otherwise
Nice one. All up to date and on the ball over at suse then lol! Sleep well, L x -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Fri, Jun 13, 2014 at 10:55:45PM +0200, Lars Müller wrote:
On Fri, Jun 13, 2014 at 06:29:12PM +0200, Josef Wolf wrote:
On Fri, Jun 13, 2014 at 01:08:23PM +0200, Carlos E. R. wrote:
Bug found. Now Josef has to create Bugzilla ;-)
I just tried, but my old account seems to be deleted =:-O
Tried to create a new account, but _lots_ of private information is required to create an account. I'd rather not supply _that_ much private information just to file a bug...
https://secure-www.novell.com/selfreg/jsp/createOpenSuseAccount.jsp is there to please you.
I created a new account on this page, but when I go to bugzilla, I get this error message: | Please confirm that your email address is valid by clicking here and following | the instructions. If you have already done so, please log out and log back in. | (iChain.pm: message 3) I _have_ validated my email at least three times. But I keep getting this error message.
And even the reactivation of an old account with a forgotten password is quite easy. Open https://bugzilla.novell.com/ and follow the 'Log In' and next the 'Can't access your account?' link.
I tried that... All I got was "email address unknown" or something. -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Josef, On Wed, Jun 18, 2014 at 09:24:54AM +0200, Josef Wolf wrote:
On Fri, Jun 13, 2014 at 10:55:45PM +0200, Lars Müller wrote: [ 8< ]
https://secure-www.novell.com/selfreg/jsp/createOpenSuseAccount.jsp is there to please you.
I created a new account on this page, but when I go to bugzilla, I get this error message:
| Please confirm that your email address is valid by clicking here and following | the instructions. If you have already done so, please log out and log back in. | (iChain.pm: message 3)
I _have_ validated my email at least three times. But I keep getting this error message.
Then you have to contact the bugzilla admins from the front/ login page. But with Message-ID: <20140616190247.GA8333@hip.suse.com> I've shown you an alternative approach too: If you're not able to use bugzilla please follow the 'New Issue' link at https://github.com/openSUSE/aaa_base/issues instead. Else this will get forgotten and therfore lost again. As Carlos wrote please also add a reference to the thread from 2009 http://lists.opensuse.org/opensuse/2009-03/msg00515.html and to this one too http://lists.opensuse.org/opensuse/2014-06/msg00748.html ... when you file the issue/ report via https://github.com/ Also be this nice to report the issue ID as a clickable URL back to this thread. Thanks, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
On Wed, Jun 18, 2014 at 04:23:02PM +0200, Lars Müller wrote:
On Wed, Jun 18, 2014 at 09:24:54AM +0200, Josef Wolf wrote:
On Fri, Jun 13, 2014 at 10:55:45PM +0200, Lars Müller wrote:
... when you file the issue/ report via https://github.com/ Also be this nice to report the issue ID as a clickable URL back to this thread.
Github.com don't seem to recognize my account and "forgot password" says, it can't find my email address. But bugzilla seems to work from a different computer. Here's the link to the bug: https://bugzilla.novell.com/show_bug.cgi?id=883260 I could not find out how to assign to aaa_base, though. Thanks for the support! -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Josef, On Wed, Jun 18, 2014 at 07:30:47PM +0200, Josef Wolf wrote:
On Wed, Jun 18, 2014 at 04:23:02PM +0200, Lars Müller wrote:
On Wed, Jun 18, 2014 at 09:24:54AM +0200, Josef Wolf wrote:
On Fri, Jun 13, 2014 at 10:55:45PM +0200, Lars Müller wrote:
... when you file the issue/ report via https://github.com/ Also be this nice to report the issue ID as a clickable URL back to this thread.
Github.com don't seem to recognize my account and "forgot password" says, it can't find my email address.
Have you ever created one at the github.com? That's nothing that happens automatically if you have an account for bugzilla or openSUSE.
But bugzilla seems to work from a different computer. Here's the link to the bug:
https://bugzilla.novell.com/show_bug.cgi?id=883260
I could not find out how to assign to aaa_base, though.
As aaa_base is a package it not possible to assign the bug to it. Packages are maintained by one person or a group. The individual(s) responsible for a package you get by calling: osc maintainer aaa_base -e I expect the bug is assigned to the bugzilla screening team at the moment. And it will stay there till they find the time to move it to a responsible person. With the help of the the osc maintainer sub command the community is enabled to accelerate the process a lot. It would be a nice hackweek or student summer of code project to get this more automated/ better integrated on the bugzilla side. Might be worth to file a issue at github or a feature request if there is none. Unfortunately we had this discussion before. Thanks, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2014-06-18 21:08, Lars Müller wrote:
Packages are maintained by one person or a group. The individual(s) responsible for a package you get by calling:
osc maintainer aaa_base -e
which needs installation and an account there. There should be an easier method, using bugzilla only. Telcontar:~ # zypper --no-refresh in osc ... The following 24 NEW packages are going to be installed: ... The following 16 recommended packages were automatically selected: That's an awful lot. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlOh/mUACgkQtTMYHG2NR9XvzwCcDX/3UrGmGXP6MHwwEesP5fmq vdoAn052RjaNLUr4UmMqctAKrWjwu5Bq =4noh -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Wed, Jun 18, 2014 at 11:02:29PM +0200, Carlos E. R. wrote:
On 2014-06-18 21:08, Lars Müller wrote:
Packages are maintained by one person or a group. The individual(s) responsible for a package you get by calling:
osc maintainer aaa_base -e
which needs installation and an account there. There should be an easier method, using bugzilla only.
+1
Telcontar:~ # zypper --no-refresh in osc ... The following 24 NEW packages are going to be installed: ... The following 16 recommended packages were automatically selected:
That's an awful lot.
This is not what bothers me. After all, disk, bandwidth, and CPU are cheap nowadays. So I don't really care whether only one or 24 packages are needed. What I really care about is: how accessible is it? If I need such intensive support from the mailing list that it needs almost a week to create the bug report, and I am _still_ not able to do the assignment correctly, then, obviously, something's very badly broken. And it is _not_ the bug I am about to report that is so badly broken. IMHO. YMMV. HAND! -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2014-06-19 00:03, Josef Wolf wrote:
On Wed, Jun 18, 2014 at 11:02:29PM +0200, Carlos E. R. wrote:
On 2014-06-18 21:08, Lars Müller wrote:
Packages are maintained by one person or a group. The individual(s) responsible for a package you get by calling:
osc maintainer aaa_base -e
which needs installation and an account there. There should be an easier method, using bugzilla only.
+1
Telcontar:~ # zypper --no-refresh in osc ... The following 24 NEW packages are going to be installed: ... The following 16 recommended packages were automatically selected:
That's an awful lot.
This is not what bothers me. After all, disk, bandwidth, and CPU are cheap nowadays. So I don't really care whether only one or 24 packages are needed.
But it will not work, even if you install it: you need an account there - see here: <http://en.opensuse.org/Build_Service/CLI#Authentication> Let's try another road: http://software.opensuse.org/search?p=1&baseproject=openSUSE:13.1&q=aaa_base http://software.opensuse.org/package/aaa_base https://build.opensuse.org/package/show?project=openSUSE%3A13.1%3AUpdate&package=patchinfo.2334 dead end (patch, not package). :-( Lets try another route. https://build.opensuse.org/search Search "aaa_base" with the droplist set to "bnc" (novell bugzilla). https://build.opensuse.org/search?utf8=%E2%9C%93&search_text=aaa_base&commit=Submit+Query&issue_tracker=bnc&issue=&project=0&project=1&package=0&package=1&name=0&name=1&title=0&description=0&attrib_type_id= --> package Base:System / aaa_base Finally: https://build.opensuse.org/package/show/Base:System/aaa_base On the "users" tab you see the responsible people for it. And on the main one (overview) there is a link named "Report Bug", which should take me directly to Bugzilla (it does) with the appropriate fields filled (it does not): It says that the component is "3rd party software", which can not be for a core openSUSE package. But the bugowner is set correctly, I think. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On Mi, Jun 18, 2014 at 07:30:47 +0200, Josef Wolf wrote:
Here's the link to the bug:
Happened again today :-/ -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sa, Jul 19, 2014 at 09:49:37 +0200, Josef Wolf wrote:
On Mi, Jun 18, 2014 at 07:30:47 +0200, Josef Wolf wrote:
Here's the link to the bug:
Happened again today :-/
And again, login.attachmategroup.com won't let me login to the bug tracker. I could successfully change my password by the "password forgotten" link, but it won't let me login with the new password, too. Looks like they don't want bugs to be reported?!? :-/ -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Josef Wolf <jw@raven.inka.de> [07-19-14 04:11]:
On Sa, Jul 19, 2014 at 09:49:37 +0200, Josef Wolf wrote:
On Mi, Jun 18, 2014 at 07:30:47 +0200, Josef Wolf wrote:
Here's the link to the bug:
Happened again today :-/
And again, login.attachmategroup.com won't let me login to the bug tracker. I could successfully change my password by the "password forgotten" link, but it won't let me login with the new password, too.
Looks like they don't want bugs to be reported?!? :-/
I don't believe that to be so, rather speculation on your part. I have no problem with access or log-in. 07:32 Crash121: ~ # l /dev/null;rpm -q --last aaa_base crw-rw-rw- 1 root root 1, 3 Jul 17 12:01 /dev/null aaa_base-13.1-16.38.1.x86_64 Thu Jun 12 06:51:33 2014 07:32 wahoo: ~ # l /dev/null;rpm -q --last aaa_base crw-rw-rw- 1 root root 1, 3 Jul 8 06:05 /dev/null aaa_base-13.1-16.38.1.x86_64 Thu Jun 12 06:49:25 2014 07:32 Crash: ~ # l /dev/null;rpm -q --last aaa_base crw-rw-rw- 1 root root 1, 3 Jul 18 16:10 /dev/null aaa_base-13.1-16.42.1.x86_64 Fri Jul 18 10:09:20 2014 07:31 crash2: ~ # l /dev/null;rpm -q --last aaa_base crw-rw-rw- 1 root root 1, 3 Jul 19 00:25 /dev/null aaa_base-13.2+git20140604.9f4be6e-1.1.x86_64 Fri Jul 18 20:06:49 2014 -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://linuxcounter.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sa, Jul 19, 2014 at 07:33:49 -0400, Patrick Shanahan wrote:
07:32 Crash121: ~ # l /dev/null;rpm -q --last aaa_base crw-rw-rw- 1 root root 1, 3 Jul 17 12:01 /dev/null aaa_base-13.1-16.38.1.x86_64 Thu Jun 12 06:51:33 2014
Do you have /root/.bash_history symlinked to /dev/null? -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
* Josef Wolf <jw@raven.inka.de> [07-19-14 16:12]:
On Sa, Jul 19, 2014 at 07:33:49 -0400, Patrick Shanahan wrote:
07:32 Crash121: ~ # l /dev/null;rpm -q --last aaa_base crw-rw-rw- 1 root root 1, 3 Jul 17 12:01 /dev/null aaa_base-13.1-16.38.1.x86_64 Thu Jun 12 06:51:33 2014
Do you have /root/.bash_history symlinked to /dev/null?
No, I see no reason as *only* root, which is me, has access. And root has no reason to do anything where the DOJ or NSA has interest. there is no reason for paranoia with sane practices. -- (paka)Patrick Shanahan Plainfield, Indiana, USA @ptilopteri http://en.opensuse.org openSUSE Community Member facebook/ptilopteri http://wahoo.no-ip.org Photo Album: http://wahoo.no-ip.org/gallery2 Registered Linux User #207535 @ http://linuxcounter.net -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On Sa, Jul 19, 2014 at 07:17:44 -0400, Patrick Shanahan wrote:
* Josef Wolf <jw@raven.inka.de> [07-19-14 16:12]:
On Sa, Jul 19, 2014 at 07:33:49 -0400, Patrick Shanahan wrote:
07:32 Crash121: ~ # l /dev/null;rpm -q --last aaa_base crw-rw-rw- 1 root root 1, 3 Jul 17 12:01 /dev/null aaa_base-13.1-16.38.1.x86_64 Thu Jun 12 06:51:33 2014
Do you have /root/.bash_history symlinked to /dev/null?
No, I see no reason as *only* root, which is me, has access. And root has no reason to do anything where the DOJ or NSA has interest.
there is no reason for paranoia with sane practices.
This is a totally different story. The system should not be brought into an unusable state, independant from whether the operator has reason for paramoia or not. -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Thanks for the reply, Carlos! On Fri, Jun 13, 2014 at 11:47:57AM +0200, Carlos E. R. wrote:
I think it would have this Message-ID:
In-Reply-To: <alpine.LNX.2.00.0903100026320.30508@Fatou.suse.de>
and it was perhaps sent privately. I did a search, and I have never seen a post from him on the opensuse general mail list. Only factory, security, and bugzillas.
This message was addressed to: To: Josef Wolf <jw@raven.inka.de>, opensuse@opensuse.org Maybe Christian's messages were removed from the archives?
Tonight, it happened again. /dev/null became chmod'ed to 0600 on opensuse-13.1
Has the fix been lost somewhere during its 5 years lasting transision from FACTORY to opensuse-13.1?
What happened in that case was that you had /root/.bash_history symlinked to /dev/null, and the postinstall script of the aaa_base rpm did: touch root/.bash_history chmod 600 root/.bash_history
which changed /dev/null, not the symlink (which is impossible).
The cause of the problem is clear to me. The symlink is still there, since I set it by intent. I don't want bash-history for root, even if some variables happen to pass through /bin/su or sudo.
The solution, according to Cristian, would be to «"touch & chmod" only if it the file doesnt exists.»
Yeah. Something like if [ ! -e /root/.bash_history ] ; then touch /root/.bash_history chmod 600 /root/.bash_history fi in the postinstall script or something.
But I don't see in the thread a bugzilla number for the issue.
I never created a bug. Due to Christian's message, I assumed the fix was already applied. There's no point in creating a bug for something that's already fixed, IMHO. Turns out that the fix has been lost somewhere?
The procedure for finding out the culprit this time would be to repeat the steps again ;-)
Sorry, I don't understand. We know the cause and we know the fix. What else do we need to find out by repeating the steps? -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2014-06-13 12:25, Josef Wolf wrote:
Thanks for the reply, Carlos!
On Fri, Jun 13, 2014 at 11:47:57AM +0200, Carlos E. R. wrote:
I think it would have this Message-ID:
In-Reply-To: <alpine.LNX.2.00.0903100026320.30508@Fatou.suse.de>
and it was perhaps sent privately. I did a search, and I have never seen a post from him on the opensuse general mail list. Only factory, security, and bugzillas.
This message was addressed to:
To: Josef Wolf <jw@raven.inka.de>, opensuse@opensuse.org Maybe Christian's messages were removed from the archives?
Not Christian, but Ruediger's. He was probably not subscribed to the opensuse list, so they never appeared there. I have my own archives. You probably got that answer directly from him, so nobody but you saw it.
What happened in that case was that you had /root/.bash_history symlinked to /dev/null, and the postinstall script of the aaa_base rpm did: touch root/.bash_history chmod 600 root/.bash_history
which changed /dev/null, not the symlink (which is impossible).
The cause of the problem is clear to me.
I was posting the short history so that we all could see it without reading the long thread ;-)
The symlink is still there, since I set it by intent. I don't want bash-history for root, even if some variables happen to pass through /bin/su or sudo.
Ok.
The solution, according to Cristian, would be to «"touch & chmod" only if it the file doesnt exists.»
Yeah. Something like
if [ ! -e /root/.bash_history ] ; then touch /root/.bash_history chmod 600 /root/.bash_history fi
in the postinstall script or something.
which you can see in the post from Berny that it is not done.
But I don't see in the thread a bugzilla number for the issue.
I never created a bug. Due to Christian's message, I assumed the fix was already applied. There's no point in creating a bug for something that's already fixed, IMHO.
Ok, but now you can not re-open the bugzilla, or open a new one pointing to it.
The procedure for finding out the culprit this time would be to repeat the steps again ;-)
Sorry, I don't understand. We know the cause and we know the fix. What else do we need to find out by repeating the steps?
A proof :-) You know the symptoms only. - -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar) -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.22 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlOa2R4ACgkQtTMYHG2NR9Uh8wCeJcFhccaJalV4k10Td5qViRBk xUcAn02j8Mcx+sMJwTb4oee0ulYCgYf7 =X7aQ -----END PGP SIGNATURE----- -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 06/13/2014 12:25 PM, Josef Wolf wrote:
I don't want bash-history for root, even if some variables happen to pass through /bin/su or sudo.
Just an - well, crude - idea: $ rm -f /root/.bash_history $ mknod --mode=666 /root/.bash_history c 1 3 $ ls -l /dev/null /root/.bash_history crw-rw-rw- 1 root root 1, 3 Jun 13 11:55 /dev/null crw-rw-rw- 1 root root 1, 3 Jun 13 13:22 /root/.bash_history ;-) Have fun, Berny -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
On 2014-06-13 13:28, Bernhard Voelker wrote:
On 06/13/2014 12:25 PM, Josef Wolf wrote:
I don't want bash-history for root, even if some variables happen to pass through /bin/su or sudo.
Just an - well, crude - idea:
$ rm -f /root/.bash_history
$ mknod --mode=666 /root/.bash_history c 1 3
$ ls -l /dev/null /root/.bash_history crw-rw-rw- 1 root root 1, 3 Jun 13 11:55 /dev/null crw-rw-rw- 1 root root 1, 3 Jun 13 13:22 /root/.bash_history
If you look at the original thread on 2009, it was tried and did not work, because the script changing it runs as root. -- Cheers / Saludos, Carlos E. R. (from 13.1 x86_64 "Bottle" at Telcontar)
On Fri, Jun 13, 2014 at 01:28:22PM +0200, Bernhard Voelker wrote:
On 06/13/2014 12:25 PM, Josef Wolf wrote:
I don't want bash-history for root, even if some variables happen to pass through /bin/su or sudo.
Just an - well, crude - idea:
$ rm -f /root/.bash_history
$ mknod --mode=666 /root/.bash_history c 1 3
$ ls -l /dev/null /root/.bash_history crw-rw-rw- 1 root root 1, 3 Jun 13 11:55 /dev/null crw-rw-rw- 1 root root 1, 3 Jun 13 13:22 /root/.bash_history
man bash ... HISTFILE The name of the file in which command history is saved (see HIS- TORY below). The default value is ~/.bash_history. If unset, the command history is not saved when an interactive shell exits. Doesn't this provide the required feature? Nevertheless a bug has to be opened and the ID reported back to this list. Ensure to assign the bug directly to the bug owener of aaa_base (osc maintainer -e aaa_base), please. Cheers, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
On Fri, Jun 13, 2014 at 02:18:17PM +0200, Lars Müller wrote:
man bash ... HISTFILE The name of the file in which command history is saved (see HIS- TORY below). The default value is ~/.bash_history. If unset, the command history is not saved when an interactive shell exits.
Doesn't this provide the required feature?
No. I symlinked to /dev/null for the case that /bin/su or sudo might be mis-configured to _not_ remove those variables. -- Josef Wolf jw@raven.inka.de -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org
Hi Josef, On Fri, Jun 13, 2014 at 06:24:25PM +0200, Josef Wolf wrote:
On Fri, Jun 13, 2014 at 02:18:17PM +0200, Lars Müller wrote:
man bash ... HISTFILE The name of the file in which command history is saved (see HIS- TORY below). The default value is ~/.bash_history. If unset, the command history is not saved when an interactive shell exits.
Doesn't this provide the required feature?
No.
I symlinked to /dev/null for the case that /bin/su or sudo might be mis-configured to _not_ remove those variables.
What's the state regarding the bug report to track this issue? Please be this nice and share it with us. If you're not able to use bugzilla please follow the 'New Issue' link at https://github.com/openSUSE/aaa_base/issues instead. Else this will get forgotten and therfore lost again. As Carlos wrote please also add a reference to the thread from 2009 http://lists.opensuse.org/opensuse/2009-03/msg00515.html and to this one too http://lists.opensuse.org/opensuse/2014-06/msg00748.html Thanks, Lars -- Lars Müller [ˈlaː(r)z ˈmʏlɐ] Samba Team + SUSE Labs SUSE Linux, Maxfeldstraße 5, 90409 Nürnberg, Germany
participants (7)
-
Bernhard Voelker -
Carlos E. R. -
Carlos E. R. -
Josef Wolf -
Lars Müller -
lynn -
Patrick Shanahan