http://bugzilla.suse.com/show_bug.cgi?id=1092269
http://bugzilla.suse.com/show_bug.cgi?id=1092269#c4
Thomas Blume
I am not exactly sure how the machine-id business is supposed to work, from the spec file it sounds like it is a kind of two stage process where some other component is responsible for "fixing up" the file.
Can you please find a solution that avoids having this file world writeable in the first place?
That had been introduced here: https://build.opensuse.org/request/show/479267 but I don't see any reason making it world writable. The upstream code (src/core/machine-id-setup.c) shows even 444 as permissions: --> int machine_id_setup(const char *root, sd_id128_t machine_id, sd_id128_t *ret) { const char *etc_machine_id, *run_machine_id; _cleanup_close_ int fd = -1; bool writable; int r; etc_machine_id = prefix_roota(root, "/etc/machine-id"); RUN_WITH_UMASK(0000) { /* We create this 0444, to indicate that this isn't really * something you should ever modify. Of course, since the file * will be owned by root it doesn't matter much, but maybe * people look. */ (void) mkdir_parents(etc_machine_id, 0755); fd = open(etc_machine_id, O_RDWR|O_CREAT|O_CLOEXEC|O_NOCTTY, 0444); --< Still, considering the original commit, I guess we'd need to make it 644. Ludwig, since you were involved in bug#1024740, I guess you are the best to comment on that, any objection? -- You are receiving this mail because: You are on the CC list for the bug.