LISTSERV - SCIENTIFIC-LINUX-DEVEL Archives

SCIENTIFIC-LINUX-DEVEL Archives

April 2016

SCIENTIFIC-LINUX-DEVEL@LISTSERV.FNAL.GOV

	LISTSERV Archives
	SCIENTIFIC-LINUX-DEVEL Home
	SCIENTIFIC-LINUX-DEVEL April 2016

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	Re: yum verify and runtime changes.
From:	Steven Haigh <[log in to unmask]>
Reply To:	Steven Haigh <[log in to unmask]>
Date:	Sun, 10 Apr 2016 12:05:18 +1000
Content-Type:	multipart/signed
Parts/Attachments:	text/plain (2426 bytes) , signature.asc (834 bytes)

On 04/04/16 23:48, Pat Riehecky wrote:
> On 04/03/2016 03:21 AM, Steven Haigh wrote:
>> Recently I've been using 'yum verify' to examine some storage issues
>> with file system corruption (not an SL7 problem). I've been noticing
>> that a lot of permissions at runtime get changed - which causes yum
>> verify to point these out.
>>
>> Its my opinion that the permissions that are needed at runtime for
>> various things should actually be packaged into the RPMs installed -
>> therefore there should be no difference between install time and runtime
>> permissions.
>>
>> For example:
>> $ yum verify
>> Loaded plugins: fastestmirror, verify
>> ==================== Installed Packages ====================
>> bind.x86_64 : The Berkeley Internet Name Domain (BIND) DNS (Domain Name
>> System) server
>>      File: /run/named
>>          Problem:  mode does not match
>>          Current:  user:wrx, group:wrx, other:---
>>          Original: user:wrx, group:-rx, other:-rx
>>
>> bind-chroot.x86_64 : A chroot runtime environment for the ISC BIND DNS
>> server, named(8)
>>      File: /var/named/chroot/usr/lib64/bind
>>          Problem:  group does not match
>>          Current:  root
>>          Original: named
>>                                     --------
>>          Problem:  mode does not match
>>          Current:  user:wrx, group:-rx, other:-rx
>>          Original: user:wrx, group:-rx, other:---
>>
>> filesystem.x86_64 : The basic directory layout for a Linux system
>>      File: /mnt
>>          Problem:  mode does not match
>>          Current:  user:-rx, group:-rx, other:-rx
>>          Original: user:wrx, group:-rx, other:-rx
>> verify done
>>
>> If you fix these permissions back to the default, then they get changed
>> again via the reboot / systemctl stop/start.
>>
>> My question is, shouldn't these be corrected upstream in the packages
>> provided?
>>
> 
> Getting this corrected upstream makes sense to me.  Can I have you file
> a few bugzillas and put me on the CC list?

Ok, I've finally gotten around to doing this - the excitement of an IPv6
deployment across all my kit at home just had to be done first ;)

I've added you to the CC list on the two I've filed - I figure submit
two as canaries to see what the feedback / result will be and go from
there...

-- 
Steven Haigh

Email: [log in to unmask]
Web: https://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897

ATOM RSS1 RSS2

LISTSERV.FNAL.GOV