On 04/04/16 23:48, Pat Riehecky wrote:
> On 04/03/2016 03:21 AM, Steven Haigh wrote:
>> Recently I've been using 'yum verify' to examine some storage issues
>> with file system corruption (not an SL7 problem). I've been noticing
>> that a lot of permissions at runtime get changed - which causes yum
>> verify to point these out.
>>
>> Its my opinion that the permissions that are needed at runtime for
>> various things should actually be packaged into the RPMs installed -
>> therefore there should be no difference between install time and runtime
>> permissions.
>>
>> For example:
>> $ yum verify
>> Loaded plugins: fastestmirror, verify
>> ==================== Installed Packages ====================
>> bind.x86_64 : The Berkeley Internet Name Domain (BIND) DNS (Domain Name
>> System) server
>> File: /run/named
>> Problem: mode does not match
>> Current: user:wrx, group:wrx, other:---
>> Original: user:wrx, group:-rx, other:-rx
>>
>> bind-chroot.x86_64 : A chroot runtime environment for the ISC BIND DNS
>> server, named(8)
>> File: /var/named/chroot/usr/lib64/bind
>> Problem: group does not match
>> Current: root
>> Original: named
>> --------
>> Problem: mode does not match
>> Current: user:wrx, group:-rx, other:-rx
>> Original: user:wrx, group:-rx, other:---
>>
>> filesystem.x86_64 : The basic directory layout for a Linux system
>> File: /mnt
>> Problem: mode does not match
>> Current: user:-rx, group:-rx, other:-rx
>> Original: user:wrx, group:-rx, other:-rx
>> verify done
>>
>> If you fix these permissions back to the default, then they get changed
>> again via the reboot / systemctl stop/start.
>>
>> My question is, shouldn't these be corrected upstream in the packages
>> provided?
>>
>
> Getting this corrected upstream makes sense to me. Can I have you file
> a few bugzillas and put me on the CC list?
Ok, I've finally gotten around to doing this - the excitement of an IPv6
deployment across all my kit at home just had to be done first ;)
I've added you to the CC list on the two I've filed - I figure submit
two as canaries to see what the feedback / result will be and go from
there...
--
Steven Haigh
Email: [log in to unmask]
Web: https://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897
|