Subject: | |
From: | |
Reply To: | |
Date: | Sun, 3 Apr 2016 18:21:04 +1000 |
Content-Type: | multipart/signed |
Parts/Attachments: |
|
|
Recently I've been using 'yum verify' to examine some storage issues
with file system corruption (not an SL7 problem). I've been noticing
that a lot of permissions at runtime get changed - which causes yum
verify to point these out.
Its my opinion that the permissions that are needed at runtime for
various things should actually be packaged into the RPMs installed -
therefore there should be no difference between install time and runtime
permissions.
For example:
$ yum verify
Loaded plugins: fastestmirror, verify
==================== Installed Packages ====================
bind.x86_64 : The Berkeley Internet Name Domain (BIND) DNS (Domain Name
System) server
File: /run/named
Problem: mode does not match
Current: user:wrx, group:wrx, other:---
Original: user:wrx, group:-rx, other:-rx
bind-chroot.x86_64 : A chroot runtime environment for the ISC BIND DNS
server, named(8)
File: /var/named/chroot/usr/lib64/bind
Problem: group does not match
Current: root
Original: named
--------
Problem: mode does not match
Current: user:wrx, group:-rx, other:-rx
Original: user:wrx, group:-rx, other:---
filesystem.x86_64 : The basic directory layout for a Linux system
File: /mnt
Problem: mode does not match
Current: user:-rx, group:-rx, other:-rx
Original: user:wrx, group:-rx, other:-rx
verify done
If you fix these permissions back to the default, then they get changed
again via the reboot / systemctl stop/start.
My question is, shouldn't these be corrected upstream in the packages
provided?
--
Steven Haigh
Email: [log in to unmask]
Web: https://www.crc.id.au
Phone: (03) 9001 6090 - 0412 935 897
|
|
|