On 04/03/2016 03:21 AM, Steven Haigh wrote: > Recently I've been using 'yum verify' to examine some storage issues > with file system corruption (not an SL7 problem). I've been noticing > that a lot of permissions at runtime get changed - which causes yum > verify to point these out. > > Its my opinion that the permissions that are needed at runtime for > various things should actually be packaged into the RPMs installed - > therefore there should be no difference between install time and runtime > permissions. > > For example: > $ yum verify > Loaded plugins: fastestmirror, verify > ==================== Installed Packages ==================== > bind.x86_64 : The Berkeley Internet Name Domain (BIND) DNS (Domain Name > System) server > File: /run/named > Problem: mode does not match > Current: user:wrx, group:wrx, other:--- > Original: user:wrx, group:-rx, other:-rx > > bind-chroot.x86_64 : A chroot runtime environment for the ISC BIND DNS > server, named(8) > File: /var/named/chroot/usr/lib64/bind > Problem: group does not match > Current: root > Original: named > -------- > Problem: mode does not match > Current: user:wrx, group:-rx, other:-rx > Original: user:wrx, group:-rx, other:--- > > filesystem.x86_64 : The basic directory layout for a Linux system > File: /mnt > Problem: mode does not match > Current: user:-rx, group:-rx, other:-rx > Original: user:wrx, group:-rx, other:-rx > verify done > > If you fix these permissions back to the default, then they get changed > again via the reboot / systemctl stop/start. > > My question is, shouldn't these be corrected upstream in the packages > provided? > Getting this corrected upstream makes sense to me. Can I have you file a few bugzillas and put me on the CC list? Pat