Issue #8192 has been updated by tgeeky -.
Status changed from Unreviewed to Investigating
Same circumstance:
* puppet 2.7.1, fresh install
root@planck:/etc# ls -l /tmp/testfile
-r-sr-sr-x 1 root bin 0 2011-07-07 14:26 /tmp/testfile
* confirm m-o-g: 6555 root bin
file { '/tmp/testfile':
owner => 'root',
group => 'root',
mode => 6555,
}
* install manifest, m-o-g is: ****decimal**** 6555 root root
* puppet agent --test --onetime --debug trace --verbose
notice: /Stage[main]//File[/tmp/testfile]/group: group changed 'bin' to
'root'
debug: /Stage[main]//File[/tmp/testfile]: The container /tmp/testfile will
propagate my refresh event
* file is m-o-g: ****octal**** 0555 root root
root@planck:/etc# ls -l /tmp/testfile
-r-xr-xr-x 1 root root 0 2011-07-07 14:26 /tmp/testfile
* puppet agent --test --onetime --debug trace --verbose
notice: /Stage[main]//File[/tmp/testfile]/mode: mode changed '555' to '6555'
debug: /Stage[main]//File[/tmp/testfile]: The container /tmp/testfile will
propagate my refresh event
* file is m-o-g ****octal**** 6555 root root
root@planck:/etc# ls -l /tmp/testfile
-r-sr-sr-x 1 root root 0 2011-07-07 14:26 /tmp/testfile
----------------------------------------
Bug #8192: puppet breaking setuid bit on group change
https://projects.puppetlabs.com/issues/8192
Author: Jan-Frode Myklebust
Status: Investigating
Priority: Normal
Assignee:
Category:
Target version:
Affected Puppet version:
Keywords:
Branch:
We have a puppet module that's trying to manage owner, group
and setuid bit on /bin/nice:
file { "/bin/nice":
owner => root,
group => root,
mode => 6555,
}
If the mode is correct, but group is wrong, puppet will fix the
group and lose the setuid bit:
# chgrp bin /bin/nice
# chmod 6555 /bin/nice
# ls -l /bin/nice
-r-sr-sr-x 1 root bin 23424 Jan 26 17:12 /bin/nice
# pkill -USR1 puppet
Jun 29 22:26:29 xsp4 puppetd[21024]: Caught USR1; calling reload
Jun 29 22:26:32 xsp4 puppetd[21024]: (/Stage[main]/SomeSystem::Nice/File
[/bin/nice]/group) group changed 'bin' to 'root'
Jun 29 22:26:33 xsp4 puppetd[21024]: Finished catalog run in 1.86 second
s
# ls -l /bin/nice
-r-xr-xr-x 1 root root 23424 Jan 26 17:12 /bin/nice
And puppet then needs a second run to fix the setuid bit:
# pkill -USR1 puppet
Jun 29 22:26:44 xsp4 puppetd[21024]: (/Stage[main]/SomeSystem::Nice/File
[/bin/nice]/mode) mode changed '555' to '6555'
# ls -l /bin/nice
-r-sr-sr-x 1 root root 23424 Jan 26 17:12 /bin/nice
This has only been tested on v0.25.4 on RHEL5.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
