Issue #8192 has been updated by tgeeky -.
Status changed from Investigating to Accepted
> ****repeating the same procedure, except s/6555/06555/****:
>
> notice: /Stage[main]//File[/tmp/testfile]/group: group changed 'bin' to
> 'root'
> notice: /Stage[main]//File[/tmp/testfile]/mode: mode changed '555' to
> '6555'
>
> It changes in one pass.
>
> root@planck:/etc# ls -l /tmp/testfile
> -r-sr-sr-x 1 root root 0 2011-07-07 14:26 /tmp/testfile
**** repeating the same procedure, except s/6555/'6555'/ ****
* it changes in one pass
notice: /Stage[main]//File[/tmp/testfile]/group: group changed 'bin' to
'root'
notice: /Stage[main]//File[/tmp/testfile]/mode: mode changed '555' to '6555'
* one pass
root@planck:/etc# ls -l /tmp/testfile
-r-sr-sr-x 1 root root 0 2011-07-07 14:26 /tmp/testfile
**** repeating the same procedure, except s/6555/'06555'/ ****
* first pass it ****silently**** changes the mode from octal 6555 to octal 555!
notice: /Stage[main]//File[/tmp/testfile]/group: group changed 'bin' to
'root'
* ****this**** is a real bug:
root@planck:/etc# ls -l /tmp/testfile
-r-xr-xr-x 1 root root 0 2011-07-07 14:26 /tmp/testfile
* second pass:
notice: /Stage[main]//File[/tmp/testfile]/mode: mode changed '555' to '6555'
----------------------------------------
Bug #8192: puppet breaking setuid bit on group change
https://projects.puppetlabs.com/issues/8192
Author: Jan-Frode Myklebust
Status: Accepted
Priority: Normal
Assignee:
Category:
Target version:
Affected Puppet version:
Keywords:
Branch:
We have a puppet module that's trying to manage owner, group
and setuid bit on /bin/nice:
file { "/bin/nice":
owner => root,
group => root,
mode => 6555,
}
If the mode is correct, but group is wrong, puppet will fix the
group and lose the setuid bit:
# chgrp bin /bin/nice
# chmod 6555 /bin/nice
# ls -l /bin/nice
-r-sr-sr-x 1 root bin 23424 Jan 26 17:12 /bin/nice
# pkill -USR1 puppet
Jun 29 22:26:29 xsp4 puppetd[21024]: Caught USR1; calling reload
Jun 29 22:26:32 xsp4 puppetd[21024]: (/Stage[main]/SomeSystem::Nice/File
[/bin/nice]/group) group changed 'bin' to 'root'
Jun 29 22:26:33 xsp4 puppetd[21024]: Finished catalog run in 1.86 second
s
# ls -l /bin/nice
-r-xr-xr-x 1 root root 23424 Jan 26 17:12 /bin/nice
And puppet then needs a second run to fix the setuid bit:
# pkill -USR1 puppet
Jun 29 22:26:44 xsp4 puppetd[21024]: (/Stage[main]/SomeSystem::Nice/File
[/bin/nice]/mode) mode changed '555' to '6555'
# ls -l /bin/nice
-r-sr-sr-x 1 root root 23424 Jan 26 17:12 /bin/nice
This has only been tested on v0.25.4 on RHEL5.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
