Issue #8192 has been updated by Josh Cooper.
Category set to file
Status changed from Needs Decision to Accepted
Assignee deleted (Josh Cooper)
Target version set to 2.7.x
Affected Puppet version set to 0.22.1
ok, I lied. It's not a problem on Mac at all. But it is a problem as far back
as 0.22.1 and through and including 2.7.x on Centos 5.6 with kernel
2.6.18-238.el5
<pre>
#!/bin/sh
rm -f /tmp/testfile
touch /tmp/testfile
chown root:bin /tmp/testfile
chmod 6555 /tmp/testfile
puppet -e "file { '/tmp/testfile':
ensure => 'file',
owner => 'root',
group => 'root',
mode => 6555,
}"
ls -l /tmp/testfile
puppet -e "file { '/tmp/testfile':
ensure => 'file',
owner => 'root',
group => 'root',
mode => 6555,
}"
ls -l /tmp/testfile
</pre>
Generates the following in 2.7.x:
<pre>
notice: /Stage[main]//File[/tmp/testfile]/group: group changed 'bin' to 'root'
notice: Finished catalog run in 0.04 seconds
-r-xr-xr-x 1 root root 0 Nov 22 11:40 /tmp/testfile
notice: /Stage[main]//File[/tmp/testfile]/mode: mode changed '555' to '6555'
notice: Finished catalog run in 0.04 seconds
-r-sr-sr-x 1 root root 0 Nov 22 11:40 /tmp/testfile
</pre>
----------------------------------------
Bug #8192: puppet breaking setuid bit on group change
https://projects.puppetlabs.com/issues/8192
Author: Jan-Frode Myklebust
Status: Accepted
Priority: Normal
Assignee:
Category: file
Target version: 2.7.x
Affected Puppet version: 0.22.1
Keywords:
Branch:
We have a puppet module that's trying to manage owner, group
and setuid bit on /bin/nice:
file { "/bin/nice":
owner => root,
group => root,
mode => 6555,
}
If the mode is correct, but group is wrong, puppet will fix the
group and lose the setuid bit:
# chgrp bin /bin/nice
# chmod 6555 /bin/nice
# ls -l /bin/nice
-r-sr-sr-x 1 root bin 23424 Jan 26 17:12 /bin/nice
# pkill -USR1 puppet
Jun 29 22:26:29 xsp4 puppetd[21024]: Caught USR1; calling reload
Jun 29 22:26:32 xsp4 puppetd[21024]:
(/Stage[main]/SomeSystem::Nice/File[/bin/nice]/group) group changed 'bin' to
'root'
Jun 29 22:26:33 xsp4 puppetd[21024]: Finished catalog run in 1.86
seconds
# ls -l /bin/nice
-r-xr-xr-x 1 root root 23424 Jan 26 17:12 /bin/nice
And puppet then needs a second run to fix the setuid bit:
# pkill -USR1 puppet
Jun 29 22:26:44 xsp4 puppetd[21024]:
(/Stage[main]/SomeSystem::Nice/File[/bin/nice]/mode) mode changed '555' to
'6555'
# ls -l /bin/nice
-r-sr-sr-x 1 root root 23424 Jan 26 17:12 /bin/nice
This has only been tested on v0.25.4 on RHEL5.
--
You have received this notification because you have either subscribed to it,
or are involved in it.
To change your notification preferences, please click here:
http://projects.puppetlabs.com/my/account
--
You received this message because you are subscribed to the Google Groups
"Puppet Bugs" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/puppet-bugs?hl=en.
