Bug #5401

Expanding foreman-debug tar file can munge permissions in /tmp

Added by Stefan Lasiewski over 3 years ago. Updated over 3 years ago.

Status:Closed
Priority:Normal
Assigned To:Lukas Zapletal
Category:Packaging
Target version:Sprint 23
Difficulty:trivial Bugzilla link:
Found in release:1.4.2 Pull request:
Story points-
Velocity based estimate-
Release1.5.0Release relationshipAuto

Description

I created a foreman-debug file. When I expand the tar file in my /tmp directory, it overwrites the permissions for /tmp , which can cause other problems.

When creating the tar file, perhaps create a sub-directory before collecting all of the various files so that it doesn't accidentally expand over files in the current directory?


Steps to reproduce:

1. Create a debug file

[root@puppetmaster ~]# foreman-debug

HOSTNAME: puppetmaster.example.org
OS: redhat
RELEASE: Scientific Linux release 6.5 (Carbon)
FOREMAN: 1.4.2
RUBY: ruby 1.8.7 (2011-06-30 patchlevel 352) [x86_64-linux]
PUPPET: 3.5.1

A debug file has been created: /tmp/foreman-debug-7BKxm.tar.xz (443728 bytes)

You may want to upload the tarball to our public server via rsync. There is a
write only directory (readable only by Foreman core developers) for that. Note
the rsync transmission is UNENCRYPTED:

rsync /tmp/foreman-debug-7BKxm.tar.xz rsync://theforeman.org/debug-incoming

Do you want to do this now? [y/N] N

[root@puppetmaster ~]#

2. Untar the tarfile and notice how the file munges the permissions

[root@puppetmaster ~]# cd /tmp
[root@puppetmaster tmp]# ls ld .
drwxrwxrwt. 7 root root 4096 Apr 22 12:36 .
[root@puppetmaster tmp]# tar Jxf /tmp/foreman-debug-7BKxm.tar.xz
[root@puppetmaster tmp]# ls -ld .
drwx-----
. 10 root root 4096 Apr 22 12:35 .

3. This causes other failures, such as mod_passenger being unable to work:

[ 2014-04-22 11:51:49.3837 4282/7f388d44f7e0 apache2/Hooks.cpp:757 ]: Unexpect
ed error in mod_passenger: Cannot connect to Unix socket '/tmp/passenger.1.0.4
260/generation-0/request': Permission denied (errno=13)
Backtrace:
(empty)

  1. To fix this problem, reset the privileges on /tmp with the following chmod:

[root@puppetmaster tmp]# chmod 1777 .
[root@puppetmaster tmp]# ls -ld .
drwxrwxrwt. 10 root root 4096 Apr 22 12:35 .
[root@host tmp]#


Related issues

Related to Foreman - Bug #2613: foreman-debug creates tmp/foreman-debug-$rand in tarball Closed 06/04/2013

Associated revisions

Revision 30f3f8d7
Added by Lukas Zapletal over 3 years ago

fixes #5401 - fixed foreman-debug tarball creation including '.'

Revision f19483bc
Added by Lukas Zapletal over 3 years ago

fixes #5401 - fixed foreman-debug tarball creation including '.'

(cherry picked from commit 30f3f8d7bfb32301144be156d2b35c1467083054)

History

#1 Updated by Dominic Cleal over 3 years ago

  • Category set to Packaging

I think this happens because there's a "." directory in the first level of the tarball, which came about when we fixed #2613 (removing random dir names). Removing that level would probably fix it too.

#2 Updated by Dominic Cleal over 3 years ago

  • Related to Bug #2613: foreman-debug creates tmp/foreman-debug-$rand in tarball added

#3 Updated by Lukas Zapletal over 3 years ago

  • Status changed from New to Ready For Testing
  • Assigned To set to Lukas Zapletal
  • Target version set to Sprint 22
  • Difficulty set to trivial

Fixed, thanks for investigation!

https://github.com/theforeman/foreman/pull/1398

#4 Updated by Dmitri Dolguikh over 3 years ago

  • Target version changed from Sprint 22 to Sprint 23

#5 Updated by Dmitri Dolguikh over 3 years ago

  • Target version changed from Sprint 23 to Sprint 22

#6 Updated by Dmitri Dolguikh over 3 years ago

  • Target version changed from Sprint 22 to Sprint 23

#7 Updated by Dominic Cleal over 3 years ago

  • Release set to 1.5.0

#8 Updated by Lukas Zapletal over 3 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

Also available in: Atom PDF