[OpenAFS] openafs-1.4.2 RHEL RPM package installs nonempty SuidCells
and mangles CellServDB
Thu, 16 Nov 2006 19:16:37 -0500
Does the RPM init.d script properly handle the case where you need to
update an existing entry in the CellServdb.dist file?
at uncc.edu, we changed our DB servers, but the CellServDB.dist file
hasn't caught up yet because until this week, a new version hadn't been
published since we changed it.
Derek Atkins wrote:
> The RPM will combine /usr/vice/etc/CellServDB.local with
> /usr/vice/etc/CellServDB.dist into /usr/vice/etc/CellServDB.
> If you have local changes you want to make to the CellServDB
> then put them into CellServDB.local and the RPM will include
> them in the new CellServDB. This is done at every 'start'
> (or at least checked).
> SuidCells is handled the same way.
> Quoting Derrick J Brashear <firstname.lastname@example.org>:
>>> IMHO this is a security issue! This should not *never* happen,
>>> because it poses a threat to unexperienced users and during updates
>>> of the client.
>> Ok, but.
>>> The same mechanism is applied to CellServDB!
>>> We maintain our CellServDB ourself for several reasons. This startup
>>> script mangles our configuration and interferes with our scripts.
>>> Even if I remove CellServDB.dist and CellServDB.local (which is
>>> empty), my CellServDB (maintained by cfengine, and on some older
>>> systems by a cronjob) is overwritten:
>> Most people don't have their own, and so instead we'll get people for
>> whom CellServDB never updates. Unless you can offer a solution to
>> that, you'll get no traction.
>>> The script should test for existing configuration files. Modifying
>>> CellServDB and SuidCells should be a configuration option in
>>> /etc/default/openafs that is switched off by default.
>> SuidCells I buy. CellServDB, nope, try again. Like, for all the sites
>> which already have the global CellServDB, unless they opt in, they'll
>> never get an update again. That's unacceptable.
>> OpenAFS-info mailing list