Bug 777405

Summary: systemd and chkstat disagree on group of /var/log/btmp
Product: [openSUSE] openSUSE 12.2 Reporter: Forgotten User 7XRNh5WElB <forgotten_7XRNh5WElB>
Component: BasesystemAssignee: Frederic Crozat <fcrozat>
Status: RESOLVED FIXED QA Contact: E-mail List <qa-bugs>
Severity: Minor    
Priority: P5 - None CC: fcrozat, meissner, suse-beta
Version: RC 2   
Target Milestone: ---   
Hardware: All   
OS: openSUSE 12.2   
Whiteboard:
Found By: --- Services Priority:
Business Priority: Blocker: ---
Marketing QA Status: --- IT Deployment: ---

Description Forgotten User 7XRNh5WElB 2012-08-25 22:38:00 UTC 
User-Agent:       Mozilla/5.0 (X11; Linux x86_64; rv:14.0) Gecko/20100101 Firefox/14.0.1

chkstat and systemd have different ideas on which group /var/log/btmp should belong to.  From /etc/permissions (used by chkstat):
> /var/log/btmp   root:root   600
From /usr/lib/tmpfiles.d/systemd.conf:
> f /var/log/btmp 0600 root utmp -

Generally systemd "wins" since it enforces its will at every bootup.  However, since the filemode is 0600 in both cases, the group probably doesn't matter anyway.

Reproducible: Always

Steps to Reproduce:
yarny@yarnypc:~> chkstat --system --warn --noheader
/var/log/btmp should be root:root 0600. (wrong owner/group root:utmp)
Comment 1 Christian Boltz 2012-08-26 21:43:50 UTC 
assigning to Frederic because systemd came later ;-) and CC'ing Marcus, the permissions maintainer
Comment 2 Frederic Crozat 2012-09-18 08:10:47 UTC 
the systemd permission is coming from upstream:
commit f448d9e7c4b7396881b7b9e941f18d4493060819
Author: Bill Nottingham <notting@redhat.com>
Date:   Thu Oct 21 22:37:17 2010 -0400

    tmpfiles: Make wtmp match utmp perms, and add btmp.

I can change it to match /etc/permissions, depending on secteam decision.
Comment 3 Marcus Meissner 2012-11-19 15:45:37 UTC 
it should never be group readable, insofar the group should also be root
in my reasoning.



(reason is that it logs all failed login attempts, which might include passwords typed at the login prompt).

There should be no suggestion to allow "utmp" group access at all, so I would say: go to root:root  also in tmpfiles
Comment 4 Frederic Crozat 2012-11-19 18:15:14 UTC 
I've push fixes for Factory (sr 141957) and for 12.2 (pending in my 12.2 update branch http://download.opensuse.org/repositories/home:/fcrozat:/branches:/openSUSE:/12.2:/Update/openSUSE_12.2_Update/ for next maintenance release).
Comment 5 Frederic Crozat 2012-11-20 12:43:25 UTC 
requesting maintenance update for 12.2 : mr#142070
Comment 6 Benjamin Brunner 2012-11-20 20:29:41 UTC 
Thanks for the submission. I started an update, see openSUSE:Maintenance:1109
Comment 7 Bernhard Wiedemann 2012-11-23 12:00:15 UTC 
This is an autogenerated message for OBS integration:
This bug (777405) was mentioned in
https://build.opensuse.org/request/show/142568 Factory / systemd
Comment 8 Benjamin Brunner 2012-11-28 12:21:47 UTC 
Update released for 12.2. Resolved fixed.
Comment 9 Swamp Workflow Management 2012-11-28 13:08:37 UTC 
openSUSE-RU-2012:1582-1: An update that has 6 recommended fixes can now be installed.

Category: recommended (important)
Bug References: 777405,779449,780966,782271,783317,789151
CVE References: 
Sources used:
openSUSE 12.2 (src):    systemd-44-10.4.1, systemd-gtk-44-10.4.1