netbsd-bugs: bin/32731: Old rwhod data files not writable after update to 3.99

Subject: bin/32731: Old rwhod data files not writable after update to 3.99
To: None <gnats-admin@netbsd.org, netbsd-bugs@netbsd.org>
From: Michael-John Turner <mj@turner.org.za>
List: netbsd-bugs
Date: 02/04/2006 17:10:00

>Number:         32731
>Category:       bin
>Synopsis:       Old rwhod data files not writable after update to 3.99
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    bin-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Sat Feb 04 17:10:00 +0000 2006
>Originator:     Michael-John Turner
>Release:        NetBSD 3.99.15
>Organization:
-- 
Michael-John Turner | http://weblogs.turner.org.za/mj/
mj@turner.org.za    | Open Source in WC ZA - http://www.clug.org.za/
>Environment:
System: NetBSD tesla.pimp.org.za 3.99.15 NetBSD 3.99.15 (TESLA_3.99) #0: Mon Jan 23 23:14:09 SAST 2006 root@tesla.pimp.org.za:/usr/obj/sys/compile/TESLA_3.99 sparc64
Architecture: sparc64
Machine: sparc64
>Description:
When upgrading to -current from an earlier release, rwhod data files are
no longer writable. This is because older (pre-3.99) versions of rwhod
ran as root, with data files owned by root:wheel. rwhod now runs as
_rwhod:_rwhod, with the result that it cannot write to the old data
files.

The following entries appear in log files:
Jan 31 00:01:55 tesla rwhod[764]: whod.katana: Permission denied
Jan 31 00:02:34 tesla rwhod[764]: whod.sign: Permission denied
...etc

>How-To-Repeat:
Upgrade from a pre-3.99 release to 3.99.
>Fix:
A simple workaround is to "chown _rwhod:_rwhod /var/rwho/whod.*"

See the patch below. This updates postinstall(1) to fix the permissions
and ownership of files in /var/rwho.


--- postinstall	2005-11-23 12:26:05.000000000 +0200
+++ postinstall.new	2006-02-04 18:42:25.000000000 +0200
@@ -994,6 +994,54 @@
 }
 
 #
+# rwhod permissions
+#
+additem rwhod "rwhod data permission update"
+do_rwhod()
+{
+	[ -n "$1" ] || err 2 "USAGE: do_rwhod  fix|check"
+	op=$1
+
+	# check rwhod data files
+	failed=0
+	_rwdata="${DEST_DIR}/var/rwho"
+	_rwmode="0644"
+	_rwowner="_rwhod:_rwhod"
+	_rwownerfmt="%p %Su:%Sg"
+
+	_rwfiles=$(echo ${_rwdata}/whod.*)
+	if [ "${_rwfiles}" = "${_rwdata}/whod.*" ]; then
+		msg "No rwhod data files found: skipping check"
+		return 1
+	fi
+
+   # check that owner and mode match what is required
+   _notfixed=""
+	for _rwfile in ${_rwfiles}
+	do
+		if ! stat "${op}" "${_rwownerfmt}" "${_rwfile}" \
+  	     "10${_rwmode} ${_rwowner}"; then
+			if [ "${op}" = "fix" ]; then
+				_notfixed=${NOT_FIXED}
+				if chown "${_rwowner}" "${_rwfile}" 2>/dev/null &&
+					chmod "${_rwmode}" "${_rwfile}" 2>/dev/null
+				then
+					_notfixed=" [ FIXED ]"
+				else
+					failed=1
+				fi
+			else
+				_notfixed=""
+				failed=1
+			fi
+			msg "rwhod data file ${_rwfile} has wrong owner/mode${_notfixed}"
+  	 	fi
+	done
+
+	return ${failed}
+}
+
+#
 #	wscons
 #
 additem wscons "wscons configuration file update"

>Unformatted:
 Snapshot date: Tue Jan 17 04:27:07 UTC 2006