Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine

From:	Phil D'Amore
Subject:	Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine2
Date:	Wed, 15 Oct 2003 08:56:44 -0400
User-agent:	Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.3) Gecko/20030314

The real directory it is complaining about here is probably/var/lib/cfengine2/ppkeys. This bit me with my RPM after going to2.0.8p1. I'm assuming w/o RTFS that there was a check placed in thecode to verify the perms on the key directory (ppkeys) are tight. Whencfkey runs and no ppkeys directory exists it is auto-created mode 0400,so there is no issue. For me, I found that I was not preserving this inmy RPM's %files section, and upgrades where causing the permissions torevert to something less secure, causing cfengine to complain.

Explicitly fixing my package to set the perms on the ppkeys dir to 0400solves it.


Kief Morris wrote:

I'm no longer able to install the cfengine2 package from the testing 
distribution of Debian.
Upgrading it on machines where it's already installed doesn't seem to cause a 
problem,
but a new install gets an error when I do apt-get install cfengine2:

   Selecting previously deselected package cfengine2.
  (Reading database ... 14446 files and directories currently installed.)
   Unpacking cfengine2 (from .../cfengine2_2.0.9+2.1.0b3-1_i386.deb) ...
   Setting up cfengine2 (2.0.9+2.1.0b3-1) ...
   ::UNTRUSTED: Private key directory /var/lib/cfengine2 was not private!

The /var/lib/cfengine2 directory doesn't exist before I run the install, so 
it's the
install process which is setting up the directory and then bitching that it 
doesn't
like the permissions on it.

I'm asking here because I've seen a couple messages on this list about
permissions on this directory under Debian, so I'm wondering if there's a link,
or at least people who understand what's going wrong.

Thanks,
Kief



_______________________________________________
Help-cfengine mailing list
Help-cfengine@gnu.org
http://mail.gnu.org/mailman/listinfo/help-cfengine


--
Phil D'Amore                             "Sometimes there is a fine line
Senior System Administrator               between criminally abusive
Red Hat, Inc                              behavior and fun."
Office: 919.754.3700 x44395                 -- Ted the Generic Guy
Pager: 877.383.8795                            (Dilbert 4/19/2003)

[Prev in Thread]

Current Thread

[Next in Thread]

debian package cfengine2 is broken? permissions on /var/lib/cfengine2, Kief Morris, 2003/10/15
- Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine2, Phil D'Amore <=
  - Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine2, Kief Morris, 2003/10/15
    - Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine2, Reenen Kroukamp, 2003/10/15
- Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine2, Andrew Stribblehill, 2003/10/15

Prev by Date: debian package cfengine2 is broken? permissions on /var/lib/cfengine2
Next by Date: Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine2
Previous by thread: debian package cfengine2 is broken? permissions on /var/lib/cfengine2
Next by thread: Re: debian package cfengine2 is broken? permissions on /var/lib/cfengine2
Index(es):
- Date
- Thread