1184786 – Deduplicate directory ownership with filesystem package

Bug 1184786 - Deduplicate directory ownership with filesystem package

Summary: Deduplicate directory ownership with filesystem package

Status:	NEW
Duplicates (1):	1184787 (view as bug list)

Alias:	None

Product:	openSUSE Tumbleweed
Classification:	openSUSE
Component:	Basesystem (show other bugs)
Version:	Current
Hardware:	Other Other

Priority:	P5 - None Severity: Normal (vote)
Target Milestone:	---
Assignee:	Ruediger Oertel
QA Contact:	E-mail List

URL:
Whiteboard:
Keywords:

Depends on:	1188994
Blocks:	1165830
	Show dependency tree / graph

Clone This Bug

Reported:	2021-04-15 09:06 UTC by Dirk Mueller
Modified:	2023-09-13 08:50 UTC (History)
CC List:	1 user (show)

See Also:	1197169
Found By:	---
Services Priority:
Business Priority:
Blocker:	---
Marketing QA Status:	---
IT Deployment:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Dirk Mueller 2021-04-15 09:06:31 UTC

Hi, 

checksec pointed out that various directories in our /usr are 0755 while they're 0555 on Fedora and Red Hat. For more hardened environments this might make a difference, as it prevents a user "root" that doesn't have DAC_OVERRIDE permission to no longer write/create files there. 

In order to achieve that, only one package need to own the permissions of that directory. currently we have various packages co-owning it, which means actual permission would depend on installation order, and we'd get installation conflicts. 

This can be prevented by de-duplicating directory ownership. this is a tracker bug that tracks the work related to it.

Comment 1 Andreas Stieger 2021-04-15 16:39:44 UTC

*** Bug 1184787 has been marked as a duplicate of this bug. ***

Comment 2 OBSbugzilla Bot 2021-04-16 17:10:03 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/886085 Factory / scribus

Comment 3 OBSbugzilla Bot 2021-04-16 18:00:03 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/886089 Factory / jag

Comment 4 OBSbugzilla Bot 2021-04-17 08:50:04 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/886220 Factory / gobby

Comment 5 OBSbugzilla Bot 2021-04-17 09:30:03 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/886241 Factory / qt6-base

Comment 6 OBSbugzilla Bot 2021-04-20 08:40:04 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/886907 Factory / kronometer

Comment 7 OBSbugzilla Bot 2021-05-14 09:40:02 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/893065 Factory / filesystem

Comment 8 OBSbugzilla Bot 2021-05-15 20:00:03 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/893334 Factory / filesystem

Comment 9 OBSbugzilla Bot 2021-06-07 03:20:06 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/897917 Factory / deepin-movie
https://build.opensuse.org/request/show/897918 Factory / deepin-draw
https://build.opensuse.org/request/show/897920 Factory / deepin-image-viewer
https://build.opensuse.org/request/show/897921 Factory / deepin-music-player
https://build.opensuse.org/request/show/897922 Factory / deepin-screen-recorder
https://build.opensuse.org/request/show/897923 Factory / deepin-voice-note

Comment 24 OBSbugzilla Bot 2021-11-04 09:40:16 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/929127 Backports:SLE-15-SP4 / kstars

Comment 26 OBSbugzilla Bot 2022-03-01 18:10:04 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/958320 Backports:SLE-15-SP3 / opi

Comment 27 Swamp Workflow Management 2022-03-05 23:16:03 UTC

openSUSE-RU-2022:0073-1: An update that has two recommended fixes can now be installed.

Category: recommended (moderate)
Bug References: 1184786,1195206
CVE References: 
JIRA References: 
Sources used:
openSUSE Backports SLE-15-SP3 (src):    opi-2.4.4-bp153.2.3.1

Comment 35 Maintenance Automation 2023-03-17 08:30:14 UTC

SUSE-FU-2023:0789-1: An update that contains one feature and has six feature fixes can now be installed.

Category: feature (important)
Bug References: 1087426, 1166619, 1184786, 1207358, 1207563, 1207989
Jira References: PED-3628
Sources used:
openSUSE Leap 15.4 (src): lapack-3.9.0-150000.4.13.2, lapack-man-3.9.0-150000.4.13.2
Basesystem Module 15-SP4 (src): lapack-3.9.0-150000.4.13.2
Development Tools Module 15-SP4 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise High Performance Computing 15 SP1 LTSS 15-SP1 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise High Performance Computing 15 SP2 LTSS 15-SP2 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise High Performance Computing ESPOS 15 SP3 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise High Performance Computing LTSS 15 SP3 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise Real Time 15 SP3 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise Server 15 SP1 LTSS 15-SP1 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise Server 15 SP2 LTSS 15-SP2 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise Server 15 SP3 LTSS 15-SP3 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise Server for SAP Applications 15 SP1 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise Server for SAP Applications 15 SP2 (src): lapack-3.9.0-150000.4.13.2
SUSE Linux Enterprise Server for SAP Applications 15 SP3 (src): lapack-3.9.0-150000.4.13.2
SUSE Manager Proxy 4.2 (src): lapack-3.9.0-150000.4.13.2
SUSE Manager Retail Branch Server 4.2 (src): lapack-3.9.0-150000.4.13.2
SUSE Manager Server 4.2 (src): lapack-3.9.0-150000.4.13.2
SUSE Enterprise Storage 7.1 (src): lapack-3.9.0-150000.4.13.2
SUSE Enterprise Storage 7 (src): lapack-3.9.0-150000.4.13.2
SUSE CaaS Platform 4.0 (src): lapack-3.9.0-150000.4.13.2

NOTE: This line indicates an update has been released for the listed product(s). At times this might be only a partial fix. If you have questions please reach out to maintenance coordination.

Comment 39 OBSbugzilla Bot 2023-09-12 14:35:07 UTC

This is an autogenerated message for OBS integration:
This bug (1184786) was mentioned in
https://build.opensuse.org/request/show/1110634 Factory / filesystem