[Zenoss-dev] Re: Issues with 2.1.70
cgriebel
cgriebel at csc.com
Mon Jan 28 11:14:21 EST 2008
There is a potential problem with these instructions:
chmod 04750 $ZENHOME/bin/zensocket
chown root:zenoss $ZENHOME/bin/zensocket
Per "man 2 chown" on my RHEL4:
When the owner or group of an executable file are changed by a non-super-user, the S_ISUID and S_ISGID mode bits are cleared. POSIX does not specify whether this also should happen when root does the chown; the Linux behaviour depends on the kernel version.
The solution is to reverse the order and do the chown before the chmod.
It's likely that people are dropping the SETUID bit. I did a test and found that that it drops the bit on RHEL4 when the chown is done after the chmod.
Chock
-------------------- m2f --------------------
Read this topic online here:
http://community.zenoss.com/forums/viewtopic.php?p=15834#15834
-------------------- m2f --------------------
More information about the zenoss-dev
mailing list