Trusted extensions /etc/security/tsol/label_encodings file installed with wrong permissions during gate build
During a illumos-gate build, trusted extensions: /etc/security/tsol/label_encodings file is installed with the wrong permissions. The closed binary archive includes this file with permissions r--r--r but the mainfest expects it to be r--------.
Updated by Klaus Ziegler 12 months ago
The OpenIndiana illumos-closed package delivers /etc/security/tsol/label_encodings with wrong permissions:
klausz@legolas % ls
l /opt/onbld/closed/root_i386-nd/etc/security/tsol/label_encodings 1 root bin 2966 Feb. 18 15:50 /opt/onbld/closed/root_i386-nd/etc/security/tsol/label_encodings
To change the permission in the OI illumos-closed package isn't an option, because we normally build the gate a non privileged
user and therefore wouldn't be able to read the file from /opt with perms 0400.
Note: it only happens if you set CLOSED_ROOT and not ON_CLOSED_BINS in the build .env file.
Updated by Electric Monk 12 months ago
- Status changed from New to Closed
- % Done changed from 80 to 100
commit 05c0ef072824e9e875c8b4ba7db90d3d270fccf7 Author: Klaus Ziegler <firstname.lastname@example.org> Date: 2021-06-01T02:20:35.000Z 13815 Trusted extensions /etc/security/tsol/label_encodings file installed with wrong permissions during gate build Reviewed by: Andy Fiddaman <email@example.com> Reviewed by: Toomas Soome <firstname.lastname@example.org> Approved by: Robert Mustacchi <email@example.com>