Date: Wed, 19 Jan 2022 10:56:29 +0000 From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 261329] freebsd-update IDS has nonsensical output when link permissions are wrong Message-ID: <bug-261329-227@https.bugs.freebsd.org/bugzilla/>
next in thread | raw e-mail | index | archive | help
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261329 Bug ID: 261329 Summary: freebsd-update IDS has nonsensical output when link permissions are wrong Product: Base System Version: 13.0-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: misc Assignee: bugs@FreeBSD.org Reporter: martin@waschbuesch.de if a symlink (for instance in the certificate store, but affects other stuf= f as well) has the wrong permissions, freebsd-update IDS will output nonsensical errors: freebsd-update IDS ... /etc/ssl/blacklisted/dc45b0bd.0 is a symlink, but should be a=20 /etc/ssl/blacklisted/ee1365c0.0 is a symlink, but should be a=20 /etc/ssl/blacklisted/f90208f7.0 is a symlink, but should be a=20 ... This rather suggests that those items should not be symlinks when in fact i= t is the permissions that are incorrect. Steps to reproduce: symlinks in /etc/ssl/blacklisted/ are supposed to have permissions of 755. Let's deviate from that expectation: chmod o-rwx /etc/ssl/blacklisted/* and then run freebsd-update IDS PS: I cam across this because "certctl rehash" apparently obeys changes to umask in login.conf. I'll create an additional PR for that (assuming that information about blacklisted certs should indeed be readable by world). --=20 You are receiving this mail because: You are the assignee for the bug.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?bug-261329-227>