OpenVista/GT.M Integration

Enhance ovcheckperms to report on the gtmsignal and gtmsecshr binaries

Bug #812962 reported by Ben Mehling on 2011-07-19

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	OpenVista/GT.M Integration	New	Undecided	Unassigned

Bug Description

The gtmsignal (and presumably the gtmsecshr) binaries are helper utilities that allow non-privileged users to signal GT.M for process information (generally via the %SS, MSCZJOB* and munin-node utilities). They need to have the owner setuid in order to do this. See below.

> ls -la /opt/lsb-gtm/V5.4-000A_x86_64/gtms*
-r-xr-x--- 1 root gtm 8216 Nov 9 2010 /opt/lsb-gtm/V5.4-000A_x86_64/gtmsecshr
-r-xr-x--- 1 root gtm 13062 Dec 7 2010 /opt/lsb-gtm/V5.4-000A_x86_64/gtmsignal

> sudo chmod 4550 gtmsignal
> sudo chmod 4550 gtmsecshr

> ls -la /opt/lsb-gtm/V5.4-000A_x86_64/gtms*
-r-sr-x--- 1 root gtm 8216 Nov 9 2010 /opt/lsb-gtm/V5.4-000A_x86_64/gtmsecshr
-r-sr-x--- 1 root gtm 13062 Dec 7 2010 /opt/lsb-gtm/V5.4-000A_x86_64/gtmsignal

===

I realize that ovcheckperms is generally used to check openvista proper files and directory permissions and not files w/in the GT.M package, however I'm not sure where else this perm check could go...

Report a bug

This report contains Public information

Everyone can see this information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.