| 2012-03-28 22:04:04 |
C de-Avillez |
bug |
|
|
added bug |
| 2012-03-28 22:05:21 |
C de-Avillez |
attachment added |
|
directory /var/lib/tftpboot before re-importing a distro https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/967815/+attachment/2957200/+files/tftpboot.dir-before |
|
| 2012-03-28 22:05:50 |
C de-Avillez |
attachment added |
|
/var/lib/tftpboot after importing the distro https://bugs.launchpad.net/ubuntu/+source/cobbler/+bug/967815/+attachment/2957201/+files/tftpboot.dir-after |
|
| 2012-03-28 22:08:36 |
C de-Avillez |
description |
Every so often -- in fact whenever a new debian-installer is released for Precise -- we re-import the distro. In the process, the TFTP boot files are regenerated.
Somehow this changes /var/lib/tftpboot permissions on subdirectories and files. The result is NOT guaranteed to be bad, and it is NOT guaranteed to affect the same directories and files in the same way.
For example, the last occurence (today) shows only this change:
55,56c55,56
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-i386
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-x86_64
---
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-i386
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-x86_64
Notice the completely hosed permissions on the new directories.
As a result PXE booting may fail (in this case DID fail).
This is a serious issue, impacting automated testing.
ProblemType: Bug
DistroRelease: Ubuntu 11.10
Package: cobbler 2.1.0+git20110602-0ubuntu26.2
ProcVersionSignature: Ubuntu 3.0.0-12.20-server 3.0.4
Uname: Linux 3.0.0-12-server x86_64
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Wed Mar 28 21:52:56 2012
InstallationMedia: Ubuntu-Server 11.04 "Natty Narwhal" - Release amd64 (20110426)
PackageArchitecture: all
SourcePackage: cobbler
UpgradeStatus: Upgraded to oneiric on 2011-11-16 (133 days ago) |
Every so often -- in fact whenever a new debian-installer is released for Precise -- we re-import the distro. In the process, the TFTP boot files are regenerated.
Somehow this changes /var/lib/tftpboot permissions on subdirectories and files. The result is NOT guaranteed to be bad, and it is NOT guaranteed to affect the same directories and files in the same way.
For example, the last occurence (today) shows only this change:
55,56c55,56
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-i386
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-x86_64
---
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-i386
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-x86_64
Notice the completely hosed permissions on the new directories.
As a result PXE booting may fail (in this case DID fail).
This is a serious issue, impacting automated testing.
WORKAROUND:
find /var/lib/tftpboot -type d -exec sudo chmod 755 {} \;
find /var/lib/tftpboot -type f -exec sudo chmod 644 {} \;
but this is rather ridiculous ;-)
ProblemType: BugDistroRelease: Ubuntu 11.10
Package: cobbler 2.1.0+git20110602-0ubuntu26.2
ProcVersionSignature: Ubuntu 3.0.0-12.20-server 3.0.4
Uname: Linux 3.0.0-12-server x86_64
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Wed Mar 28 21:52:56 2012InstallationMedia: Ubuntu-Server 11.04 "Natty Narwhal" - Release amd64 (20110426)
PackageArchitecture: allSourcePackage: cobblerUpgradeStatus: Upgraded to oneiric on 2011-11-16 (133 days ago) |
|
| 2012-03-29 12:33:17 |
Launchpad Janitor |
cobbler (Ubuntu): status |
New |
Confirmed |
|
| 2012-03-29 12:33:20 |
Robie Basak |
bug |
|
|
added subscriber Robie Basak |
| 2012-03-31 20:50:00 |
C de-Avillez |
bug task added |
|
cobbler |
|
| 2012-11-15 17:52:11 |
C de-Avillez |
description |
Every so often -- in fact whenever a new debian-installer is released for Precise -- we re-import the distro. In the process, the TFTP boot files are regenerated.
Somehow this changes /var/lib/tftpboot permissions on subdirectories and files. The result is NOT guaranteed to be bad, and it is NOT guaranteed to affect the same directories and files in the same way.
For example, the last occurence (today) shows only this change:
55,56c55,56
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-i386
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-x86_64
---
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-i386
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-x86_64
Notice the completely hosed permissions on the new directories.
As a result PXE booting may fail (in this case DID fail).
This is a serious issue, impacting automated testing.
WORKAROUND:
find /var/lib/tftpboot -type d -exec sudo chmod 755 {} \;
find /var/lib/tftpboot -type f -exec sudo chmod 644 {} \;
but this is rather ridiculous ;-)
ProblemType: BugDistroRelease: Ubuntu 11.10
Package: cobbler 2.1.0+git20110602-0ubuntu26.2
ProcVersionSignature: Ubuntu 3.0.0-12.20-server 3.0.4
Uname: Linux 3.0.0-12-server x86_64
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Wed Mar 28 21:52:56 2012InstallationMedia: Ubuntu-Server 11.04 "Natty Narwhal" - Release amd64 (20110426)
PackageArchitecture: allSourcePackage: cobblerUpgradeStatus: Upgraded to oneiric on 2011-11-16 (133 days ago) |
Every so often -- in fact whenever a new debian-installer is released for Precise -- we re-import the distro. In the process, the TFTP boot files are regenerated.
Somehow this changes /var/lib/tftpboot permissions on subdirectories and files. The result is NOT guaranteed to be bad, and it is NOT guaranteed to affect the same directories and files in the same way.
For example, the last occurence (today) shows only this change:
55,56c55,56
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-i386
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-x86_64
---
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-i386
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-x86_64
Notice the completely hosed permissions on the new directories.
As a result PXE booting may fail (in this case DID fail).
This is a serious issue, impacting automated testing.
WORKAROUND:
find /var/lib/tftpboot -type d -exec sudo chmod 755 {} \;
find /var/lib/tftpboot -type f -exec sudo chmod 644 {} \;
but this is rather ridiculous ;-)
ProblemType: BugDistroRelease: Ubuntu 11.10
Package: cobbler 2.1.0+git20110602-0ubuntu26.2
ProcVersionSignature: Ubuntu 3.0.0-12.20-server 3.0.4
Uname: Linux 3.0.0-12-server x86_64
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Wed Mar 28 21:52:56 2012InstallationMedia: Ubuntu-Server 11.04 "Natty Narwhal" - Release amd64 (20110426)
PackageArchitecture: allSourcePackage: cobblerUpgradeStatus: Upgraded to oneiric on 2011-11-16 (133 days ago)
SRU Justifications
[IMPACT]
This bug causes the TFTP boot directories to be unreadable by PXE or TFTP. The change replaces wrong calls to os.umask() by direct open/close calls, with specific permissions. As a result, the program's default umask is not cobblered.
There is no visible impact on applying this fix elsewhere in the code.
[TESTCASE]
1. On an unpatched running Cobbler, set a script to run 'sudo cobbler sync' every half hour or so; let it run for a few hours/days
2. meanwhile check /var/lib/tftpboot (or whatever directory the PXE boot files are written to) for changes in the permissions: find /var/lib/tftpboot ! -perm -444
3. If the 'find' on (3) shows any files -- you reproduced the bug. Follow up to 4. below; otherwise, go back to 2. and try again
4. recover the /var/lib/tftpboot:
find /var/lib/tftpboot -type d -exec sudo chmod 755 {} \;
find /var/lib/tftpboot -type f -exec sudo chmod 644 {} \
5. apply the update
6. re-run the script/command 'sudo clobbler sync' every half hour or so; let it run for a few days.
7. repeat step 2. above every so often; you should see *no* files without read permission being listed.
8. wait the few days.
repeat step 2. once more -- no files should be listed.
9. DONE.
[REGRESSION POTENTIAL]
No regressions potentials have been identified. |
|
| 2012-11-15 18:09:18 |
C de-Avillez |
nominated for series |
|
Ubuntu Precise |
|
| 2012-11-15 18:09:18 |
C de-Avillez |
bug task added |
|
cobbler (Ubuntu Precise) |
|
| 2012-11-15 18:09:18 |
C de-Avillez |
nominated for series |
|
Ubuntu Quantal |
|
| 2012-11-15 18:09:18 |
C de-Avillez |
bug task added |
|
cobbler (Ubuntu Quantal) |
|
| 2012-11-15 18:10:08 |
C de-Avillez |
cobbler (Ubuntu Precise): status |
New |
In Progress |
|
| 2012-11-15 18:10:08 |
C de-Avillez |
cobbler (Ubuntu Precise): assignee |
|
C de-Avillez (hggdh2) |
|
| 2012-11-15 18:10:39 |
C de-Avillez |
cobbler (Ubuntu Quantal): status |
New |
Triaged |
|
| 2012-11-15 18:10:39 |
C de-Avillez |
cobbler (Ubuntu Quantal): assignee |
|
C de-Avillez (hggdh2) |
|
| 2012-11-15 18:11:51 |
C de-Avillez |
description |
Every so often -- in fact whenever a new debian-installer is released for Precise -- we re-import the distro. In the process, the TFTP boot files are regenerated.
Somehow this changes /var/lib/tftpboot permissions on subdirectories and files. The result is NOT guaranteed to be bad, and it is NOT guaranteed to affect the same directories and files in the same way.
For example, the last occurence (today) shows only this change:
55,56c55,56
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-i386
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-x86_64
---
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-i386
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-x86_64
Notice the completely hosed permissions on the new directories.
As a result PXE booting may fail (in this case DID fail).
This is a serious issue, impacting automated testing.
WORKAROUND:
find /var/lib/tftpboot -type d -exec sudo chmod 755 {} \;
find /var/lib/tftpboot -type f -exec sudo chmod 644 {} \;
but this is rather ridiculous ;-)
ProblemType: BugDistroRelease: Ubuntu 11.10
Package: cobbler 2.1.0+git20110602-0ubuntu26.2
ProcVersionSignature: Ubuntu 3.0.0-12.20-server 3.0.4
Uname: Linux 3.0.0-12-server x86_64
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Wed Mar 28 21:52:56 2012InstallationMedia: Ubuntu-Server 11.04 "Natty Narwhal" - Release amd64 (20110426)
PackageArchitecture: allSourcePackage: cobblerUpgradeStatus: Upgraded to oneiric on 2011-11-16 (133 days ago)
SRU Justifications
[IMPACT]
This bug causes the TFTP boot directories to be unreadable by PXE or TFTP. The change replaces wrong calls to os.umask() by direct open/close calls, with specific permissions. As a result, the program's default umask is not cobblered.
There is no visible impact on applying this fix elsewhere in the code.
[TESTCASE]
1. On an unpatched running Cobbler, set a script to run 'sudo cobbler sync' every half hour or so; let it run for a few hours/days
2. meanwhile check /var/lib/tftpboot (or whatever directory the PXE boot files are written to) for changes in the permissions: find /var/lib/tftpboot ! -perm -444
3. If the 'find' on (3) shows any files -- you reproduced the bug. Follow up to 4. below; otherwise, go back to 2. and try again
4. recover the /var/lib/tftpboot:
find /var/lib/tftpboot -type d -exec sudo chmod 755 {} \;
find /var/lib/tftpboot -type f -exec sudo chmod 644 {} \
5. apply the update
6. re-run the script/command 'sudo clobbler sync' every half hour or so; let it run for a few days.
7. repeat step 2. above every so often; you should see *no* files without read permission being listed.
8. wait the few days.
repeat step 2. once more -- no files should be listed.
9. DONE.
[REGRESSION POTENTIAL]
No regressions potentials have been identified. |
Every so often -- in fact whenever a new debian-installer is released for Precise -- we re-import the distro. In the process, the TFTP boot files are regenerated.
Somehow this changes /var/lib/tftpboot permissions on subdirectories and files. The result is NOT guaranteed to be bad, and it is NOT guaranteed to affect the same directories and files in the same way.
For example, the last occurence (today) shows only this change:
55,56c55,56
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-i386
< drwxr-xr-x 2 root root 4096 2012-03-22 23:13 precise-x86_64
---
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-i386
> d-w---x--- 2 root root 4096 2012-03-28 04:31 precise-x86_64
Notice the completely hosed permissions on the new directories.
As a result PXE booting may fail (in this case DID fail).
This is a serious issue, impacting automated testing.
WORKAROUND:
find /var/lib/tftpboot -type d -exec sudo chmod 755 {} \;
find /var/lib/tftpboot -type f -exec sudo chmod 644 {} \;
but this is rather ridiculous ;-)
ProblemType: BugDistroRelease: Ubuntu 11.10
Package: cobbler 2.1.0+git20110602-0ubuntu26.2
ProcVersionSignature: Ubuntu 3.0.0-12.20-server 3.0.4
Uname: Linux 3.0.0-12-server x86_64
ApportVersion: 1.23-0ubuntu4
Architecture: amd64
Date: Wed Mar 28 21:52:56 2012InstallationMedia: Ubuntu-Server 11.04 "Natty Narwhal" - Release amd64 (20110426)
PackageArchitecture: allSourcePackage: cobblerUpgradeStatus: Upgraded to oneiric on 2011-11-16 (133 days ago)
SRU Justifications
[IMPACT]
This bug causes the TFTP boot directories to be unreadable by PXE or TFTP. The change replaces wrong calls to os.umask() by direct open/close calls, with specific permissions. As a result, the program's default umask is not cobblered.
There is no visible impact on applying this fix elsewhere in the code.
[TESTCASE]
1. On an unpatched running Cobbler, set a script to run 'sudo cobbler sync' every half hour or so; let it run for a few hours/days
2. meanwhile check /var/lib/tftpboot (or whatever directory the PXE boot files are written to) for changes in the permissions: find /var/lib/tftpboot ! -perm -444
3. If the 'find' on (3) shows any files -- you reproduced the bug. Follow up to 4. below; otherwise, go back to 2. and try again
4. recover the /var/lib/tftpboot:
find /var/lib/tftpboot -type d -exec sudo chmod 755 {} \;
find /var/lib/tftpboot -type f -exec sudo chmod 644 {} \
5. apply the update
6. re-run the script/command 'sudo clobbler sync' every half hour or so; let it run for a few days.
7. repeat step 2. above every so often; you should see *no* files without read permission being listed.
8. wait the few days.
repeat step 2. once more -- no files should be listed.
9. DONE.
[REGRESSION POTENTIAL]
No regression potentials have been identified. |
|
| 2012-11-15 18:54:54 |
Andres Rodriguez |
cobbler (Ubuntu): assignee |
|
Andres Rodriguez (andreserl) |
|
| 2012-11-15 19:12:08 |
Andres Rodriguez |
cobbler (Ubuntu): status |
Confirmed |
Fix Committed |
|
| 2012-11-15 19:12:13 |
Andres Rodriguez |
cobbler (Ubuntu Precise): status |
In Progress |
Confirmed |
|
| 2012-11-15 19:12:17 |
Andres Rodriguez |
cobbler (Ubuntu Precise): status |
Confirmed |
New |
|
| 2012-11-15 19:12:19 |
Andres Rodriguez |
cobbler (Ubuntu Quantal): status |
Triaged |
New |
|
| 2012-11-15 19:12:21 |
Andres Rodriguez |
cobbler (Ubuntu Precise): importance |
Undecided |
Critical |
|
| 2012-11-15 19:12:22 |
Andres Rodriguez |
cobbler (Ubuntu Quantal): importance |
Undecided |
Critical |
|
| 2012-11-15 19:12:24 |
Andres Rodriguez |
cobbler (Ubuntu): importance |
Undecided |
Critical |
|
| 2012-11-15 19:12:30 |
Andres Rodriguez |
cobbler (Ubuntu Precise): assignee |
C de-Avillez (hggdh2) |
|
|
| 2012-11-15 19:12:33 |
Andres Rodriguez |
cobbler (Ubuntu Quantal): assignee |
C de-Avillez (hggdh2) |
|
|
| 2012-11-15 19:12:42 |
Andres Rodriguez |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
| 2012-11-15 19:44:24 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/raring-proposed/cobbler |
|
| 2012-11-15 19:59:12 |
Launchpad Janitor |
cobbler (Ubuntu): status |
Fix Committed |
Fix Released |
|
| 2012-11-15 21:01:38 |
Dave Walker |
cobbler (Ubuntu Quantal): status |
New |
Fix Committed |
|
| 2012-11-15 21:01:41 |
Dave Walker |
bug |
|
|
added subscriber SRU Verification |
| 2012-11-15 21:01:49 |
Dave Walker |
tags |
amd64 apport-bug oneiric qa-manual-testing |
amd64 apport-bug oneiric qa-manual-testing verification-needed |
|
| 2012-11-15 21:02:24 |
Dave Walker |
cobbler (Ubuntu Precise): status |
New |
Fix Committed |
|
| 2012-11-15 21:03:54 |
Dave Walker |
tags |
amd64 apport-bug oneiric qa-manual-testing verification-needed |
amd64 apport-bug oneiric qa-manual-testing verification-needed-precise verification-needed-quantal |
|
| 2012-11-15 21:12:16 |
Launchpad Janitor |
branch linked |
|
lp:~ubuntu-branches/ubuntu/precise/cobbler/precise-proposed |
|
| 2012-11-15 21:12:24 |
Launchpad Janitor |
branch linked |
|
lp:ubuntu/quantal-proposed/cobbler |
|
| 2012-12-19 14:22:04 |
Andres Rodriguez |
tags |
amd64 apport-bug oneiric qa-manual-testing verification-needed-precise verification-needed-quantal |
amd64 apport-bug oneiric qa-manual-testing verification-done verification-done-precise verification-done-quantal |
|
| 2012-12-19 15:08:24 |
Colin Watson |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
| 2012-12-19 15:09:10 |
Launchpad Janitor |
cobbler (Ubuntu Precise): status |
Fix Committed |
Fix Released |
|
| 2012-12-19 15:09:15 |
Launchpad Janitor |
cobbler (Ubuntu Quantal): status |
Fix Committed |
Fix Released |
|
