Mode of /etc/mythtv/mysql.txt should be 660

Hi, can you please verify this behavior on 9.04? This may have been a
bug in a large portion of the mythtv chain, but I seem to believe it
has been fixed already. The new versions ask to put you in the mythtv
group and continue to work after dpkg reconfigure of myth* or MCC
runs.

On 03/15/2009, JanCeuleers <email address hidden> wrote:
> Public bug reported:
>
> My frontend machine runs mythfrontend as user frontend, not as user
> mythtv. I believe that this is a supported configuration.
>
> User frontend is a member of group mythtv.
>
> This is however not enough for user frontend to be able to read
> /etc/mythtv/mysql.txt, since it has mode 600.
>
> I think that this file should have mode 660 so that members of group
> mythtv are able to access it.
>
> Something (I don't know what) periodically resets the mode of this file
> to 600, causing my frontend no longer to be able to access the database.
>
> Details:
>
> root@fe2:~# lsb_release -rd
> Description: Ubuntu 7.10
> Release: 7.10
> root@fe2:~# apt-cache policy mythtv
> mythtv:
> Installed: (none)
> Candidate: 0.21.0-0ubuntu2~gutsy1
> Version table:
> 0.21.0-0ubuntu2~gutsy1 0
> 500 http://be.archive.ubuntu.com gutsy-backports/multiverse Packages
> 0.20.2-0ubuntu10.1 0
> 500 http://be.archive.ubuntu.com gutsy-updates/multiverse Packages
> 0.20.2-0ubuntu10 0
> 500 http://be.archive.ubuntu.com gutsy/multiverse Packages
>
> ** Affects: mythtv (Ubuntu)
> Importance: Undecided
> Status: New
>
> --
> Mode of /etc/mythtv/mysql.txt should be 660
> https://bugs.launchpad.net/bugs/343204
> You received this bug notification because you are a member of MythTV
> Ubuntu Maintainers, which is subscribed to mythtv in ubuntu.
>

--
Sent from my mobile device

Mario Limonciello
<email address hidden>

Mario,

Thanks for your comment.

Unfortunately, trying 9.04 is not an option for me right now; this is a "production" system which has many version dependencies outside of mythtv.

If you believe that this problem has been solved in recent versions of mythtv (or mythbuntu) then I'm happy. Meanwhile I can just chmod the file from /etc/rc.local as a work-around.

Up to you what to do about this ticket; I'm not opposed to it being closed.

Cheers, Jan

Hi Jan,
I believe it to be closed, but it would be best if you could identify
the place causing thne wrong permissions on 7.10 so we could verify
that this is indeed the case in 9.04.

Here's some starting points:
MCC
Mythtv init script
Mythfrontend wrapper script

On 03/15/2009, JanCeuleers <email address hidden> wrote:
> Mario,
>
> Thanks for your comment.
>
> Unfortunately, trying 9.04 is not an option for me right now; this is a
> "production" system which has many version dependencies outside of
> mythtv.
>
> If you believe that this problem has been solved in recent versions of
> mythtv (or mythbuntu) then I'm happy. Meanwhile I can just chmod the
> file from /etc/rc.local as a work-around.
>
> Up to you what to do about this ticket; I'm not opposed to it being
> closed.
>
> Cheers, Jan
>
> --
> Mode of /etc/mythtv/mysql.txt should be 660
> https://bugs.launchpad.net/bugs/343204
> You received this bug notification because you are a member of MythTV
> Ubuntu Maintainers, which is subscribed to mythtv in ubuntu.
>

--
Sent from my mobile device

Mario Limonciello
<email address hidden>

Mario,

I will attempt to identify the cause of the mode squashing of this file.
It will be a fez days before I have a chance to look at this though.

Thanks, Jan

Here's my feeble attempt at diagnosing this:

****
mythbuntu-control-centre_0.10-0ubuntu1_all.deb is not the smoking gun, but it does contain the following in data/usr/share/pycentral/mythbuntu-control-centre/site-packages/MythbuntuControlCentre/changer.py:

    def write_mysql_txt(self,user,password,database,server):
        """Writes out a mysql.txt in /etc/mythtv"""
        if os.path.exists("/etc/mythtv/mysql.txt"):
            print "Moving /etc/mythtv/mysql.txt to /etc/mythtv/mysql.txt.mythbuntu-old"
            shutil.move("/etc/mythtv/mysql.txt", "/etc/mythtv/mysql.txt.mythbuntu-old")
        out_f = open("/etc/mythtv/mysql.txt", "w")
        out_f.write("DBHostName=" + server + "\n")
        out_f.write("DBUserName=" + user + "\n")
        out_f.write("DBName=" + database + "\n")
        out_f.write("DBPassword=" + password + "\n")
        out_f.close()

This snippet does not appear to set the mode of the file at all, so that it inherits the permissions from /etc/mythtv (which on my system is owner by root). I think that this does need to be fixed.
****
mythtv-common_0.20.2-0ubuntu10_all.deb

control/postinst contains the following:

        NEW=$(mktemp -t mysql.txt-XXXXXX)
        if [ -s /etc/mythtv/mysql.txt ]; then
            INPUT=/etc/mythtv/mysql.txt
            chown --reference="$INPUT" "$NEW"
            chmod --reference="$INPUT" "$NEW"
        else
            INPUT=/usr/share/mythtv/mysql.txt.dist
            chown mythtv:mythtv "$NEW"
            chmod 660 "$NEW"
        fi

($NEW later gets mv-ed into place).

This seems correct: it either inherits the ownership and mode of the file if it already exists, or else it gets set to mythtv:mythtv and 660.
****

That's all I've been able to come up with. This was done by searching for "mysql.txt" within the files contained in the deb archives (ar -x, followed by tar zxvf of both data and control files, followed by fgrep -r).

If you have other suggestions for diagnosing this I'd be delighted.

Thanks

Yeah so it's probably MCC that is doing it then solely, and still needs to
be fixed. Thanks for diagnosing!

On Sat, Mar 21, 2009 at 11:43, JanCeuleers <email address hidden>wrote:

> Here's my feeble attempt at diagnosing this:
>
> ****
> mythbuntu-control-centre_0.10-0ubuntu1_all.deb is not the smoking gun, but
> it does contain the following in
> data/usr/share/pycentral/mythbuntu-control-centre/site-packages/MythbuntuControlCentre/changer.py:
>
> def write_mysql_txt(self,user,password,database,server):
> """Writes out a mysql.txt in /etc/mythtv"""
> if os.path.exists("/etc/mythtv/mysql.txt"):
> print "Moving /etc/mythtv/mysql.txt to
> /etc/mythtv/mysql.txt.mythbuntu-old"
> shutil.move("/etc/mythtv/mysql.txt",
> "/etc/mythtv/mysql.txt.mythbuntu-old")
> out_f = open("/etc/mythtv/mysql.txt", "w")
> out_f.write("DBHostName=" + server + "\n")
> out_f.write("DBUserName=" + user + "\n")
> out_f.write("DBName=" + database + "\n")
> out_f.write("DBPassword=" + password + "\n")
> out_f.close()
>
> This snippet does not appear to set the mode of the file at all, so that it
> inherits the permissions from /etc/mythtv (which on my system is owner by
> root). I think that this does need to be fixed.
> ****
> mythtv-common_0.20.2-0ubuntu10_all.deb
>
> control/postinst contains the following:
>
> NEW=$(mktemp -t mysql.txt-XXXXXX)
> if [ -s /etc/mythtv/mysql.txt ]; then
> INPUT=/etc/mythtv/mysql.txt
> chown --reference="$INPUT" "$NEW"
> chmod --reference="$INPUT" "$NEW"
> else
> INPUT=/usr/share/mythtv/mysql.txt.dist
> chown mythtv:mythtv "$NEW"
> chmod 660 "$NEW"
> fi
>
> ($NEW later gets mv-ed into place).
>
> This seems correct: it either inherits the ownership and mode of the file
> if it already exists, or else it gets set to mythtv:mythtv and 660.
> ****
>
> That's all I've been able to come up with. This was done by searching
> for "mysql.txt" within the files contained in the deb archives (ar -x,
> followed by tar zxvf of both data and control files, followed by fgrep
> -r).
>
> If you have other suggestions for diagnosing this I'd be delighted.
>
> Thanks
>
> --
> Mode of /etc/mythtv/mysql.txt should be 660
> https://bugs.launchpad.net/bugs/343204
> You received this bug notification because you are a member of MythTV
> Ubuntu Maintainers, which is subscribed to mythtv in ubuntu.
>

--
Mario Limonciello
<email address hidden>
Sent from: Austin Texas United States.

Here is the full list of deb files I searched through, just in case you can point me to files I should also have inspected:

libmyth-0.20_0.20.2-0ubuntu10_i386.deb
libmyth-dev_0.20.2-0ubuntu10_i386.deb
mytharchive_0.20.2-0ubuntu2_i386.deb
mytharchive-data_0.20.2-0ubuntu2_all.deb
mythbrowser_0.20.2-0ubuntu2_i386.deb
mythbuntu-artwork-usplash_0.6-0ubuntu1_i386.deb
mythbuntu-control-centre_0.10-0ubuntu1_all.deb
mythbuntu-default-settings_0.63-0ubuntu1_all.deb
mythbuntu-desktop_0.8_i386.deb
mythbuntu-gdm-theme_0.2-0ubuntu1_all.deb
mythbuntu-lirc-generator_0.16-0ubuntu1_all.deb
mythcontrols_0.20.2-0ubuntu2_i386.deb
mythdvd_0.20.2-0ubuntu2_i386.deb
mythgallery_0.20.2-0ubuntu2_i386.deb
mythmusic_0.20.2-0ubuntu2_i386.deb
mythnews_0.20.2-0ubuntu2_i386.deb
mythplugins_0.20.2-0ubuntu2_all.deb
mythstream_0.17.2-0ubuntu1_i386.deb
mythtv_0.20.2-0ubuntu10_all.deb
mythtv-backend_0.20.2-0ubuntu10_i386.deb
mythtv-common_0.20.2-0ubuntu10_all.deb
mythtv-database_0.20.2-0ubuntu10_all.deb
mythtv-doc_0.20.2-0ubuntu10_all.deb
mythtv-frontend_0.20.2-0ubuntu10_i386.deb
mythtv-themes_0.20-0.1ubuntu1_all.deb
mythtv-transcode-utils_0.20.2-0ubuntu10_i386.deb
mythtvfs_0.5.0-1_i386.deb
mythvideo_0.20.2-0ubuntu2_i386.deb
mythweather_0.20.2-0ubuntu2_i386.deb
mythweb_0.20.2-0ubuntu2_all.deb
ubuntu-mythtv-frontend_0.20.2-0ubuntu10_all.deb

I'm afraid I'm not able to actually fix this

mythbuntu-common r105

This bug was fixed in the package mythbuntu-common - 0.30-0ubuntu1

---------------
mythbuntu-common (0.30-0ubuntu1) karmic; urgency=low

  * plugins:
    - Check that we can actually read mythweb-digest before
      proceeding.
  * mythbuntu_common/vnc.py:
    - Wait until we get a pexpect.EOF so that fast machines
      don't kill the pexpect too early. (Race condition problem)
  * mythbuntu_common/mysql.py:
    - Make sure that we don't make a new file when making mcc changes.
      Write the changes to the old file so perms remain. (LP: #343204)
    - Add a run_mysql_commands function for executing mysql commands
      using the system mysql.txt.
  * mythbuntu_common/logging.py:
    - We should really just use python's logging module instead. Drop.

 -- Mario Limonciello <email address hidden> Thu, 18 Jun 2009 01:39:26 -0500