[Bug 2048527] [NEW] rpcbind init.d script doesn't work with SELinux

Robert Groh 2048527 at bugs.launchpad.net
Mon Jan 8 12:54:15 UTC 2024 

Public bug reported:

The line:

> if [ `ls -dl "$STATEDIR" | grep -cE '^drwxr-xr-x [0-9]+ _rpc root '` -lt 1 ] ; then
(see: https://salsa.debian.org/debian/rpcbind/-/blob/bee1a6f5de6c8d693565167b6a9d82325d806d0f/debian/init.d#L42)

won't work in a SELinux setup.

with:
STATEDIR=/run/rpcbind
> ls -dl "$STATEDIR"
will produce the following output:
> drwxr-xr-x. 2 _rpc root 4096 Jan  8 11:48 /run/rpcbind

Notice the dot (.) following the file permissions, which breaks the grep
pattern on my system.

According to the docs of `ls`, the dot represents a security context:

running 
> info coreutils 'ls invocation' | grep -1 '[.+]. character'
outputs: 
     GNU ‘ls’ uses a ‘.’ character to indicate a file with a security
     context, but no other alternate access method.

Please, adjust the check to support also a security context.

ProblemType: Bug
DistroRelease: Ubuntu 22.04
Package: rpcbind 1.2.6-2build1
Uname: Linux 5.15.111-flatcar x86_64
ApportVersion: 2.20.11-0ubuntu82.5
Architecture: amd64
CasperMD5CheckResult: unknown
Date: Mon Jan  8 12:41:58 2024
ProcEnviron:
 TERM=xterm
 PATH=(custom, no user)
SourcePackage: rpcbind
UpgradeStatus: No upgrade log present (probably fresh install)

** Affects: rpcbind (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug jammy

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to rpcbind in Ubuntu.
https://bugs.launchpad.net/bugs/2048527

Title:
  rpcbind init.d script doesn't work with SELinux

Status in rpcbind package in Ubuntu:
  New

Bug description:
  The line:

  > if [ `ls -dl "$STATEDIR" | grep -cE '^drwxr-xr-x [0-9]+ _rpc root '` -lt 1 ] ; then
  (see: https://salsa.debian.org/debian/rpcbind/-/blob/bee1a6f5de6c8d693565167b6a9d82325d806d0f/debian/init.d#L42)

  won't work in a SELinux setup.

  with:
  STATEDIR=/run/rpcbind
  > ls -dl "$STATEDIR"
  will produce the following output:
  > drwxr-xr-x. 2 _rpc root 4096 Jan  8 11:48 /run/rpcbind

  Notice the dot (.) following the file permissions, which breaks the
  grep pattern on my system.

  According to the docs of `ls`, the dot represents a security context:

  running 
  > info coreutils 'ls invocation' | grep -1 '[.+]. character'
  outputs: 
       GNU ‘ls’ uses a ‘.’ character to indicate a file with a security
       context, but no other alternate access method.

  Please, adjust the check to support also a security context.

  ProblemType: Bug
  DistroRelease: Ubuntu 22.04
  Package: rpcbind 1.2.6-2build1
  Uname: Linux 5.15.111-flatcar x86_64
  ApportVersion: 2.20.11-0ubuntu82.5
  Architecture: amd64
  CasperMD5CheckResult: unknown
  Date: Mon Jan  8 12:41:58 2024
  ProcEnviron:
   TERM=xterm
   PATH=(custom, no user)
  SourcePackage: rpcbind
  UpgradeStatus: No upgrade log present (probably fresh install)

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/rpcbind/+bug/2048527/+subscriptions

More information about the foundations-bugs mailing list