[Bug 261329] freebsd-update IDS has nonsensical output when link permissions are wrong

Reply: bugzilla-noreply_a_freebsd.org: "[Bug 261329] freebsd-update IDS has nonsensical output when link permissions are wrong"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Wed, 19 Jan 2022 10:56:29 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261329

            Bug ID: 261329
           Summary: freebsd-update IDS has nonsensical output when link
                    permissions are wrong
           Product: Base System
           Version: 13.0-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Some People
          Priority: ---
         Component: misc
          Assignee: bugs@FreeBSD.org
          Reporter: martin@waschbuesch.de

if a symlink (for instance in the certificate store, but affects other stuff as
well) has the wrong permissions, freebsd-update IDS will output nonsensical
errors:

freebsd-update IDS
...
/etc/ssl/blacklisted/dc45b0bd.0 is a symlink, but should be a 
/etc/ssl/blacklisted/ee1365c0.0 is a symlink, but should be a 
/etc/ssl/blacklisted/f90208f7.0 is a symlink, but should be a 
...

This rather suggests that those items should not be symlinks when in fact it is
the permissions that are incorrect.


Steps to reproduce:
symlinks in /etc/ssl/blacklisted/ are supposed to have permissions of 755.

Let's deviate from that expectation:
chmod o-rwx /etc/ssl/blacklisted/*

and then run
freebsd-update IDS



PS: I cam across this because "certctl rehash" apparently obeys changes to
umask in login.conf. I'll create an additional PR for that (assuming that
information about blacklisted certs should indeed be readable by world).

-- 
You are receiving this mail because:
You are the assignee for the bug.