package mandos-client retitle 549585 udev: creates /dev/{u,}random with too strict permissions summary 549585 20 tags 549585 patch reassign 549585 udev 146-3 package udev affects 549585 mandos-client thanks
Teddy Hogeborn <te...@fukt.bsnet.se> writes: >> Indeed, it seems that both /dev/random and urandom are readable >> only by user and group, respectively. > > [...] What were the exact permissions and ownerships? "crw-rw---- > root root"? That would be very strange. I'll have to wait until > tomorrow (when I should have access to a sid machine) [...] I installed a virtual machine with sid here, and could reproduce the problem. > On the bright side, we seem to have found the actual cause of the > problem; we just need to get udev to create the devices with the > proper permissions. I was correct; it is all caused by a recent change in "udev"; the same thing was the cause of bug #549275. Here is a patch for udev which fixes our version of the problem: diff -u /usr/share/initramfs-tools/hooks/udev.\~1\~ /usr/share/initramfs-tools/hooks/udev --- /usr/share/initramfs-tools/hooks/udev.~1~ 2009-09-27 01:37:44.000000000 +0200 +++ /usr/share/initramfs-tools/hooks/udev 2009-10-05 08:35:37.000000000 +0200 @@ -25,7 +25,7 @@ mkdir -p $DESTDIR/lib/udev/rules.d/ for rules in 50-udev-default.rules 60-persistent-storage.rules \ 80-drivers.rules 70-persistent-net.rules \ - 60-persistent-storage-lvm.rules \ + 60-persistent-storage-lvm.rules 91-permissions.rules \ 55-dm.rules 60-persistent-storage-dm.rules; do if [ -e /etc/udev/rules.d/$rules ]; then cp -p /etc/udev/rules.d/$rules $DESTDIR/lib/udev/rules.d/ I am reassigning this to udev, since that is where the problem can be fixed; I do not see how to fix this from our package. /Teddy Hogeborn -- The Mandos Project http://www.fukt.bsnet.se/mandos -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org