package mandos-client
retitle 549585 udev: creates /dev/{u,}random with too strict permissions
summary 549585 20
tags 549585 patch
reassign 549585 udev 146-3
package udev
affects 549585 mandos-client
thanks
Teddy Hogeborn <te...@fukt.bsnet.se> writes:
>> Indeed, it seems that both /dev/random and urandom are readable
>> only by user and group, respectively.
>
> [...] What were the exact permissions and ownerships? "crw-rw----
> root root"? That would be very strange. I'll have to wait until
> tomorrow (when I should have access to a sid machine) [...]
I installed a virtual machine with sid here, and could reproduce the
problem.
> On the bright side, we seem to have found the actual cause of the
> problem; we just need to get udev to create the devices with the
> proper permissions.
I was correct; it is all caused by a recent change in "udev"; the same
thing was the cause of bug #549275. Here is a patch for udev which
fixes our version of the problem:
diff -u /usr/share/initramfs-tools/hooks/udev.\~1\~
/usr/share/initramfs-tools/hooks/udev
--- /usr/share/initramfs-tools/hooks/udev.~1~ 2009-09-27 01:37:44.000000000
+0200
+++ /usr/share/initramfs-tools/hooks/udev 2009-10-05 08:35:37.000000000
+0200
@@ -25,7 +25,7 @@
mkdir -p $DESTDIR/lib/udev/rules.d/
for rules in 50-udev-default.rules 60-persistent-storage.rules \
80-drivers.rules 70-persistent-net.rules \
- 60-persistent-storage-lvm.rules \
+ 60-persistent-storage-lvm.rules 91-permissions.rules \
55-dm.rules 60-persistent-storage-dm.rules; do
if [ -e /etc/udev/rules.d/$rules ]; then
cp -p /etc/udev/rules.d/$rules $DESTDIR/lib/udev/rules.d/
I am reassigning this to udev, since that is where the problem can be
fixed; I do not see how to fix this from our package.
/Teddy Hogeborn
--
The Mandos Project
http://www.fukt.bsnet.se/mandos
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
