diff options
author | Karel Klic <kklic@redhat.com> | 2010-01-12 14:26:08 +0100 |
---|---|---|
committer | Karel Klic <kklic@redhat.com> | 2010-01-12 14:26:08 +0100 |
commit | 71fb2d7e690640b391b76b5432f07b4a81351c8b (patch) | |
tree | 1fb4898252178190b54e7367721df67b0a04a140 /abrt.spec | |
parent | d037916adc56d384717ebd6b7a5963543febc170 (diff) | |
download | abrt-71fb2d7e690640b391b76b5432f07b4a81351c8b.tar.gz abrt-71fb2d7e690640b391b76b5432f07b4a81351c8b.tar.xz abrt-71fb2d7e690640b391b76b5432f07b4a81351c8b.zip |
Fixing /var/cache/abrt/ permissions by allowing users to read, but not to change their crash data. Adds abrt user, changes abrt-hook-python to use suid instead of sgid bit (uid=abrt), sets /var/cache/abrt and every dump subdirectory to be owned by abrt user. Read access for users and their own crashes is provided by group (/var/cache/abrt/ccpp-xxxx-xx has user's group).
Diffstat (limited to 'abrt.spec')
-rw-r--r-- | abrt.spec | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -250,6 +250,7 @@ rm -rf $RPM_BUILD_ROOT %pre getent group abrt >/dev/null || groupadd -f --system abrt +getent passwd abrt >/dev/null || useradd --system -g abrt -d /etc/abrt -s /sbin/nologin abrt exit 0 %post @@ -279,7 +280,7 @@ fi %config(noreplace) %{_sysconfdir}/%{name}/%{name}.conf %config(noreplace) %{_sysconfdir}/dbus-1/system.d/dbus-%{name}.conf %{_initrddir}/%{name}d -%dir %attr(0775, root, abrt) %{_localstatedir}/cache/%{name} +%dir %attr(0755, abrt, abrt) %{_localstatedir}/cache/%{name} %dir /var/run/%{name} %dir %{_sysconfdir}/%{name} %dir %{_sysconfdir}/%{name}/plugins @@ -386,7 +387,7 @@ fi %files addon-python %defattr(-,root,root,-) -%attr(2755, root, abrt) %{_libexecdir}/abrt-hook-python +%attr(4755, abrt, abrt) %{_libexecdir}/abrt-hook-python %{_libdir}/%{name}/libPython.so* %{python_site}/*.py* |