Permissions on /boot/vmlinuz-2.6.27-7-generic are -rw-rw-rw after installation

Bug #290798 reported by Matt Zimmerman
270
Affects Status Importance Assigned to Milestone
base-files (Ubuntu)
Fix Released
Critical
Scott James Remnant (Canonical)
Intrepid
Fix Released
Critical
Scott James Remnant (Canonical)
ubiquity (Ubuntu)
Fix Released
Critical
Colin Watson
Intrepid
Fix Released
Critical
Colin Watson

Bug Description

Binary package hint: ubiquity

In the course of investigating bug 288479, I noticed the following anomaly on a fresh install from Ubuntu 8.10 20081028.2 (Evan's):

 88658 2196 -rw-rw-rw- 1 root 999 2244272 Oct 29 10:15 /boot/vmlinuz-2.6.27-7-generic

Related branches

Revision history for this message
Colin Watson (cjwatson) wrote :

Note that this was while investigating bug 288479, not bug 287747.

Revision history for this message
Matt Zimmerman (mdz) wrote :

I've confirmed this on a fresh install myself as well.

Revision history for this message
Matt Zimmerman (mdz) wrote :

Hardy is confirmed not to be affected.

description: updated
Revision history for this message
Colin Watson (cjwatson) wrote :

=== modified file 'scripts/install.py'
--- scripts/install.py 2008-10-29 15:23:56 +0000
+++ scripts/install.py 2008-10-29 17:59:00 +0000
@@ -757,6 +757,10 @@
             if os.path.exists(target_kernel):
                 os.unlink(target_kernel)
             self.copy_file(kernel, target_kernel, md5_check)
+ os.lchown(target_kernel, 0, 0)
+ os.chmod(target_kernel, 0644)
+ st = os.lstat(kernel)
+ os.utime(target_kernel, (st.st_atime, st.st_mtime))

         os.umask(old_umask)

Revision history for this message
Colin Watson (cjwatson) wrote :
Changed in ubiquity:
assignee: nobody → kamion
importance: Undecided → Critical
milestone: none → ubuntu-8.10
status: New → In Progress
Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote :
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package ubiquity - 1.10.10

---------------
ubiquity (1.10.10) intrepid; urgency=low

  [ Evan Dandrea ]
  * Also set the EGID back to 0 when regaining privileges (LP: #288479).

  [ Colin Watson ]
  * Fix permissions on kernel images copied from /cdrom/casper/
    (LP: #290798).

 -- Colin Watson <email address hidden> Wed, 29 Oct 2008 18:51:06 +0000

Changed in ubiquity:
status: In Progress → Fix Released
Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote :
Changed in base-files:
assignee: nobody → scott
importance: Undecided → Critical
status: New → In Progress
Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote :
Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote :

err, driving debdiff properly this time

Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote :

and with the right xargs

Revision history for this message
Matt Zimmerman (mdz) wrote :

I've uploaded Scott's fix to my PPA:

deb http://ppa.launchpad.net/mdz/ubuntu intrepid main
deb-src http://ppa.launchpad.net/mdz/ubuntu intrepid main

The Hardy update is there as well:

deb http://ppa.launchpad.net/mdz/ubuntu hardy main
deb-src http://ppa.launchpad.net/mdz/ubuntu hardy main

Revision history for this message
Matt Zimmerman (mdz) wrote :

Setting up base-files (4.0.4ubuntu2.1) ...
find: `/var/cache/fonts': No such file or directory
find: `/var/cache/anthy': No such file or directory
chgrp 0 /boot/grub /boot/grub/reiserfs_stage1_5 /boot/grub/fat_stage1_5 /boot/grub/jfs_stage1_5 /boot/grub/stage1 /boot/grub/xfs_stage1_5 /boot/grub/installed-version /boot/grub/minix_stage1_5 /boot/grub/device.map /boot/grub/stage2 /boot/grub/e2fs_stage1_5 /boot/grub/default /etc/popularity-contest.conf /etc/X11/xorg.conf /etc/initramfs-tools/conf.d/resume /etc/apt/sources.list /etc/apt/apt.conf.d/00trustcdrom /etc/papersize /etc/default/locale /etc/default/console-setup /var/lib/locales/supported.d/local /var/log/installer /var/log/installer/initial-status.gz /var/log/installer/partman
find: `/var/lib/anthy': No such file or directory
chgrp -h 0 /cdrom /media/cdrom
chgrp 0 /media/cdrom0

Revision history for this message
Matt Zimmerman (mdz) wrote :

After installing base-files 4.0.4ubuntu2.1 on an affected Intrepid system, I can confirm that I no longer have any files with gid 999, and furthermore no other file ownership or permissions on my system were changed inappropriately.

Revision history for this message
Liu, Shu-yuan (victorangus) wrote :

Setting up base-files (4.0.4ubuntu2.1) ...
find: `/var/cache/fonts': No such file or directory
find: `/var/cache/anthy': No such file or directory
chgrp 0 /etc/dictionaries-common/words
chgrp: cannot dereference `/etc/dictionaries-common/words': No such file or directory
dpkg: error processing base-files (--configure):
 subprocess post-installation script returned error exit status 123
Errors were encountered while processing:
 base-files
E: Sub-process /usr/bin/dpkg returned an error code (1)

Revision history for this message
Scott James Remnant (Canonical) (canonical-scott) wrote : Re: [Bug 290798] Re: Permissions on /boot/vmlinuz-2.6.27-7-generic are -rw-rw-rw after installation

On Thu, 2008-10-30 at 17:40 +0000, Victe.L wrote:

> Setting up base-files (4.0.4ubuntu2.1) ...
> find: `/var/cache/fonts': No such file or directory
> find: `/var/cache/anthy': No such file or directory
> chgrp 0 /etc/dictionaries-common/words
> chgrp: cannot dereference `/etc/dictionaries-common/words': No such file or directory
> dpkg: error processing base-files (--configure):
> subprocess post-installation script returned error exit status 123
> Errors were encountered while processing:
> base-files
> E: Sub-process /usr/bin/dpkg returned an error code (1)
>
Please subscribe to #291039, where this issue is being tracked.

Scott
--
Scott James Remnant
<email address hidden>

Changed in base-files:
status: In Progress → Fix Released
Revision history for this message
Colin Watson (cjwatson) wrote :

This fix is also in Jaunty now.

Changed in base-files:
status: In Progress → Fix Released
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.