Actions
action #108040
closed[security][sle][s390x] user console access 'ttysclp0' permission is correct
Start date:
2022-03-09
Due date:
% Done:
100%
Estimated time:
3.00 h
Difficulty:
Description
This bug https://bugzilla.suse.com/show_bug.cgi?id=1195620 has been fixed since build 108.1,
so we don't need to do the workaround.
##Suggestion
Could remove the workaround code
Updated by Xiaojing_liu almost 3 years ago
- Category set to Enhancement to existing tests
Updated by Xiaojing_liu almost 3 years ago
- Related to action #106020: [security][sle][s390x] user console access 'ttysclp0' permission denied added
Updated by rfan1 almost 3 years ago
- Status changed from New to In Progress
- % Done changed from 0 to 10
- Estimated time set to 3.00 h
Thanks Xiaojing,
commit e1f1414bcf672be16809cc3deb01789575b8772c (origin/s390x_ttysclp0, s390x_ttysclp0)
Author: rfan1 richard.fan@suse.com
Date: Mon Feb 7 03:40:12 2022 -0500
Make sure non-root user can access serialdev
diff --git a/lib/utils.pm b/lib/utils.pm
index b185e8e1d..05ac37b00 100644
--- a/lib/utils.pm
+++ b/lib/utils.pm
@@ -1259,7 +1259,8 @@ sub ensure_serialdev_permissions {
else {
# when serial getty is started, it changes the group of serialdev from dialout to tty (but doesn't change it back when stopped)
# let's make sure that both will work
- assert_script_run "chown $testapi::username /dev/$testapi::serialdev && usermod -a -G tty,dialout,\$(stat -c %G /dev/$testapi::serialdev) $testapi::username";
+ # based on bsc#1195620, let's restore file permission to '620'
+ assert_script_run "chmod 620 /dev/$testapi::serialdev && chown $testapi::username /dev/$testapi::serialdev && usermod -a -G tty,dialout,\$(stat -c %G /dev/$testapi::serialdev) $testapi::username";
}
}
I can revert this change.
Let me do some test with my own branch at first
Updated by rfan1 almost 3 years ago
- Status changed from In Progress to Resolved
- % Done changed from 10 to 100
Actions