[MDEV-25046] mariadb_repo_setup default 022 umask assumption is a problem on hardened 027 systems - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 10.5
Fix Version/s: N/A
Component/s: Scripts & Clients
Labels:
None

Description

A failure was seen in

mariadb_repo_setup

repository installation script on ubuntu.

The failure is related to the script not finding the MariaDB public key mariadb-keyring-2019.gpg

W: http://archive.ubuntu.com/ubuntu/dists/bionic/InRelease: The key(s) in the keyring /etc/apt/trusted.gpg.d/mariadb-keyring-2019.gpg are ignored as the file is not readable by user '_apt' executing apt-key.

Apparently the default umask 0022 assumption by the script creates a problem on hardened systems with umask 0027.

ls -l /etc/apt/trusted.gpg.d/mariadb-keyring-2019.gpg  -rw-r----- 1 root root 43345 Mar  3 16:44 mariadb-keyring-2019.gpg

Attachments

Activity

People

Assignee:: Daniel Bartholomew

Reporter:: Claudio Nanni

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 2021-03-03 17:01

Updated:: 2021-03-29 16:43

Resolved:: 2021-03-29 16:43

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.