[MXS-5576] Maxctrl config permission check error message is misleading - Jira

XML

Word

Printable

Details

Type: Bug
Status: Closed (View Workflow)
Priority: Major
Resolution: Fixed
Affects Version/s: 21.06.19, 22.08.16, 23.02.10, 23.02.13, 23.08.9, 24.02.5, 25.01.2
Fix Version/s: 21.06.20, 22.08.17, 23.02.14, 23.08.10, 24.02.6, 25.01.3
Component/s: maxctrl
Labels:
None

Sprint:
MXS-SPRINT-232

Description

The error message that was reported when the maxctrl.cnf file had the wrong permissions was wrong. Read access is allowed for the group but the error instructed to remove all access from the group and the world.

Title was: Expand permission check on maxctrl.cnf to maxscale group

If user which executes

"maxctrl -c"

It is only be possible, if maxctrl.cnf have permission on user level.

otherwise error is thrown

Error: /tmp/maxctrl.cnf exists, but can be accessed by group and world. Remove all rights from everyone else but owner

This is hard limited in the code:

// As the file may contain a password, we are picky about the bits.

  if ((stats.mode & 31) != 0) {

    throw Error(

      "Error: " +

        filename +

        " exists, but can be accessed by group and world." +

        " Remove all rights from everyone else but owner"

);

With expanding to maxscale group , it is secure enough and every user , which added to maxsacale group can access to maxctrl.cnf with "maxctrl -c"

Error: /tmp/maxctrl.cnf exists, but can be accessed by group and world. Remove all rights from everyone else but owner

Attachments

Activity

People

Assignee:: markus makela

Reporter:: Richard Stracke

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Dates

Created:: 2025-03-24 12:16

Updated:: 2025-07-17 05:42

Resolved:: 2025-04-22 06:40

Git Integration

Error rendering 'com.xiplink.jira.git.jira_git_plugin:git-issue-webpanel'. Please contact your Jira administrators.