You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The fileinfo files carry what is basically an 'ls -l' style output of
files we package that carry special permissions and ownerships. The
ownership inspection then checks files found against that list to make
sure they are allowed. The inspection was performing a local name
lookup on the owner and group and also comparing the UID and GID
values, but that is not guaranteed. Some packages will dynamically
create the owner and/or group via a package scriptlet. The RPM header
records the symbolic name as do our fileinfo files, so just perform
matching based on that.
Signed-off-by: David Cantrell <dcantrell@redhat.com>
The Tlog package installs the 'tlog' user and group with rpm scripts, to limit the setuid/setgid permissions of the executable tlog-rec-session
This causes the rpminspect ownership check to fail however.
The text was updated successfully, but these errors were encountered: