Hi,
if you use fai softupdate, having cfengine scripts containing something like
files:
any::
${target}/etc/cron.daily/calamaris mode=0600 act=fixall
you will find your / chmod 0600.
The problem: ${target) will be replaced by / during softupdate and cfengine
seems to have problems with files like //etc/cron.daily/calamaris. The cfengine
log states:
Checking file(s) in //etc/cron.daily/calamaris
cfengine: / had permission 755, changed it to 700
The solution comes as a patch:
--- fai.orig 2005-05-23 13:58:23.000000000 +0200
+++ fai 2005-05-23 09:16:01.000000000 +0200
@@ -98,12 +98,12 @@
DEBIAN_FRONTEND=noninteractive
# local disks are mounted to $FAI_ROOT
if [ -z "$FAI_ROOT" ] ; then
- [ $DO_INIT_TASKS -eq 1 ] && FAI_ROOT=/tmp/target || FAI_ROOT=/
+ [ $DO_INIT_TASKS -eq 1 ] && FAI_ROOT=/tmp/target || FAI_ROOT=/.
fi
# executed command in the environment of the new system
ROOTCMD="chroot $FAI_ROOT"
# no chroot needed
- [ "$FAI_ROOT" = '/' ] && ROOTCMD=
+ [ "$FAI_ROOT" = '/.' ] && ROOTCMD=
# Solaris has already a writable /tmp directory
[ "$oclass" = LINUX -a $DO_INIT_TASKS -eq 1 ] && create_ramdisk
After this patch, cfeninge is happy.
Regards,
Andreas
--
! Andreas Jobs Network Operating Center !
! Ruhr-Universitaet Bochum !
! The only way to clean a compromised system is to flatten and rebuild. !
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 185 bytes
Desc: not available
Url : http://lists.uni-koeln.de/pipermail/linux-fai/attachments/20050523/4eed6109/attachment.bin