From nobody Wed Jan 19 10:56:29 2022 X-Original-To: bugs@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 3AE1F1956F58 for ; Wed, 19 Jan 2022 10:56:29 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Jf2d86HXYz4lmr for ; Wed, 19 Jan 2022 10:56:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org (kenobi.freebsd.org [IPv6:2610:1c1:1:606c::50:1d]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id B854613974 for ; Wed, 19 Jan 2022 10:56:28 +0000 (UTC) (envelope-from bugzilla-noreply@freebsd.org) Received: from kenobi.freebsd.org ([127.0.1.5]) by kenobi.freebsd.org (8.15.2/8.15.2) with ESMTP id 20JAuSjZ011215 for ; Wed, 19 Jan 2022 10:56:28 GMT (envelope-from bugzilla-noreply@freebsd.org) Received: (from www@localhost) by kenobi.freebsd.org (8.15.2/8.15.2/Submit) id 20JAuSVP011214 for bugs@FreeBSD.org; Wed, 19 Jan 2022 10:56:28 GMT (envelope-from bugzilla-noreply@freebsd.org) X-Authentication-Warning: kenobi.freebsd.org: www set sender to bugzilla-noreply@freebsd.org using -f From: bugzilla-noreply@freebsd.org To: bugs@FreeBSD.org Subject: [Bug 261329] freebsd-update IDS has nonsensical output when link permissions are wrong Date: Wed, 19 Jan 2022 10:56:29 +0000 X-Bugzilla-Reason: AssignedTo X-Bugzilla-Type: new X-Bugzilla-Watch-Reason: None X-Bugzilla-Product: Base System X-Bugzilla-Component: misc X-Bugzilla-Version: 13.0-RELEASE X-Bugzilla-Keywords: X-Bugzilla-Severity: Affects Some People X-Bugzilla-Who: martin@waschbuesch.de X-Bugzilla-Status: New X-Bugzilla-Resolution: X-Bugzilla-Priority: --- X-Bugzilla-Assigned-To: bugs@FreeBSD.org X-Bugzilla-Flags: X-Bugzilla-Changed-Fields: bug_id short_desc product version rep_platform op_sys bug_status bug_severity priority component assigned_to reporter Message-ID: Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Bugzilla-URL: https://bugs.freebsd.org/bugzilla/ Auto-Submitted: auto-generated List-Id: Bug reports List-Archive: https://lists.freebsd.org/archives/freebsd-bugs List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-bugs@freebsd.org MIME-Version: 1.0 ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1642589788; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=xovR49oW+gJXrNPYQQaLC+9RMwnKTotW2m0X78EBRvg=; b=Z/TpcHsff+APNa+wK0WfoyLbnHugsMI0i4Tf43fPEiWQcVvKGPS1tfUendf/nwYFA9dydl fZQ+nPFIcoC4/9vSiJX0XPXjho/yuEA0GOXdR7Hje6buFuLcdur3T5d6TpCLEpE+XT4J+0 cW5Fu04Ty1zNarChD6Ss9xR6bQUjDh2yqZF9Rr9OeCpQbBydwSTXF5bwixa3eNEaLsXghH LA/JIenqFl2+D+oyZbi4mJXCsOYVCTA7L7m2cv5RS3x+fqvX5xL63FeYhUpM0vlYJFbZw/ AVWYL5wOkv29RF3BQlUgymlHMQnIG7JyQrklrm7ckvUI6eYzwJTxQqTKdj8NMw== ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1642589788; a=rsa-sha256; cv=none; b=G5WyKUSVJu+dVG68uK6SU6CuWsQZtiPZYQl0ouUHqp4ae0xL+C9eP1h/NV7JZWY01NVqKM XkOtuWkZvj0FMXpcngVuY+1xXDuEiCLn4/yAFsSXp08JxmvmhPL4z95OtsLsy7xndbEMr0 izWM8D5m5HvnnKjXByVj8/ZCekIkkAnwxUl2wN630eJ+Mb7fRn6d2mchJwgG+D2xb+bO2l sQwLP1Fpx5nKJJl86QsrA68apuTUSpK6njPYbWCLm/oqPdwAnGMSRiGyn2Y8V5e/CksFQq SoYW3wXaZP5qdEbdX9NgI99+xQGu1YLJSrrXHpeZgjdfKOUvxuCJt4hQSfSK4g== ARC-Authentication-Results: i=1; mx1.freebsd.org; none X-ThisMailContainsUnwantedMimeParts: N https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=3D261329 Bug ID: 261329 Summary: freebsd-update IDS has nonsensical output when link permissions are wrong Product: Base System Version: 13.0-RELEASE Hardware: Any OS: Any Status: New Severity: Affects Some People Priority: --- Component: misc Assignee: bugs@FreeBSD.org Reporter: martin@waschbuesch.de if a symlink (for instance in the certificate store, but affects other stuf= f as well) has the wrong permissions, freebsd-update IDS will output nonsensical errors: freebsd-update IDS ... /etc/ssl/blacklisted/dc45b0bd.0 is a symlink, but should be a=20 /etc/ssl/blacklisted/ee1365c0.0 is a symlink, but should be a=20 /etc/ssl/blacklisted/f90208f7.0 is a symlink, but should be a=20 ... This rather suggests that those items should not be symlinks when in fact i= t is the permissions that are incorrect. Steps to reproduce: symlinks in /etc/ssl/blacklisted/ are supposed to have permissions of 755. Let's deviate from that expectation: chmod o-rwx /etc/ssl/blacklisted/* and then run freebsd-update IDS PS: I cam across this because "certctl rehash" apparently obeys changes to umask in login.conf. I'll create an additional PR for that (assuming that information about blacklisted certs should indeed be readable by world). --=20 You are receiving this mail because: You are the assignee for the bug.=