Skip to navigation

Bug Fix Advisory setup bug fix and enhancement update

Advisory: RHBA-2009:0484-2
Type: Bug Fix Advisory
Severity: N/A
Issued on: 2009-05-14
Last updated on: 2009-09-02
Affected Products: Red Hat Enterprise Linux (v. 5 server)
Red Hat Enterprise Linux Desktop (v. 5 client)

Details

An updated setup package that fixes several bugs and adds various
enhancements is now available.

The setup package contains a set of important system configuration and
setup files, such as passwd, group, and profile.

This updated setup package fixes the following two inconsistencies between
the bash and the csh and tcsh profile scripts:

* in order to match the bash shell's default behavior and provide
consistency across shells, csh files in the /etc/profile.d/ directory are
not read when csh is loaded as a non-login shell.

* when using the csh or tcsh shell, the user's umask is now set exactly the
same as it is for the bash shell. If a process owned by a user creates a
file, the UID number of the user is 100 or greater, and the username and
group name match, then the umask of the process will be set to "002".
Otherwise, the umask will be set to "022".

In addition, this updated package provides the following enhancements:

* this updated setup package reserves the new "tss" User ID and Group ID,
and the userid (UID) and groupid (GID) numbers (59:59), which should
prevent accidental usage of that UID/GID pair by other packages and
administrators. TrouSerS is an implementation of the Trusted Computing
Group's Software Stack (TSS) specification.

* this updated setup package reserves the new "puppet" user ID and group
ID, and the userid (UID) and groupid (GID) numbers (52:52), which should
prevent accidental usage of that UID/GID pair by other packages and
administrators. Puppet is an automated system administration engine that
performs tasks such as adding users, installing packages, and updating
server configurations based on a centralized specification language.

* this updated setup package reserves the new "pkiuser" user ID and group
ID, and the userid (UID) and groupid (GID) numbers (17:17), which should
prevent accidental usage of that UID/GID pair by other packages and
administrators. The "pkiuser" user and group IDs are used in subsystems
associated with the Red Hat Certificate System.

* this updated setup package reserves the new "vdsm" user ID and "kvm"
group ID, and the userid (UID) and groupid (GID) numbers (36:36), which
should prevent accidental usage of that UID/GID pair by other packages and
administrators. VDSM service manages a single SolidICE node (VDS). It
serves as a proxy for Virtual Machine creation, management, statistics, and
log collection.

* this updated setup package reserves the new "oprofile" user ID and group
ID, and the userid (UID) and groupid (GID) numbers (16:16), which should
prevent accidental usage of that UID/GID pair by other packages and
administrators. The "oprofile" user and group IDs are used by the OProfile
program, a low-overhead, system-wide profiler capable of running
transparently in the background.

Users are advised to upgrade to this updated setup package, which resolves
these issues and adds these enhancements.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Enterprise Linux (v. 5 server)

SRPMS:
setup-2.5.58-7.el5.src.rpm
File outdated by:  RHBA-2012:0198
    MD5: f623ee88bbcc6bcf254d834c84776678
 
IA-32:
setup-2.5.58-7.el5.noarch.rpm
File outdated by:  RHBA-2012:0198
    MD5: 7a9d54706890c01b183c5b9d4dde1d5a
 
IA-64:
setup-2.5.58-7.el5.noarch.rpm
File outdated by:  RHBA-2012:0198
    MD5: 7a9d54706890c01b183c5b9d4dde1d5a
 
PPC:
setup-2.5.58-7.el5.noarch.rpm
File outdated by:  RHBA-2012:0198
    MD5: 7a9d54706890c01b183c5b9d4dde1d5a
 
s390x:
setup-2.5.58-7.el5.noarch.rpm
File outdated by:  RHBA-2012:0198
    MD5: 7a9d54706890c01b183c5b9d4dde1d5a
 
x86_64:
setup-2.5.58-7.el5.noarch.rpm
File outdated by:  RHBA-2012:0198
    MD5: 7a9d54706890c01b183c5b9d4dde1d5a
 
Red Hat Enterprise Linux Desktop (v. 5 client)

SRPMS:
setup-2.5.58-7.el5.src.rpm
File outdated by:  RHBA-2012:0198
    MD5: f623ee88bbcc6bcf254d834c84776678
 
IA-32:
setup-2.5.58-7.el5.noarch.rpm
File outdated by:  RHBA-2012:0198
    MD5: 7a9d54706890c01b183c5b9d4dde1d5a
 
x86_64:
setup-2.5.58-7.el5.noarch.rpm
File outdated by:  RHBA-2012:0198
    MD5: 7a9d54706890c01b183c5b9d4dde1d5a
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

199817 - Make csh default umask values and profile.d scripts processing more consistent with bash
457593 - Request official assignment of uid/gid pair for trousers
471918 - Need assigned User/Group for puppet
498332 - Need UID and GID for oprofile



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/