Bug 255981

Summary: sysutils/zrepl: pidfile should be world-readable
Product: Ports & Packages Reporter: Alan Somers <asomers>
Component: Individual Port(s)Assignee: Lewis Cook <lcook>
Status: Closed FIXED    
Severity: Affects Many People CC: lcook, lwhsu, raul.munoz
Priority: --- Flags: asomers: maintainer-feedback? (lcook)
lcook: merge-quarterly+
Version: Latest   
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=256472
Attachments:
Description Flags
Change permissions on /var/run/zrepl to 755
none
/var/run/zrepl.pid none

Description Alan Somers freebsd_committer freebsd_triage 2021-05-18 19:23:34 UTC 
Created attachment 225074 [details]
Change permissions on /var/run/zrepl to 755

zrepl writes /var/run/zrepl/daemon.pid .  But curiously, it creates the /var/run/zrepl directory with 700 permissions.  That prevents non-root users from doing "service zrepl status".  I don't see any sensitive files instead of that directory.  Is there any reason it can't be made 755?
Comment 1 Ben Woods freebsd_committer freebsd_triage 2021-05-22 02:25:16 UTC 
Sorry, due to a lack of time I have reset the maintainer of this port back to ports@FreeBSD.org. Hopefully someone else is able to step in to help.
Resetting the assignee of this bug accordingly.
Comment 2 Alan Somers freebsd_committer freebsd_triage 2021-06-03 21:43:27 UTC 
lcook, could you please review this patch?
Comment 3 Lewis Cook freebsd_committer freebsd_triage 2021-06-04 10:14:04 UTC 
(In reply to Alan Somers from comment #2)
Sorry for the delay, been much busier than anticipated.

Seems a good idea to include this change and I have no objections, I'll commit this and MFH back into 2021Q2.  Thank you Alan!
Comment 4 commit-hook freebsd_committer freebsd_triage 2021-06-04 10:22:54 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=2a866a1b4fd0e2ce6d07904c920f98e7d994bd59

commit 2a866a1b4fd0e2ce6d07904c920f98e7d994bd59
Author:     Alan Somers <asomers@FreeBSD.org>
AuthorDate: 2021-06-04 10:15:57 +0000
Commit:     Lewis Cook <lcook@FreeBSD.org>
CommitDate: 2021-06-04 10:21:49 +0000

    sysutils/zrepl: pidfile should be world-readable

    PR:     255981

 sysutils/zrepl/Makefile       | 1 +
 sysutils/zrepl/files/zrepl.in | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)
Comment 5 commit-hook freebsd_committer freebsd_triage 2021-06-04 10:26:55 UTC 
A commit in branch 2021Q2 references this bug:

URL: https://cgit.FreeBSD.org/ports/commit/?id=073656063b7ce50ecfb7851bdc02966eb54d783b

commit 073656063b7ce50ecfb7851bdc02966eb54d783b
Author:     Alan Somers <asomers@FreeBSD.org>
AuthorDate: 2021-06-04 10:15:57 +0000
Commit:     Lewis Cook <lcook@FreeBSD.org>
CommitDate: 2021-06-04 10:24:14 +0000

    sysutils/zrepl: pidfile should be world-readable

    PR:     255981

    (cherry picked from commit 2a866a1b4fd0e2ce6d07904c920f98e7d994bd59)

 sysutils/zrepl/Makefile       | 1 +
 sysutils/zrepl/files/zrepl.in | 4 ++--
 2 files changed, 3 insertions(+), 2 deletions(-)
Comment 6 Lewis Cook freebsd_committer freebsd_triage 2021-06-04 10:27:22 UTC 
Committed, thanks!
Comment 7 Alan Somers freebsd_committer freebsd_triage 2021-06-04 13:00:39 UTC 
Thanks, lcook!
Comment 8 Raúl 2021-06-08 04:45:01 UTC 
Created attachment 225629 [details]
/var/run/zrepl.pid

Don't forget /var/run/zrepl ;)