Bug 5147

Summary: Mageia 2 installer wipes out msec configuration
Product: Mageia Reporter: David Walser <luigiwalser>
Component: RPM PackagesAssignee: Mageia Bug Squad <bugsquad>
Status: RESOLVED FIXED QA Contact:
Severity: normal    
Priority: Normal CC: thierry.vignaud
Version: CauldronKeywords: NEEDINFO
Target Milestone: ---   
Hardware: i586   
OS: Linux   
Whiteboard:
Source RPM: drakx-installer-stage2 CVE:
Status comment:
Bug Depends on:    
Bug Blocks: 3342    
Attachments: ddebug.log.gz

Description David Walser 2012-03-28 17:22:01 CEST 
I've been testing upgrading a server VM from Mageia 1 to Cauldron, using boot.iso to launch the installer from my own local HTTP mirror.  During the Summary step I did not click to reconfigure the Security level.  I had customizations in the /etc/security/msec/perms.conf and /etc/security/msec/security.conf files which got wiped out.  I don't believe the msec package is responsible as those files are marked config(noreplace).
David Walser 2012-03-28 17:22:17 CEST

CC: (none) => thierry.vignaud

Comment 1 David Walser 2012-03-28 17:25:46 CEST 
Different, but minor, bug in the Summary step, it said Proxies - not configured, but they are already configured.
David Walser 2012-03-29 20:57:20 CEST

Blocks: (none) => 3342

Comment 2 Thierry Vignaud 2012-03-30 11:31:04 CEST 
We do not touch those files.
we only call msec in order to set the security level

CC: thierry.vignaud => (none)
Source RPM: drakx-installer-stage2-14.1-3.mga2.src.rpm => msec

Thierry Vignaud 2012-03-30 11:31:14 CEST

Component: Installer => RPM Packages

Comment 3 David Walser 2012-03-30 14:07:52 CEST 
Can you at least tell me *how* you call msec?

CC: (none) => thierry.vignaud

Comment 4 Thierry Vignaud 2012-03-30 15:56:47 CEST 
checkout http://svnweb.mageia.org/soft/drakx/trunk/perl-install/
grep for security in install/*pm, then look at functions called in security/*pm
Comment 5 Thierry Vignaud 2012-03-30 16:06:31 CEST 
Also you should see the msec calls in /root/drakx/*.log
Comment 6 David Walser 2012-04-03 19:55:16 CEST 
Thierry, in ddebug.log it says "msec -q -f secure" was the command it ran.  In the documentation for msec, it says the -f option makes it overwrite the current configuration in /etc/security/msec/*.conf.

The installer should not be using the -f option during upgrades.  It is fine to use it for an initial installation.

Source RPM: msec => drakx-installer-stage2

Comment 7 Thierry Vignaud 2012-04-04 11:17:47 CEST 
Your log says that msec wasn't found, and thus not run.
So that's not the issue.
Comment 8 Thierry Vignaud 2012-04-04 11:18:21 CEST 
Sorry, was looking at another report.
Can you attach yours?

Keywords: (none) => NEEDINFO

Comment 9 David Walser 2012-04-04 14:55:19 CEST 
Created attachment 1921 [details]
ddebug.log.gz
Comment 10 Thierry Vignaud 2012-04-05 16:10:21 CEST 
Fixed in git

Status: NEW => RESOLVED
Resolution: (none) => FIXED