Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-54386

Unpack failure during update can cause unmodified %config file removal

XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Unresolved
    • Icon: Major Major
    • rhel-10.0
    • rhel-8.10
    • rpm
    • rpm-4.19.1.1-10.el10
    • No
    • Moderate
    • rhel-sst-cs-software-management
    • ssg_core_services
    • 22
    • 26
    • 0
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • Release Note Not Required
    • None

      What were you trying to do that didn't work?

      update pam

      Please provide the package NVR for which bug is seen:

      update from  pam-1.3.1-33.el8.x86_64 to pam-1.3.1-34.el8_10.x86_64 and when updating from pam-1.3.1-27.el8.x86_64 to pam-1.3.1-33.el8.x86_64.

      How reproducible:

      Every time /var/run is not owned by root

      Steps to reproduce

      1. Chown /var/run to some non-root user: 
        # chown -h user:user /var/run
      1. Update pam:  
        # yum -y update pam
      1. Update fails and /etc/security is missing files. Before the update:
      # ls /etc/security
access.conf chroot.conf console.apps console.handlers console.perms console.perms.d faillock.conf group.conf limits.conf limits.d namespace.conf namespace.d namespace.init opasswd pam_env.conf pwhistory.conf pwquality.conf pwquality.conf.d sepermit.conf time.conf

      And after the update: 

      # ls /etc/security
console.apps pwquality.conf pwquality.conf.d

      Expected results

      Files should not be removed from /etc/security when pam fails to update.

      Actual results

      After the failed pam update we only have console.apps, pwquality.conf, and pwquality.conf.d in /etc/security. This causes all logins to fail with "Cannot make/remove an entry for the specified session".

      Errors seen during the update: 

       

      # yum history info 119
Updating Subscription Management repositories.
Transaction ID : 119
Begin time     : Tue Aug 13 12:31:28 2024
Begin rpmdb    : 1960:e9fe170d74863873093127e160be5bf1d172de8a
End time       : Tue Aug 13 12:31:29 2024 (1 seconds)
End rpmdb      : 1960:e9fe170d74863873093127e160be5bf1d172de8a
User           : root <root>
Return-Code    : Failure: 1
Releasever     : 8
Command Line   : -y update pam
Comment        :  
Packages Altered:
 ** Upgrade  pam-1.3.1-34.el8_10.x86_64 @rhel-8-for-x86_64-baseos-rpms
 ** Upgraded pam-1.3.1-33.el8.x86_64    @@System
Scriptlet output:
   1 error: failed to open dir run of /var/run/: Not a directory

       

       

              mdomonko@redhat.com Michal Domonkos
              rhn-support-lagordon Kaitlin Gordon (Inactive)
              packaging-team-maint packaging-team-maint
              Tomas Bajer Tomas Bajer
              Votes:
              0 Vote for this issue
              Watchers:
              11 Start watching this issue

                Created:
                Updated: