-
Bug
-
Resolution: Done-Errata
-
Undefined
-
rhel-8.6.0
-
avahi-0.7-27.el8_10.1
-
None
-
None
-
rhel-sst-cs-plumbers
-
ssg_core_services
-
None
-
False
-
-
None
-
None
-
If docs needed, set a value
-
-
x86_64
-
None
Description of problem:
When installing the avahi rpm, the provided /var/run/avahi-daemon directory has root:root ownership as seen in 'rpm -qlv | grep avahi' output. Once the service is started, ownership is changed to avahi:avahi. This causes a CAT I STIG security finding.
Version-Release number of selected component (if applicable):
avahi-0.7-20.el8.x86_64
How reproducible:
Every time
Steps to Reproduce:
1. dnf install avahi
2. "rpm -qlv avahi | grep 'var/run/avahi-daemon'" and note ownership
3. systemctl start avahi-daemon
4. "ls -ld /var/run/avahi-daemon" and note difference in ownership
Actual results:
Ownership in provided /var/run/avahi-daemon differ from /var/run/avahi-daemon after starting the service
Expected results:
Ownership in provided /var/run/avahi-daemon match the same after starting the service
Additional info:
The same or similar issue was previously reported in RHEL 7 but was designated 'wontfix'. Bug 1770402. I could not find this reported in RHEL 8, but hopefully I did not miss something if it has been.
- blocks
-
RHEL-5633 avahi package has incorrect owner:group defined in payload for /var/run/avahi-daemon
- Closed
- external trackers
- links to
-
RHBA-2024:138040 avahi bug fix and enhancement update