Ticket #120 (new defect)
Opened 9 months ago
Race condition when later modules override files from earlier modules
| Reported by: | blee | Owned by: | confman-developers@… |
|---|---|---|---|
| Priority: | critical | Milestone: | confman-1.9.4 |
| Component: | confman | Version: | 1.9.3b |
| Keywords: | Cc: |
Description
Files that get overridden by later modules in a recipe should never get installed to the filesystem.
For example, consider the sudoers file.
Recipe "base" does not allow the use of sudo:
base/usr/local/etc/sudoers
But recipe "sudo-wheel" allows members of group wheel to run sudo:
sudo-wheel/usr/local/etc/sudoers
And a sample recipe r:
base sudo-wheel
Running 'confman commit' on a machine using recipe r will leave the machine in a broken state, since the base sudoers file will prevent confman commit from proceeding.
This may have rather unexpected effects for files other than sudoers as well (e.g. nsswitch.conf).
Note: See
TracTickets for help on using
tickets.
