[arch-general] netctl/systemd - permission error in dmesg - need fixing?
All, Checking dmesg, I found the line: [ 2.865094] systemd[1]: Configuration file /etc/systemd/system/netctl@rlf_network\x2dstatic.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway. Checking /etc/systemd/system, I find the file with 0600 perms: -rw------- 1 root root 200 Dec 5 10:44 netctl@rlf_network\x2dstatic.service Checking /etc/netctl, the netctl file originally read IS world readable: -rw-r--r-- 1 root root 424 Dec 4 08:20 rlf_network-static What is causing systemd or netctl to create the file in /etc/systemd/system with 0600, thereby causing the dmesg entry? Does this need to be fixed? (if so, I'll file - but is this a bug?) I found a similar, but unrelated thread here: http://archlinuxarm.org/forum/viewtopic.php?f=9&t=6953 -- David C. Rankin, J.D.,P.E.
On Fri, 02 May 2014 09:52:38 -0500 "David C. Rankin" <drankinatty@suddenlinkmail.com> wrote:
All,
Checking dmesg, I found the line:
[ 2.865094] systemd[1]: Configuration file /etc/systemd/system/netctl@rlf_network\x2dstatic.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.
See http://lists.freedesktop.org/archives/systemd-devel/2014-February/017146.htm... : * When reading unit files, systemd will now verify the access mode of these files, and warn about certain suspicious combinations. This has been added to make it easier to track down packaging bugs where unit files are marked executable or world-writable. Cheers, -- Leonid Isaev GPG fingerprints: DA92 034D B4A8 EC51 7EA6 20DF 9291 EE8A 043C B8C4 C0DF 20D0 C075 C3F1 E1BE 775A A7AE F6CB 164B 5A6D
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 05/02/2014 01:22 PM, Leonid Isaev wrote:
See http://lists.freedesktop.org/archives/systemd-devel/2014-February/017146.htm... :
* When reading unit files, systemd will now verify the access mode of these files, and warn about certain suspicious combinations. This has been added to make it easier to track down packaging bugs where unit files are marked executable or world-writable.
Cheers,
Thanks Leonid, I guess the issue becomes, "is the /etc/netctl file supposed to be copied into /etc/systemd/system with 0600 permissions?" I'll admit, I have no idea how the details of this get done by netctl (and or systemd), but it just seems to me that if systemd is now verifying the access mode of these files, systemd (or netctl -- on 'netctl enable') shouldn't be copying them with permissions that will generate warning messages on boot. Now this isn't a big issue, more of an curiosity really. It just seems to me like something isn't meshing quite right. In my situation, I used and followed the netctl static setup detailed here: https://wiki.archlinux.org/index.php/Beginners%27_guide#Static_IP I'll leave it to you guys that are way smarter on this to decide if this needs any further action. I will try manually changing the permissions on the /etc/systemd/system file to avoid the warning, but that just seems like one of those things that shouldn't need to be done by the user. - -- David C. Rankin, J.D.,P.E. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.16 (GNU/Linux) Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ iEYEARECAAYFAlNkUiMACgkQZMpuZ8Cyrcg1jwCeKznQ0wPHxd+a2zHHR6G93vt7 xVgAn2tWEhtBiGtYWCOKJEIvqCx8pJLx =SsY4 -----END PGP SIGNATURE-----
David C. Rankin wrote:
All,
Checking dmesg, I found the line:
[ 2.865094] systemd[1]: Configuration file /etc/systemd/system/netctl@rlf_network\x2dstatic.service is marked world-inaccessible. This has no effect as configuration data is accessible via APIs without restrictions. Proceeding anyway.
Checking /etc/systemd/system, I find the file with 0600 perms:
-rw------- 1 root root 200 Dec 5 10:44 netctl@rlf_network\x2dstatic.service
Checking /etc/netctl, the netctl file originally read IS world readable:
-rw-r--r-- 1 root root 424 Dec 4 08:20 rlf_network-static
What is causing systemd or netctl to create the file in /etc/systemd/system with 0600, thereby causing the dmesg entry?
Does this need to be fixed? (if so, I'll file - but is this a bug?)
I found a similar, but unrelated thread here: http://archlinuxarm.org/forum/viewtopic.php?f=9&t=6953
I'm not sure exactly what you did, but here the only netctl-related "files" I have in /etc/systemd are in multi-user.target.wants and are symlinks to /usr/lib/systemd/system/netctl-ifplugd@.service In your case if the file is directly in /etc/systemd/system then it should probably be removed unless you have copied one of the /usr/lib/systemd/system/netctl*@.service files and made modifications to it in which case, you might want to look here for info on how to override systemd unit settings: https://wiki.archlinux.org/index.php/Systemd#Editing_provided_unit_files If your file is in one of the *.target.wants folders then it should definitely be a symlink. Jerome -- mailto:jeberger@free.fr http://jeberger.free.fr Jabber: jeberger@jabber.fr
participants (3)
-
"Jérôme M. Berger"
-
David C. Rankin
-
Leonid Isaev