The '/' dir of test hosts has recently gained write perm for both user and group: Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Access: (0775/drwxrwxr-x) Uid: ( 0/ root) Gid: ( 0/ root)
Permission bits should be 0555, per the filesystem rpm.
I see this change in several recent Fedora-Cloud-Base-AmazonEC2.x86_64-Rawhide-... in AWS.
This change has broken the CI tests for the openssh rpm. The change probably happened sometime between Apr 17 and May 10, based on when openssh PR tests started failing
When do you need this? (YYYY/MM/DD)
When is this no longer needed or useful? (YYYY/MM/DD)
If we cannot complete your request, what is the impact?
CI tests will continue to fail for the openssh rpm, which might make desirable changes take longer to merge, or might result in a broken change being merged, depending on how closely the test results are examined.
To make matters more complicated, if I locally build an image using kiwi, the resulting image's root directory will have mode 0755. If I download an image artifact from a Zuul build, the root dir also has mode 0755.
I'm only seeing the bad mode in instances that I launch in AWS. And since the ctime of the root dir roughly matches the build time of the image, it doesn't seem like the mode is being broken after launching the image (so, probably not cloud-init)
Metadata Update from @phsmoura: - Issue tagged with: medium-gain, medium-trouble, ops
@osinside any idea what's happening here?
Log in to comment on this ticket.