- Issued:
- 2009-05-14
- Updated:
- 2009-09-02
RHBA-2009:0484 - setup bug fix and enhancement update
Synopsis
setup bug fix and enhancement update
Type/Severity
Bug Fix Advisory (none)
Topic
An updated setup package that fixes several bugs and adds various enhancements is now available.
Description
The setup package contains a set of important system configuration and setup files, such as passwd, group, and profile.
This updated setup package fixes the following two inconsistencies between the bash and the csh and tcsh profile scripts:
-
in order to match the bash shell's default behavior and provide consistency across shells, csh files in the /etc/profile.d/ directory are not read when csh is loaded as a non-login shell.
-
when using the csh or tcsh shell, the user's umask is now set exactly the same as it is for the bash shell. If a process owned by a user creates a file, the UID number of the user is 100 or greater, and the username and group name match, then the umask of the process will be set to "002". Otherwise, the umask will be set to "022".
In addition, this updated package provides the following enhancements:
-
this updated setup package reserves the new "tss" User ID and Group ID, and the userid (UID) and groupid (GID) numbers (59:59), which should prevent accidental usage of that UID/GID pair by other packages and administrators. TrouSerS is an implementation of the Trusted Computing Group's Software Stack (TSS) specification.
-
this updated setup package reserves the new "puppet" user ID and group ID, and the userid (UID) and groupid (GID) numbers (52:52), which should prevent accidental usage of that UID/GID pair by other packages and administrators. Puppet is an automated system administration engine that performs tasks such as adding users, installing packages, and updating server configurations based on a centralized specification language.
-
this updated setup package reserves the new "pkiuser" user ID and group ID, and the userid (UID) and groupid (GID) numbers (17:17), which should prevent accidental usage of that UID/GID pair by other packages and administrators. The "pkiuser" user and group IDs are used in subsystems associated with the Red Hat Certificate System.
-
this updated setup package reserves the new "vdsm" user ID and "kvm" group ID, and the userid (UID) and groupid (GID) numbers (36:36), which should prevent accidental usage of that UID/GID pair by other packages and administrators. VDSM service manages a single SolidICE node (VDS). It serves as a proxy for Virtual Machine creation, management, statistics, and log collection.
-
this updated setup package reserves the new "oprofile" user ID and group ID, and the userid (UID) and groupid (GID) numbers (16:16), which should prevent accidental usage of that UID/GID pair by other packages and administrators. The "oprofile" user and group IDs are used by the OProfile program, a low-overhead, system-wide profiler capable of running transparently in the background.
Users are advised to upgrade to this updated setup package, which resolves these issues and adds these enhancements.
Solution
Before applying this update, make sure that all previously-released errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use the Red Hat Network to apply this update are available at This content is not included.http://kbase.redhat.com/faq/docs/DOC-11259
Affected Products
| Product | Version | Arch |
|---|---|---|
| Red Hat Enterprise Linux for Power, big endian | 5 | ppc |
| Red Hat Enterprise Linux for IBM z Systems | 5 | s390x |
| Red Hat Enterprise Linux Workstation | 5 | x86_64 |
| Red Hat Enterprise Linux Workstation | 5 | i386 |
| Red Hat Enterprise Linux Server | 5 | x86_64 |
| Red Hat Enterprise Linux Server | 5 | ia64 |
| Red Hat Enterprise Linux Server | 5 | i386 |
| Red Hat Enterprise Linux Server from RHUI | 5 | x86_64 |
| Red Hat Enterprise Linux Server from RHUI | 5 | i386 |
| Red Hat Enterprise Linux Desktop | 5 | x86_64 |
| Red Hat Enterprise Linux Desktop | 5 | i386 |
Updated Packages
- setup-2.5.58-7.el5.src.rpm
- setup-2.5.58-7.el5.noarch.rpm
Fixes
- This content is not included.BZ - 199817
- This content is not included.BZ - 457593
- This content is not included.BZ - 471918
- This content is not included.BZ - 498332
CVEs
(none)
References
(none)
Additional information
- The Red Hat security contact is This content is not included.secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.
- Offline Security Data data is available for integration with other systems. See Offline Security Data API to get started.