Re: network-functions: mild annoyance, trivial patch?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Tyler Larson wrote:
Quoting Bill Nottingham <notting@xxxxxxxxxx>:


Paul Bolle (pebolle@xxxxxxxxxx) said: 

I hope I'm posting to the correct list. Anyway, I'm using a encrypted
wireless network. Bringing eth0 (the wireless interface on my laptop) up
or down as a normal user would always gave me an error, either:

/sbin/ifup: line 48: keys-eth0: Permission denied

or:

/sbin/ifdown: line 48: keys-eth0: Permission denied

This error message would even "pop up" if I used the "Network Device
Control" GUI.

This was caused by line 48 in .../network-scripts/network-functions:

[ -f "keys-$DEVNAME" ] && . keys-$DEVNAME

"keys-$DEVNAME" probably expands to "keys-eth0" (on my laptop) and
access to .../network-scripts/keys-eth0 is set to 600 (rw-) for root, so
reading that file (e.g. with cat) as a normal user will generate a
"Permission denied" error.

Trivial patch: add "2>/dev/null" to line 48:

[ -f "keys-$DEVNAME" ] && . keys-$DEVNAME 2>/dev/null

Or would this trivial patch just hide a more serious problem?

Nope, that's the correct patch.

Bill


--
Fedora-config-list mailing list
Fedora-config-list@xxxxxxxxxx
http://www.redhat.com/mailman/listinfo/fedora-config-list



the line:
[ -f "keys-$DEVNAME" ] && . keys-$DEVNAME 2>/dev/null

could just as effectively read:
. keys-$DEVNAME 2>/dev/null

After all, it souces the file if it can, otherwise just ignores the error. How about:

[ -r "keys-$DEVNAME" ] && . keys-$DEVNAME

which will only source the file if it can read it. That way, error messages from abnormalities in a broken file that should be fixed will still show up, but if you have no access, it won't try to use the file.

Some questions out of curiosity, because I have the same annoyance.
I gave users the right to do ifup and ifdown as well in redhat-config-network. And I get the same error message, but ifup and ifdown work fine. Is this because the WLAN card remembers the old key??

I see a potential problem with sending the error to /dev/null, because I guess at boottime that will happen then as well and then I won't see any error happening. Or am I missing something? I think it would be better to adapt the script and check if root is running it (use the keys file) or a normal user (don't use keys file)

Jaap





[Index of Archives]     [Fedora Users]     [Fedora Packaging]     [Fedora Desktop]     [PAM]     [Big List of Linux Books]     [Gimp]     [Yosemite News]