search

opnsense / core

OPNsense GUI, API and systems backend
https://opnsense.org/
BSD 2-Clause "Simplified" License
3.07k stars 700 forks source link

firmware: ISO permission errors on 24.7 #7524

Open fichtner opened 2 weeks ago

fichtner commented 2 weeks ago 
***GOT REQUEST TO AUDIT HEALTH***
Currently running OPNsense 24.7.b_114 at Wed Jun 12 05:29:15 UTC 2024
>>> Root file system: /dev/iso9660/OPNSENSE_INSTALL
>>> Check installed kernel version
Version 24.7.b is correct.
>>> Check for missing or altered kernel files
No problems detected.
>>> Check installed base version
Version 24.7.b is correct.
>>> Check for missing or altered base files
Error 2 occurred.
sbin/mksnap_ffs: 
    permissions (04554, 0554)
sbin/ping: 
    permissions (04555, 0555)
sbin/ping6: 
    permissions (04555, 0555)
sbin/poweroff: 
    permissions (04554, 0554)
sbin/shutdown: 
    permissions (04554, 0554)
usr/bin/at: 
    permissions (04555, 0555)
usr/bin/atq: 
    permissions (04555, 0555)
usr/bin/atrm: 
    permissions (04555, 0555)
usr/bin/batch: 
    permissions (04555, 0555)
usr/bin/btsockstat: 
    permissions (02555, 0555)
usr/bin/chpass: 
    permissions (04555, 0555)
usr/bin/crontab: 
    permissions (04555, 0555)
usr/bin/lock: 
    permissions (04555, 0555)
usr/bin/lpq: 
    permissions (06555, 0555)
usr/bin/lpr: 
    permissions (06555, 0555)
usr/bin/lprm: 
    permissions (06555, 0555)
usr/bin/netstat: 
    permissions (02555, 0555)
usr/bin/passwd: 
    permissions (04555, 0555)
usr/bin/su: 
    permissions (04555, 0555)
usr/bin/wall: 
    permissions (02555, 0555)
usr/bin/write: 
    permissions (02555, 0555)
usr/sbin/lpc: 
    permissions (02555, 0555)
usr/sbin/ppp: 
    permissions (04554, 0554)
usr/sbin/traceroute: 
    permissions (04555, 0555)
usr/sbin/traceroute6: 
    permissions (04555, 0555)
usr/libexec/ulog-helper: 
    permissions (04555, 0555)
>>> Check installed repositories
OPNsense
>>> Check installed plugins
No plugins found.
>>> Check locked packages
No locks found.
>>> Check for missing package dependencies
Checking all packages: .......... done
>>> Check for missing or altered package files
Checking all packages: .......... done
>>> Check for core packages consistency
Core package "opnsense-devel" has 68 dependencies to check.
Checking packages: ..................................................................... done
***DONE***
fichtner commented 2 weeks ago

FWIW, this may be an mtree "feature" but then clashing with the ISO file system capabilities. BINMODE was unmodified for a long time on those binaries.