RPM folder has read-only permissions for user pulp #717
Description
Version
3.69.2
Describe the bug
The folder /var/lib/rpm has read-only permissions for group and others, and the owner is root which makes the user pulp unable to
make modifications.
For example, if I try to import a GPG public key in RPM (needed for using signing-scripts), I get the error:
error: can't create transaction lock on /var/lib/rpm/.rpm.lock (Permission denied)\nerror: /tmp/RPM-GPG-KEY: key 1 import failed."
To Reproduce
- Export GPG public key:
bash-5.1$ gpg --export -a $PULP_SIGNING_KEY_FINGERPRINT > /tmp/RPM-GPG-KEY`
- Try to import the key into RPM:
bash-5.1$ rpm --import /tmp/RPM-GPG-KEY
error: can't create transaction lock on /var/lib/rpm/.rpm.lock (Permission denied)
- Check permissions of
/var/lib/rpm
bash-5.1$ ls -al /var/lib/rpm
total 26356
drwxr-xr-x 1 root root 91 Nov 6 16:25 .
drwxr-xr-x 1 root root 18 Feb 4 01:46 ..
-rw-r--r-- 1 root root 26955776 Feb 4 01:46 rpmdb.sqlite
-rw-r--r-- 1 root root 32768 Feb 4 01:46 rpmdb.sqlite-shm
-rw-r--r-- 1 root root 0 Feb 4 01:46 rpmdb.sqlite-wal
-rw-r--r-- 1 root root 0 Jan 24 04:12 .rpm.lock
bash-5.1$ id
uid=700(pulp) gid=700(pulp) groups=700(pulp)
Expected behavior
When the permissions are correctly set, public keys can be imported into RPM
Additional context
Necessary for using signing-services: pulp/pulp-operator#1401