rnews assumes it can safely rename spooled tmp files
rra at stanford.edu
Sat Feb 26 07:28:26 UTC 2000
Joe St Sauver <JOE at OREGON.UOREGON.EDU> writes:
> After a period when our reader box was down, upon coming back up
> rnews attempted to rename files from /news/tmp to
> /var/spool/news/incoming, however, as implemented that involves
> a cross-device link and fails. E.G.:
> Feb 25 08:41:18 pith rnews: cant rename /news/tmp/38b6b0adFAaq9P
> to /var/spool/news/incoming/38b6b0aeGAaq9P Cross-device link
I'd like to see this fixed too; in the meantime, it's documented in
inn.conf(5) (which isn't the most obvious place to look for it, I know).
Where INN puts temporary files. For security reasons, this is
not the same as the system temporary files directory (INN creates
a lot of temporary files with predictable names and does not go
to particularly great lengths to protect against symlink attacks
and the like; this is safe provided that normal users can't write
into its temporary directory). It must be on the same partition
as pathincoming for rnews(1) to work correctly. The default
value is set at configure time and defaults to pathnews/tmp.
> I'd suggest modifying that behavior to either do a copy instead of a
> hard link by default, or to at least test for a cross-device disk
> layout, and only do hard links when safe.
I think the best way of handling this is for rnews to just have its own
tmp directory in pathincoming, like the existing "bad" directory.
Russ Allbery (rra at stanford.edu) <URL:http://www.eyrie.org/~eagle/>
More information about the inn-workers