MCollective

The puppetlab’s yum repository is shipping an ActiveMQ package not having ACTIVEMQ_USER set causing /var/log/activemq/activemq-data being world writable.

$ ls -ld /var/log/activemq/activemq-data/ drwxrwxrwx 3 activemq activemq 4096 Jul 12 19:19 /var/log/activemq/activemq-data/ $ ls -l /var/log/activemq/activemq-data/localhost/KahaDB/ total 9788 -rw-rw-rw- 1 activemq activemq 33030144 Jul 12 19:36 db-1.log -rw-rw-rw- 1 activemq activemq 8966144 Jul 12 19:36 db.data -rw-rw-rw- 1 activemq activemq 931600 Jul 12 19:36 db.redo -rw-rw-rw- 1 activemq activemq 0 Jul 12 19:19 lock $ rpm -qi activemq Name : activemq Relocations: (not relocatable) Version : 5.5.0 Vendor: (none) Release : 1.el6 Build Date: Sun 04 Sep 2011 12:18:22 AM CEST Install Date: Thu 24 May 2012 04:08:52 PM CEST Build Host: xander.stahnkage.com Group : Network/Daemons Source RPM: activemq-5.5.0-1.el6.src.rpm Size : 23110772 License: Apache Signature : RSA/SHA1, Sat 01 Oct 2011 01:03:51 AM CEST, Key ID 1054b7a24bd6ec30 Summary : Apache ActiveMQ Description : ApacheMQ is a JMS Compliant Messaging System