- Prior to this update, the cron script which is included in the mlocate packages had permissions which were too loose. Consequently, mlocate did not comply with the Operating System Security Requirements Guide. This update changes the permissions of the cron script to 0700, as required by the guide.
- The updatedb utility automatically excludes file systems which are marked as "nodev" in the /proc/filesystems file. The ZFS file system is also marked this way despite the fact it actually stores data on a physical device. As a consequence, ZFS volumes were not previously indexed. This update adds an exception for ZFS, which allows updatedb to index files stored on this file system and the locate utility to find such files.
- Previously, the /var/lib/mlocate/mlocate.db database file was declared in the mlocate package metadata as belonging to the "root" user and group, and having the "644" permissions. However, in reality, the file belonged to the "slocate" group and had the "640" permissions. This discrepancy caused problems reported by OpenSCAP compliance checking tools. With this update, the database file is declared correctly in the metadata, which allows the package in an unaltered state to pass OpenSCAP compliance checks.
- The updatedb utility did not exclude GPFS cluster file systems, which can hold billions of files. As a consequence, updatedb caused very high I/O load on systems using GPFS. With this update, GPFS volumes are skipped by updatedb. As a result, files stored on this file system are no longer indexed, and running updatedb on systems with GPFS volumes does not cause too high I/O load.