Debian Bug report logs - #383666
remove chown on /var/log/{statsdir}

version graph

Package: ntp; Maintainer for ntp is Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>; Source for ntp is src:ntp.

Reported by: generalstone@gmx.net

Date: Fri, 18 Aug 2006 16:18:07 UTC

Severity: wishlist

Found in version ntp/1:4.2.2+dfsg.2-1

Fixed in version ntp/1:4.2.2+dfsg.2-2

Done: Peter Eisentraut <petere@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>:
Bug#383666; Package ntp. Full text and rfc822 format available.

Acknowledgement sent to generalstone@gmx.net:
New Bug report received and forwarded. Copy sent to Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: General Stone <generalstone@gmx.net>
To: submit@bugs.debian.org
Subject: remove chown on /var/log/{statsdir}
Date: Fri, 18 Aug 2006 18:12:49 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Package: ntp
Version: 1:4.2.2+dfsg.2-1
Severity: wishlist

Please change in /etc/init.d/ntp the line:
"chown -R ntp:ntp /var/lib/ntp /var/log/ntpstats" to
"chown -R ntp:ntp /var/lib/ntp", because it should possible, that an
user in group xy can access on the logs but is not in the group ntp.

- --
Key fingerprint = DC3C 257C 2B71 8FA4 F609  F7F7 7C14 F806 5665 77FD

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Was nicht fliegen kann, kann auch nicht abst├╝rzen.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE5ecBfBT4BlZld/0RAyFYAKCAo7oUhoK3j0SyGOn3DRsuRX8LqgCcC/G1
sMslPH3Il0+kQzDDjOuUXy0=
=hhSX
-----END PGP SIGNATURE-----



Information forwarded to debian-bugs-dist@lists.debian.org, Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>:
Bug#383666; Package ntp. Full text and rfc822 format available.

Acknowledgement sent to Peter Eisentraut <peter_e@gmx.net>:
Extra info received and forwarded to list. Copy sent to Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #10 received at 383666@bugs.debian.org (full text, mbox):

From: Peter Eisentraut <peter_e@gmx.net>
To: generalstone@gmx.net, 383666@bugs.debian.org
Subject: Re: [pkg-ntp-maintainers] Bug#383666: remove chown on /var/log/{statsdir}
Date: Fri, 18 Aug 2006 18:47:13 +0200
Am Freitag, 18. August 2006 18:12 schrieb General Stone:
> Please change in /etc/init.d/ntp the line:
> "chown -R ntp:ntp /var/lib/ntp /var/log/ntpstats" to
> "chown -R ntp:ntp /var/lib/ntp", because it should possible, that an
> user in group xy can access on the logs but is not in the group ntp.

This is not a matter of reading the logs but writing the logs.  The ntpd 
daemon runs as ntp:ntp, so the permissions need to be set appropriately.  In 
order to have general read access to log files on Debian, you need to be 
root.



Information forwarded to debian-bugs-dist@lists.debian.org, Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>:
Bug#383666; Package ntp. Full text and rfc822 format available.

Acknowledgement sent to generalstone@gmx.net:
Extra info received and forwarded to list. Copy sent to Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #15 received at submit@bugs.debian.org (full text, mbox):

From: General Stone <generalstone@gmx.net>
To: submit@bugs.debian.org
Subject: Re: Bug#383666: remove chown on /var/log/{statsdir}
Date: Fri, 18 Aug 2006 19:30:08 +0200
-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160

Peter Eisentraut schrieb:
> This is not a matter of reading the logs but writing the logs.  The ntpd 
> daemon runs as ntp:ntp, so the permissions need to be set appropriately.  In 
> order to have general read access to log files on Debian, you need to be 
> root.

What I meen is, that the logs could be have another group-permission,
but not another user-permission. On my server I have an user which is in
the adm group and need to read the logfiles. If the server restarts from
the init-script, the group will be changed to the group ntp, and the
user can not read the log-files.

"chown -R ntp:$LOG_GROUP /var/log/ntpstats" in init.d/ntp could
dissolving this problem.

Thanks.

- - Markus Nass

- --
Key fingerprint = DC3C 257C 2B71 8FA4 F609  F7F7 7C14 F806 5665 77FD

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Was nicht fliegen kann, kann auch nicht abst├╝rzen.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFE5fkgfBT4BlZld/0RA8rHAKCZQEhh7EeXQ97X2tu92W7CznZwVACgpXCY
YzLXJdGRvyBdiMjX+BZTAGg=
=hJnS
-----END PGP SIGNATURE-----



Information forwarded to debian-bugs-dist@lists.debian.org, Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>:
Bug#383666; Package ntp. Full text and rfc822 format available.

Acknowledgement sent to Peter Eisentraut <peter_e@gmx.net>:
Extra info received and forwarded to list. Copy sent to Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #20 received at 383666@bugs.debian.org (full text, mbox):

From: Peter Eisentraut <peter_e@gmx.net>
To: generalstone@gmx.net, 383666@bugs.debian.org
Subject: Re: [pkg-ntp-maintainers] Bug#383666: remove chown on /var/log/{statsdir}
Date: Fri, 18 Aug 2006 20:03:39 +0200
General Stone wrote:
> What I meen is, that the logs could be have another group-permission,
> but not another user-permission. On my server I have an user which is
> in the adm group and need to read the logfiles. If the server
> restarts from the init-script, the group will be changed to the group
> ntp, and the user can not read the log-files.

Well, the init script is a configuration file, so you're free to edit 
it.  The default state is necessary for smooth upgrade.



Information forwarded to debian-bugs-dist@lists.debian.org, Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>:
Bug#383666; Package ntp. Full text and rfc822 format available.

Acknowledgement sent to Kurt Roeckx <kurt@roeckx.be>:
Extra info received and forwarded to list. Copy sent to Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>. Full text and rfc822 format available.

Message #25 received at 383666@bugs.debian.org (full text, mbox):

From: Kurt Roeckx <kurt@roeckx.be>
To: generalstone@gmx.net, 383666@bugs.debian.org
Cc: submit@bugs.debian.org
Subject: Re: [pkg-ntp-maintainers] Bug#383666: remove chown on /var/log/{statsdir}
Date: Fri, 18 Aug 2006 20:46:18 +0200
On Fri, Aug 18, 2006 at 07:30:08PM +0200, General Stone wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: RIPEMD160
> 
> Peter Eisentraut schrieb:
> > This is not a matter of reading the logs but writing the logs.  The ntpd 
> > daemon runs as ntp:ntp, so the permissions need to be set appropriately.  In 
> > order to have general read access to log files on Debian, you need to be 
> > root.
> 
> What I meen is, that the logs could be have another group-permission,
> but not another user-permission. On my server I have an user which is in
> the adm group and need to read the logfiles. If the server restarts from
> the init-script, the group will be changed to the group ntp, and the
> user can not read the log-files.

There are several things you can do:
- Change the init script yourself.  It's a configuration file, so
  it won't get overriden on upgrade, and if we change it, it should
  and come ask you.  I suggest you just remove the line in your case.
- Add the user to the ntp group.


Kurt




Tags added: pending Request was from Peter Eisentraut <petere@debian.org> to control@bugs.debian.org. Full text and rfc822 format available.

Reply sent to Peter Eisentraut <petere@debian.org>:
You have taken responsibility. Full text and rfc822 format available.

Notification sent to generalstone@gmx.net:
Bug acknowledged by developer. Full text and rfc822 format available.

Message #32 received at 383666-close@bugs.debian.org (full text, mbox):

From: Peter Eisentraut <petere@debian.org>
To: 383666-close@bugs.debian.org
Subject: Bug#383666: fixed in ntp 1:4.2.2+dfsg.2-2
Date: Sat, 16 Sep 2006 09:23:37 -0700
Source: ntp
Source-Version: 1:4.2.2+dfsg.2-2

We believe that the bug you reported is fixed in the latest version of
ntp, which is due to be installed in the Debian FTP archive:

ntp-doc_4.2.2+dfsg.2-2_all.deb
  to pool/main/n/ntp/ntp-doc_4.2.2+dfsg.2-2_all.deb
ntp-refclock_4.2.2+dfsg.2-2_all.deb
  to pool/main/n/ntp/ntp-refclock_4.2.2+dfsg.2-2_all.deb
ntp-simple_4.2.2+dfsg.2-2_all.deb
  to pool/main/n/ntp/ntp-simple_4.2.2+dfsg.2-2_all.deb
ntp_4.2.2+dfsg.2-2.diff.gz
  to pool/main/n/ntp/ntp_4.2.2+dfsg.2-2.diff.gz
ntp_4.2.2+dfsg.2-2.dsc
  to pool/main/n/ntp/ntp_4.2.2+dfsg.2-2.dsc
ntp_4.2.2+dfsg.2-2_i386.deb
  to pool/main/n/ntp/ntp_4.2.2+dfsg.2-2_i386.deb
ntpdate_4.2.2+dfsg.2-2_i386.deb
  to pool/main/n/ntp/ntpdate_4.2.2+dfsg.2-2_i386.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 383666@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Peter Eisentraut <petere@debian.org> (supplier of updated ntp package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Fri, 15 Sep 2006 11:24:09 +0200
Source: ntp
Binary: ntp-simple ntp-refclock ntp-doc ntpdate ntp
Architecture: source all i386
Version: 1:4.2.2+dfsg.2-2
Distribution: unstable
Urgency: medium
Maintainer: Debian NTP Team <pkg-ntp-maintainers@lists.alioth.debian.org>
Changed-By: Peter Eisentraut <petere@debian.org>
Description: 
 ntp        - Network Time Protocol daemon and utility programs
 ntp-doc    - Network Time Protocol documentation
 ntp-refclock - transition package
 ntp-simple - transition package
 ntpdate    - client for setting system time from NTP servers
Closes: 56499 245338 305864 312576 321759 375280 382311 382543 383212 383666 384857 386323 387002
Changes: 
 ntp (1:4.2.2+dfsg.2-2) unstable; urgency=medium
 .
   [ Branden Robinson ]
   * Soften ntp binary package's Conflicts and Replaces relationships with
     ntp-{refclock,server,simple} so that they are unversioned; a versioning
     expression is unnecessary as none of these exist now as dummy packages
     (and do not need to, as all depended directly or transitively on ntp
     itself).  State that ntp Provides the three merged packages, so that
     packages depending on them are not spuriously blocked from upgrading
     before their dependencies are manually changed. (closes: #383212)
 .
   [ Peter Eisentraut ]
   * Updated README.Debian's and package descriptions, reflecting that
     ntpdate is no longer necessary when ntp is installed
   * npdate is no longer started from an init script but instead by ifup
     (closes: #56499, #245338, #312576)
   * Run ntpdate from ifup in the background (closes: #321759, #375280,
     #382543)
   * Cleaned out package relationships with long-obsolete packages
   * Updated standards version
   * Also parse peer lines in ntp.conf from ntpdate.default (closes: #382311)
   * Added pointer in ntpdate.default where to find ntp.conf (closes: #386323)
   * Updated logcheck rules (closes: #305864)
 .
   [ Julien BLACHE ]
   * debian/control:
     + Add ntp-refclock and ntp-simple transition packages (closes: #384857).
   * debian/ntp.init:
     + Remove adduser call from initscript (closes: #383666).
 .
   [ Petter Reinholdtsen ]
   * Fixed init script LSB header dependency information (closes: #387002)
Files: 
 9553a9b41ba5f5c3ba174ac5592efc1b 841 net optional ntp_4.2.2+dfsg.2-2.dsc
 6b9241afc047363e3bcf11b25af4e561 173994 net optional ntp_4.2.2+dfsg.2-2.diff.gz
 f986aa4ae857f41a6bce469feed07815 891756 doc optional ntp-doc_4.2.2+dfsg.2-2_all.deb
 c44b4f1dadf7ed82bc43ffdc34068c83 27128 net optional ntp-simple_4.2.2+dfsg.2-2_all.deb
 1fefd26e9fc228e9e6d6c6e39f64c4ee 27130 net optional ntp-refclock_4.2.2+dfsg.2-2_all.deb
 f2fc5f5531c9c76187510f94de6d0b11 321010 net optional ntp_4.2.2+dfsg.2-2_i386.deb
 0ff308d22b0dda454023610ce77e7520 55902 net optional ntpdate_4.2.2+dfsg.2-2_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)

iD8DBQFFCnPCTTx8oVVPtMYRAoMkAJ9matJyyhGLgERFVxqvfmSka+TWLQCdE0fX
o7h51A6c/UagHkuditkDyEM=
=uO5N
-----END PGP SIGNATURE-----




Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Tue, 26 Jun 2007 07:48:39 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sat Apr 19 23:31:47 2014; Machine Name: buxtehude.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.