Debian Bug report logs -
#414331
must not install udev rules files
Reported by: Marco d'Itri <md@linux.it>
Date: Sun, 11 Mar 2007 02:51:01 UTC
Severity: normal
Found in version kvm/14-1
Fixed in version kvm/28-2
Done: Baruch Even <baruch@debian.org>
Bug is archived. No further changes may be made.
Toggle useless messages
Report forwarded to debian-bugs-dist@lists.debian.org, md@linux.it, Baruch Even <baruch@debian.org>:
Bug#414331; Package kvm.
(full text, mbox, link).
Acknowledgement sent to Marco d'Itri <md@linux.it>:
New Bug report received and forwarded. Copy sent to md@linux.it, Baruch Even <baruch@debian.org>.
(full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
[Message part 1 (text/plain, inline)]
Package: kvm
Version: 14-1
Severity: normal
Looks like you missed the part of README.Debian which says:
MAINTAINERS BEWARE: the use of /etc/udev/rules.d/ by other packages is
discouraged, except when only RUN rules are added.
If you think your package needs to create a file there, then please
contact the udev package maintainer and explain your needs.
Also, dh_installudev is badly broken and must not be used.
Please remove the file (beware, it's a conffile and needs to be delete
in the maintainer scripts!) and symlink in your next package upload,
I will add /dev/kvm to the next udev upload.
BTW... /dev/qemu has permissions 666, why restrict /dev/kvm to a
specific group?
--
ciao,
Marco
[signature.asc (application/pgp-signature, inline)]
Reply sent to Baruch Even <baruch@debian.org>:
You have taken responsibility.
(full text, mbox, link).
Notification sent to Marco d'Itri <md@linux.it>:
Bug acknowledged by developer.
(full text, mbox, link).
Message #10 received at 414331-close@bugs.debian.org (full text, mbox, reply):
Source: kvm
Source-Version: 28-2
We believe that the bug you reported is fixed in the latest version of
kvm, which is due to be installed in the Debian FTP archive:
kvm-source_28-2_all.deb
to pool/main/k/kvm/kvm-source_28-2_all.deb
kvm_28-2.diff.gz
to pool/main/k/kvm/kvm_28-2.diff.gz
kvm_28-2.dsc
to pool/main/k/kvm/kvm_28-2.dsc
kvm_28-2_i386.deb
to pool/main/k/kvm/kvm_28-2_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 414331@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Baruch Even <baruch@debian.org> (supplier of updated kvm package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 17 Jun 2007 21:13:07 +0100
Source: kvm
Binary: kvm-source kvm
Architecture: source i386 all
Version: 28-2
Distribution: unstable
Urgency: low
Maintainer: Baruch Even <baruch@debian.org>
Changed-By: Baruch Even <baruch@debian.org>
Description:
kvm - Full virtualization on x86 hardware
kvm-source - Source for the KVM driver
Closes: 414331 417151 417652
Changes:
kvm (28-2) unstable; urgency=low
.
* We moved a file from kvm-source to kvm, to be able to properly upgrade we
specify a conflict against older versions (Closes: #417652)
* Fix kvm-ifup script to work in more conditions (Closes: #417151)
* Remove old /etc/udev/kvm.rules since it's not needed (Closes: #414331)
Files:
7847a24753bd13077e17e604719f650b 839 misc optional kvm_28-2.dsc
81b5e3b9e5180cf413e98016c11bf1a1 35221 misc optional kvm_28-2.diff.gz
66f934d4f35d86db771a66a0c6f4e16c 93076 misc optional kvm-source_28-2_all.deb
079aa0ce1de09e1c1b6c501ea1d613a2 505922 misc optional kvm_28-2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFGdadcHCar6qtHRZgRAq6LAJ4335XtYDUjT+u2tiEpbu3P2K/jTwCeNYgv
0A57D3xUz9qZi1K4vHvCpdg=
=aogw
-----END PGP SIGNATURE-----
Message #13 received at 414331-submitter@bugs.debian.org (full text, mbox, reply):
Hi,
Sorry for taking so long to get to the issue.
I've removed the udev files from the kvm package in 18-1 but didn't
remove the files in the maintainer scripts, are there any guidelines how
to do it safely?
Regarding your question about the permissions, I actually have no idea
why we chose to use group kvm to limit access to kvm. I've now asked on
kvm-devel what other distributions do and what others think about this.
I myself tend towards the kqemu method to make it simple assuming that
the kvm module takes care of its own security issues internally.
Baruch
Message #16 received at 414331-submitter@bugs.debian.org (full text, mbox, reply):
According to Avi Kivity, the kvm upstream, the recommendation is for the
permissions to be as they are now, a kvm group with 0660 access. The
reason is that kvm locks a lot of kernel memory thus letting users free
reign can let a rogue user lock up all the kernel memory.
Due to this I will keep the current permissions as they are.
I'll still need your response regarding the old udev files before I can
close the bug.
Cheers,
Baruch
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Tue, 17 Jul 2007 07:27:35 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Sat Jan 6 02:04:06 2018;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.