Reported by: Andreas Pretzsch <email@example.com>
Date: Fri, 16 Sep 2011 16:10:02 UTC
Found in version dpkg/126.96.36.199
Fixed in version dpkg/1.16.1
Done: Guillem Jover <firstname.lastname@example.org>
Bug is archived. No further changes may be made.
Toggle useless messages
email@example.com, Dpkg Developers <firstname.lastname@example.org>:
dpkg. (Fri, 16 Sep 2011 16:10:05 GMT) Full text and rfc822 format available.
Andreas Pretzsch <email@example.com>:
Dpkg Developers <firstname.lastname@example.org>. (Fri, 16 Sep 2011 16:10:05 GMT) Full text and rfc822 format available.
Message #5 received at email@example.com (full text, mbox):
Package: dpkg Version: 188.8.131.52 Severity: normal start-stop-daemon is expected (as per man page) to set the supplemental groups of a user when called with option "-c user:group". This happens if the user is given in cleartext, not when passed as number. Both are legal based on the man page. Behaviour verified on latest Debian stable 6.0.2 (vanilla live image) and on current Debian testing/unstable (dpkg 184.108.40.206). user@debian:~$ dpkg -s dpkg | grep Version Version: 220.127.116.11 user@debian:~$ grep "user" /etc/passwd user:x:1000:1000:Debian Live user,,,:/home/user:/bin/bash user@debian:~$ grep "user" /etc/group cdrom:x:24:user floppy:x:25:user audio:x:29:user dip:x:30:user video:x:44:user plugdev:x:46:user users:x:100: user:x:1000: user@debian:~$ sudo -i root@debian:~# start-stop-daemon -S -c user:dip -x /usr/bin/id uid=1000(user) gid=30(dip) groups=1000(user),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev) root@debian:~# start-stop-daemon -S -c user:30 -x /usr/bin/id uid=1000(user) gid=30(dip) groups=1000(user),24(cdrom),25(floppy),29(audio),30(dip),44(video),46(plugdev) root@debian:~# start-stop-daemon -S -c 1000:dip -x /usr/bin/id uid=1000(user) gid=30(dip) groups=1000(user),30(dip) root@debian:~# start-stop-daemon -S -c 1000:30 -x /usr/bin/id uid=1000(user) gid=30(dip) groups=1000(user),30(dip) root@debian:~# Tracking it down in the source, the culprit is the call to initgroups(). It's defined as "int initgroups(const char *user, gid_t group)", but apparently only works with cleartext usernames, but not with an uid passed as text. In the latter two cases (-c 1000:whatever), the user is passed as string containing a number, i.e. "1000". Unfortunately, initgroups() still returns 0 for success in this case... -- System Information: Debian Release: wheezy/sid APT prefers testing APT policy: (990, 'testing'), (500, 'testing-proposed-updates'), (500, 'stable-updates'), (500, 'proposed-updates'), (500, 'unstable'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 18.104.22.168 (SMP w/4 CPU cores; PREEMPT) Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages dpkg depends on: ii coreutils 8.5-1 ii libbz2-1.0 1.0.5-6 ii libc6 2.13-18 ii libselinux1 2.1.0-1 ii xz-utils 5.1.1alpha+20110809-2 ii zlib1g 1:22.214.171.124.dfsg-3 dpkg recommends no packages. Versions of packages dpkg suggests: ii apt 0.8.15.6 -- no debconf information
firstname.lastname@example.org, Dpkg Developers <email@example.com>:
dpkg. (Fri, 16 Sep 2011 17:37:17 GMT) Full text and rfc822 format available.
Guillem Jover <firstname.lastname@example.org>:
Dpkg Developers <email@example.com>. (Fri, 16 Sep 2011 17:37:17 GMT) Full text and rfc822 format available.
Message #10 received at firstname.lastname@example.org (full text, mbox):
Hi! On Fri, 2011-09-16 at 18:00:29 +0200, Andreas Pretzsch wrote: > Package: dpkg > Version: 126.96.36.199 > Severity: normal > > start-stop-daemon is expected (as per man page) to set the supplemental > groups of a user when called with option "-c user:group". > This happens if the user is given in cleartext, not when passed as number. > Both are legal based on the man page. > > Behaviour verified on latest Debian stable 6.0.2 (vanilla live image) > and on current Debian testing/unstable (dpkg 188.8.131.52). > [test-case] > > Tracking it down in the source, the culprit is the call to initgroups(). > It's defined as "int initgroups(const char *user, gid_t group)", but > apparently only works with cleartext usernames, but not with an uid > passed as text. In the latter two cases (-c 1000:whatever), the user is > passed as string containing a number, i.e. "1000". > Unfortunately, initgroups() still returns 0 for success in this case... Thanks for tracking this down! I've fixed it locally, will be included in my next push. regards, guillem
Guillem Jover <email@example.com>to
firstname.lastname@example.org. (Sun, 18 Sep 2011 06:09:02 GMT) Full text and rfc822 format available.
Andreas Pretzsch <email@example.com>:
Message #15 received at firstname.lastname@example.org (full text, mbox):
tag 641834 pending thanks Hello, Bug #641834 reported by you has been fixed in the Git repository. You can see the changelog below, and you can check the diff of the fix at: http://git.debian.org/?p=dpkg/dpkg.git;a=commitdiff;h=49ad180 --- commit 49ad180074dd59337622c568391770936cf912c4 Author: Guillem Jover <email@example.com> Date: Fri Sep 16 19:41:31 2011 +0200 s-s-d: Reset the user and group names from the password entry on --chuid This guarantees the initgroups() call will not fail when the user specified the user to change to as a uid instead of a username. Closes: #641834 Reported-by: Andreas Pretzsch <firstname.lastname@example.org> diff --git a/debian/changelog b/debian/changelog index 7183743..bdcd368 100644 --- a/debian/changelog +++ b/debian/changelog @@ -218,6 +218,8 @@ dpkg (1.16.1) UNRELEASED; urgency=low * Do not fail on --compare-version when generating parse warnings. Existing packages with invalid versions should not fail on their maintainer scripts due to that. + * Use the user name (instead of the user id) when setting the supplementary + groups in start-stop-daemon. Closes: #641834 [ Updated dpkg translations ] * German (Sven Joachim). Closes: #620312
Guillem Jover <email@example.com>:
Andreas Pretzsch <firstname.lastname@example.org>:
Message #20 received at email@example.com (full text, mbox):
Source: dpkg Source-Version: 1.16.1 We believe that the bug you reported is fixed in the latest version of dpkg, which is due to be installed in the Debian FTP archive: dpkg-dev_1.16.1_all.deb to main/d/dpkg/dpkg-dev_1.16.1_all.deb dpkg_1.16.1.dsc to main/d/dpkg/dpkg_1.16.1.dsc dpkg_1.16.1.tar.bz2 to main/d/dpkg/dpkg_1.16.1.tar.bz2 dpkg_1.16.1_amd64.deb to main/d/dpkg/dpkg_1.16.1_amd64.deb dselect_1.16.1_amd64.deb to main/d/dpkg/dselect_1.16.1_amd64.deb libdpkg-dev_1.16.1_amd64.deb to main/d/dpkg/libdpkg-dev_1.16.1_amd64.deb libdpkg-perl_1.16.1_all.deb to main/d/dpkg/libdpkg-perl_1.16.1_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to firstname.lastname@example.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Guillem Jover <email@example.com> (supplier of updated dpkg package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing firstname.lastname@example.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Fri, 23 Sep 2011 06:00:11 +0200 Source: dpkg Binary: libdpkg-dev dpkg dpkg-dev libdpkg-perl dselect Architecture: source amd64 all Version: 1.16.1 Distribution: unstable Urgency: low Maintainer: Dpkg Developers <email@example.com> Changed-By: Guillem Jover <firstname.lastname@example.org> Description: dpkg - Debian package management system dpkg-dev - Debian package development tools dselect - Debian package management front-end libdpkg-dev - Debian package management static library libdpkg-perl - Dpkg perl modules Closes: 147583 231089 245322 293280 308082 454694 489771 525160 526774 552123 560070 560251 603435 604241 606839 608260 610940 615899 616609 619131 620312 620490 620520 621066 622094 626684 627462 628055 628726 629582 630533 630996 631435 631439 631494 631547 631757 631808 632168 632937 633539 633627 634510 634961 635467 635683 636700 637096 637564 638291 639229 639997 640198 640298 641834 Changes: dpkg (1.16.1) unstable; urgency=low . [ Raphaël Hertzog ] * Dpkg::Deps: Implement new "reset" method and bump module version to 1.01 due to this. * Improved description of --search in dpkg-query(1). Closes: #621066 Thanks to Lars Buitinck <email@example.com> for the patch. * Let update-alternatives fsync() its administrative files before moving them in place to avoid empty files with some filesystems. LP: #344019 * Tighten the regexp used by dpkg-source to ignore the .pc directory of quilt. Thanks to Mike Hommey for noticing the problem. * Change behaviour of dpkg-source's --extend-diff-ignore to also extend the current diff-ignore if it has already been set. * Fix dependency checking code to consider a dependency on a virtual package provided by a package in triggers-pending status as satisfied. * Do not fail when encountering a pre-dependency in triggers-awaited state, instead process the awaited triggers. Closes: #526774 * "any" no longer hides "all" in the Architecture field of a .dsc. * Fix dpkg --remove to really remove the triggers from the various internal files in /var/lib/dpkg/info/triggers/. Closes: #525160 * Avoid a perl warning in dpkg-gensymbols when no symbols file has been generated (because it would have been empty). Closes: #626684 * Re-enable the Package-List field but drop the Architecture column since we have no clear use case yet. It can always be added later on. Also drop the source line since it duplicates other fields. Closes: #619131 * Add the extraction part of Dpkg::Source::Package to the supported API. Useful to extract source packages without having to depend on dpkg-source (and hence dpkg-dev). * Add the Dpkg::Vendor module to the supported API. Useful for lintian when dpkg-dev is absent. * Check presence of required parameters in dpkg-vendor. Closes: #628726 Thanks to Niels Thykier <firstname.lastname@example.org> for the patch. * Avoid a Perl warning in dpkg-buildflags when HOME is not set. Closes: #635467 * dpkg-source can now also use debian/source/local-patch-header (that is not included in the generated source package) instead of debian/source/patch-header. Closes: #629582 * Changed dpkg-source --after-build to automatically unapply patches that it has applied during --before-build. * Fix two possible causes for the assertion failure "pigp->trigpend_head". LP: #798793, #424358 Closes: #560251 * Use "special" instead of "particular" to qualify the "3.0 (custom)" format in dpkg-source(1). Closes: #631435 * Add some supplementary checks to ensure debian/control has the required fields. Closes: #631439 * dpkg-gensymbols(1): document syntax of comments. Closes: #630996 * Allow empty lines in symbols files to better delimit multiple libraries. Thanks to Cyril Brulebois <email@example.com> for the patch. * dpkg: if "prerm upgrade" fails when downgrading, do not try to run "prerm failed-upgrade" with the prerm of the oldest prerm, it can't work around a bug of a newer prerm anyway. * dpkg: support new "interest-noawait" and "activate-noawait" trigger directives. * dpkg-buildflags(1): make it clear that DEB_*_(SET|APPEND) environment variables are meant for users and should not be used by packages. * update-alternatives: do not allow to reuse a slave link in another slave alternative. Closes: #631547 * Improve dpkg-source's logic to identify ignored files. Closes: #632168 * Fix a small typo in dpkg-source(1). Closes: #632937 * Reword the description of dpkg-source --before-build and --after-build to be clearer. Closes: #608260 * dpkg-buildpackage no longer exports the compiler flags. Closes: #560070 Packages must directly call dpkg-buildflags to retrieve them. * dpkg-buildflags supports a prepend command to modify the build flags. Particularly useful for package maintainers who don't want their supplementary flags to take precedence over user submitted flags. * Add new --dump action to dpkg-buildflags and make it the default action. Closes: #603435 * dpkg-mergechangelogs now checks the return value of the close() call. Thanks to Niels Thykier <firstname.lastname@example.org> for the patch. Closes: #633539 * Similar changes to dpkg-shlibdeps and dpkg-gencontrol, also by Niels. * Fix update-alternatives to not remove a real file when dropping a symlink for a slave that's not provided by the new current choice. Closes: #633627 * Improve dpkg-source's error message complaining about the lack of the upstream tarball. Closes: #634510 * Add some common makefile snippets for use in rules files in /usr/share/dpkg/: default.mk, architecture.mk, buildflags.mk, pkg-info.mk, vendor.mk Closes: #606839 * Fix the dpkg-divert test-suite to also skip test that would fail if run under root. Closes: #634961 * Change merge conflict separators created by dpkg-mergechangelogs to match the usual norm of being composed of 7 characters. LP: #815700 * With source format 2.0 and 3.0 (quilt), dpkg-source now fails by default when upstream changes have not been recorded in a quilt patch. The new --commit operation can be used to properly record the changes before-hand. LP: #797839 And it fails before installing the automatic patch in debian/patches/ Closes: #615899 * dpkg-buildflags now supports "--export=configure" to output compilation flags on a single line with double quotes as delimiter of the various values. It also uses DEB_<flag>_MAINT_<op> to let the maintainer extend the build flags to use. Last but not least, it can now also strip options from the returned build flags. * Fix possible segfault of dpkg in findbreakcycle(). LP: #733414 * dpkg-source now properly cleans up the temporary tarball generated for native formats in case of unexpected interruption. Closes: #631494 * Fix simplification logic of union dependencies. Closes: #637564 * Fix dpkg's handling of a hardlink pointing to a conffile. Closes: #638291 * Add example of extend-diff-ignore's usage in dpkg-source(1). Closes: #640198 * dpkg-buildflags now returns hardening flags by default. Closes: #489771 They can be individually enabled/disabled via DEB_BUILD_MAINT_OPTIONS, see dpkg-buildflags(1). Thanks to Kees Cook for his help. . [ Guillem Jover ] * Install deb-src-control(5) man pages in dpkg-dev. Closes: #620520 * Add ‘.gitmodules’ to the default dpkg-source ignore lists. Closes: #620490 * Document in dpkg-query(1) man page that on --listfiles each list of files per package name is separated by a blank line. Same goes for --status and --print-avail. * Use execvp(3) unconditionally in command_exec(). Making the call always fallback to use the system shell in case of error, such as with empty maintainer scripts. Thanks to Jonathan Nieder <email@example.com>. Closes: #622094 * Improve deb-split(5) format description by splitting debian-split member contents into a list. * Switch to debhelper compatibility level 7. - Use dh_prep instead of deprecated “dh_clean -k”. * Bump Standards-Version to 3.9.2 (no changes needed). * Generate filenames following current conventions on “dpkg-split --join”, by including the architecture in the debian-split member of a split package and using underscores to separate filename parts. * Support conffiles with spaces when diffing them. Closes: #147583 * Allow installing packages with bogus versions with new --force-bad-version. * Do not fail when unpacking a diverted hardlink. Closes: #245322 Based on a patch by Christopher Baines <firstname.lastname@example.org>. * Document in dpkg-deb(1) that --fsys-tarfile will always process the input archive sequentially. Closes: #616609 * Remove long non-functional --new and --old dpkg-deb option handling from dpkg which were being treated as dpkg commands. * Remove reference to --nocheck dpkg-deb option from dpkg man page as the latter does not pass it to the former. * Clarify the current dpkg behaviour when running the dpkg-deb and dpkg-query back-ends, of not passing through back-end specific options when running them from dpkg. Closes: #610940 * Use “unselected” as an adjective in dpkg output messages instead of “deselected”. Closes: #231089 * Clarify exit status in dpkg-split and start-stop-daemon --help output. * Clarify “EXIT STATUS” section in man pages by using a table. * Add a --status command to start-stop-daemon returning LSB Init Script status action exit codes. * Add start-stop-daemon process name kernel limits for Solaris, NetBSD, OpenBSD, FreeBSD and Darwin. * On package removal, keep only directories actually containing conffiles, and not directories just matching the substring in the conffile or the directory itself. Thanks to Ondřej Surý <email@example.com>. * On purge correctly remove symlinks acting as directories, when they are not being used by any other package's files. * Do not lose track of parent directories on removal so that they can be properly cleaned up on purge if not used by any other package. Based on a patch by Ondřej Surý <firstname.lastname@example.org>. Closes: #454694 * Add ‘.hgsigs’ to the default dpkg-source ignore lists. Based on a patch by Jakub Wilk <email@example.com>. Closes: #627462 * Do not allow blank lines in field values. Closes: #308082 * Do not warn on missing architecture on packages in config-files state, but then make sure the architecture field is usable. Closes: #604241 * Run du with --apparent-size when generating the Installed-Size field in dpkg-gencontrol to get consistent results independent of build system. Thanks to Ludovic Brenta <firstname.lastname@example.org>. Closes: #630533 * Do not fail to unpack shared directories missing on the file system from packages being replaced by other packages. Closes: #631808 * Do not require programs to define thisname, provide two new functions to handle the program name (dpkg_set_progname and dpkg_get_progname). Closes: #631757 * Man pages cleanup: - Rename “USAGE” dselect(1) section to “ACTIONS” and clarify they can be performed interactively or from command line. - Add missing built-in methods to dselect(1). - Add missing escaping to field dashes in deb-control(5). - Use dashes instead of underscores for variable text. - Clarify that several front-end fields are not dselect specific in dpkg-query(1). - Use [option...] instead of [options] and friends. - Use italics or bold instead of surrounding the text with <>. - Correctly format text with bold and italics. - Use minus signs and hyphens consistently in man pages. - Fix reference to /etc/dpkg/dselect.cfg.d instead of dpkg.cfg.d in dselect(1). - Add missing optional group|gid --chuid argument in start-stop-daemon(8). * Refer to Sources and Packages files as part of a repository instead of as being of exclusive use or owned by APT, which has never been the case. * Unify somewhat dpkg-maintscript-helper --help output with other commands. * Add build-indep and build-arch targets as aliases for build in debian/rules. * Use the perl interpreter found by configure to call dpkg-architecture.pl in the m4 DPKG_ARCHITECTURE macro. * Add new --verbose option to dpkg-deb and change --extract to honour it. Closes: #293280 * Add new --raw-extract option to dpkg-deb combining --control and --extract. Closes: #552123 * Defer hardlink renames so that there's never a point were the new file contents are accessible from the final path before they have been fsync()ed and cannot be executed causing ETXTBSY when trying to open the to be installed paths for writing. Thanks to Jonathan Nieder <email@example.com>. Closes: #635683 * Clarify the default dpkg-deb compression-levels on the man page. * Clarify dpkg --update-avail usage error message. Closes: #628055 * Change Dpkg::Compression default values depending on the compressor used, and as such dpkg-source inherits this functionality. Prompted by Timo Juhani Lindfors <firstname.lastname@example.org>. * Print an actual error or warning message instead of assert()ing on readlink()/stat() size discrepancies. Closes: #639229 * Update alternative links only if they change. This allows for a read-only file system and a writable database. Closes: #636700 Based on a patch by Salvatore Bonaccorso <email@example.com>. * Fix double “error:” string in dpkg missing PATH error output. Closes: #639997 * Do not warn on strange timestamps when unpacking with dpkg-deb. Closes: #640298 * Reduce dpkg-trigger binary size by refactoring libdpkg modules so that it does not end up pulling triglib. * Reduce dpkg-deb binary size by refectoring libdpkg modules so that it does not end up pulling triglib. * Do not fail on --compare-version when generating parse warnings. Existing packages with invalid versions should not fail on their maintainer scripts due to that. * Use the user name (instead of the user id) when setting the supplementary groups in start-stop-daemon. Closes: #641834 * Use --srcdir and --destdir po4a options, and bump Build-Depends version to 0.36.4. . [ Updated dpkg translations ] * German (Sven Joachim). Closes: #620312 * Swedish (Peter Krefting). * French (Christian Perrier). . [ Updated man page translations ] * French (Christian Perrier). * German (Helge Kreutzmann) including improvement by "Flo". * Swedish (Peter Krefting). . [ Updated scripts translations ] * French (Christian Perrier, Sylvestre Ledru). Closes: #637096 * German (Helge Kreutzmann). * Swedish (Peter Krefting). Checksums-Sha1: d8d9d5a8a9f134459987f5b187527c303498e902 1364 dpkg_1.16.1.dsc 9e8176c88fe2b31782ddae6d0a8f599c7e540e8d 5432348 dpkg_1.16.1.tar.bz2 a830d5633da7a96d5208a6f8a7a97e24865e7913 552790 libdpkg-dev_1.16.1_amd64.deb 470de180ac9fa5c95abfcf30a4d9a46cab269107 2218686 dpkg_1.16.1_amd64.deb 6e6ddbb681d1bbbb971299932f99d43a35f33750 1006884 dselect_1.16.1_amd64.deb b8394b2dfd4291ff206dec00e53c723fa0be902e 923836 dpkg-dev_1.16.1_all.deb 7940dc852c11e3a386ce014cd39ab7ce30e34f30 806604 libdpkg-perl_1.16.1_all.deb Checksums-Sha256: 3f1649796856228545ba610df340b47b923a31f6ebe8765c8f48e1dac7f11391 1364 dpkg_1.16.1.dsc f9363628a6fa1c24a1e9c41bd8977f9d5a7010bfca3ac9a6f8bf500e7e8df52b 5432348 dpkg_1.16.1.tar.bz2 96910fa1ed1371aa2b9e3147eecdf67e4e5f61fe7d7aaa97c27254f55a92c56d 552790 libdpkg-dev_1.16.1_amd64.deb d0e9691aa05c1b2567b06df0856ea05a211234e40dbc955e0266fa45fb32370c 2218686 dpkg_1.16.1_amd64.deb 4a1c44c98791f1aa1b59bfc4890a3f6aeef70319f930e1ca9b7354ede8e78125 1006884 dselect_1.16.1_amd64.deb 885d13576b93262151b5e920dd8971072668c0bd36b103ab0e82b97fcef52fcd 923836 dpkg-dev_1.16.1_all.deb b6fa511f2b059a85e3d5938c73a5805893a28438785a974bf0e46a53dc5da975 806604 libdpkg-perl_1.16.1_all.deb Files: c1e7858da79770b64427a99cc628889c 1364 admin required dpkg_1.16.1.dsc b94c9ed2493fd9dbb53a96f2e7f674ce 5432348 admin required dpkg_1.16.1.tar.bz2 99bbb9c901e7462d06472a27ffb6d67f 552790 libdevel optional libdpkg-dev_1.16.1_amd64.deb bed79ea34df74b42ebbc2ed13d3ed4cb 2218686 admin required dpkg_1.16.1_amd64.deb bd018624eca8f1cf04a0b588a6338622 1006884 admin optional dselect_1.16.1_amd64.deb 78c00b38545303cf8c8fcd4dd83f30a3 923836 utils optional dpkg-dev_1.16.1_all.deb f604975f555da4f710167be2b0d468f7 806604 perl optional libdpkg-perl_1.16.1_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAk58Dr0ACgkQuW9ciZ2SjJtZVwCgkPiancaq9ojJ2L0b8uEEjSC7 87YAoKtmUCgXZS/CfakXx860t2ijO84f =Cq2h -----END PGP SIGNATURE-----
Debbugs Internal Request <firstname.lastname@example.org>to
email@example.com. (Mon, 31 Oct 2011 07:35:35 GMT) Full text and rfc822 format available.
Send a report that this bug log contains spam.
Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.