Your message dated Tue, 23 Dec 2014 22:20:02 +0000
with message-id <e1y3xoa-0007yd...@franck.debian.org>
and subject line Bug#773107: fixed in dbus 1.8.12-3
has caused the Debian Bug report #773107,
regarding dbus-daemon-launch-helper permissions temporarily wrong during
upgrades
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
773107: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773107
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: dbus
Version: 1.8.12-1
Severity: important
dbus-daemon-launch-helper is expected to be setuid root and executable
by group messagebus, i.e. "root messagebus 4754" in dpkg-statoverride syntax.
However, because messagebus is a dynamically-allocated system group,
the file in the .deb is actually "root root 0755", with ownership
and permissions fixed up during installation.
At the moment we just do a trivial chown/chmod in the postinst:
if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then
chown root:"$MESSAGEUSER" "$LAUNCHER"
chmod 4754 "$LAUNCHER"
fi
However, this is not as robust as it could be. When a new dbus has been
unpacked but not yet configured, dbus-daemon-launch-helper is
temporarily "root root 0755", breaking system service activation.
While upgrading a wheezy laptop to jessie, I hit one of the current dpkg
bugs with trigger cycles (man-db -> man-db) which stopped the upgrade
while dbus was in this state. An error message from PackageKit notification
demonstrated the bug:
dpkg: cycle found while processing triggers:
chain of packages whose triggers are or may be responsible:
man-db -> man-db
...
Error: GDBus.Error:org.freedesktop.DBus.Error.Spawn.PermissionsInvalid: The
permission of the setuid helper is not correct
E: Sub-process /usr/bin/dpkg returned an error code (1)
I think we could make dbus more robust by following the pattern
suggested in Policy ยง10.9:
# postinst
if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then
dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER"
fi
# postrm, $1 = purge
if dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1 ; then
dpkg-statoverride --remove "$LAUNCHER"
fi
This would not immediately help upgrades from current dbus versions to the
first version with this bug fixed, but all subsequent upgrades
(e.g. jessie -> stretch) would avoid the broken transitional state.
We could optionally also do something like this in preinst:
# preinst
if getent group "$MESSAGEUSER" >/dev/null && \
-x "$LAUNCHER" && \
! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then
dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER"
fi
to improve the robustness of upgrades from current dbus versions to the
fixed version.
Regards,
S
--- End Message ---
--- Begin Message ---
Source: dbus
Source-Version: 1.8.12-3
We believe that the bug you reported is fixed in the latest version of
dbus, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 773...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Simon McVittie <s...@debian.org> (supplier of updated dbus package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Tue, 23 Dec 2014 21:21:20 +0000
Source: dbus
Binary: dbus dbus-udeb dbus-x11 libdbus-1-3 libdbus-1-3-udeb dbus-1-doc
libdbus-1-dev dbus-1-dbg
Architecture: all source
Version: 1.8.12-3
Distribution: unstable
Urgency: medium
Maintainer: Utopia Maintenance Team
<pkg-utopia-maintain...@lists.alioth.debian.org>
Changed-By: Simon McVittie <s...@debian.org>
Closes: 773107 773838
Description:
dbus-1-dbg - simple interprocess messaging system (debug symbols)
dbus-1-doc - simple interprocess messaging system (documentation)
dbus - simple interprocess messaging system (daemon and utilities)
dbus-udeb - simple interprocess messaging system (minimal runtime) (udeb)
dbus-x11 - simple interprocess messaging system (X11 deps)
libdbus-1-3 - simple interprocess messaging system (library)
libdbus-1-3-udeb - simple interprocess messaging system (minimal library)
(udeb)
libdbus-1-dev - simple interprocess messaging system (development headers)
Changes:
dbus (1.8.12-3) unstable; urgency=medium
.
* preinst: partially revert change from 1.8.12-2. It seems that the
preinst is too late to add a useful dpkg-statoverride entry: dpkg has
already loaded the statoverride database by this point, and if we add
the entry in the preinst, dpkg-statoverride won't run and have
its --update side-effect in the postinst. (Closes: #773107, #773838)
* postinst: don't run dpkg-statoverride with 2>/dev/null: in the unlikely
event that it fails for a reason other than "not overridden" (which
results in silently exiting 1), we'll want to know about it.
Checksums-Sha1:
dc67c8c95c8c014e55cec5d12e09fdceb9f272f8 2785 dbus_1.8.12-3.dsc
77245e95991359c4159df4cba0874b3280a1200b 37396 dbus_1.8.12-3.debian.tar.xz
ab3a5b5da3232a160137340d19f6493fbbe7a0a2 1326420 dbus-1-doc_1.8.12-3_all.deb
Checksums-Sha256:
d9000f30c76c03ff65e37ba046a60e7e1adff4ba5cc068f90d4d433ebd899578 2785
dbus_1.8.12-3.dsc
5a07f6a7e50664303fa88544d133123a79d85719be12d7c0b9b110d40a8957be 37396
dbus_1.8.12-3.debian.tar.xz
f1fcbfbd434abe6314d79d269e1191d0f79888281994748abd5f3d791fb76547 1326420
dbus-1-doc_1.8.12-3_all.deb
Files:
9f53154115a25d512d957449a3ef49ce 2785 admin optional dbus_1.8.12-3.dsc
641927be70047743f08253c49000bc53 37396 admin optional
dbus_1.8.12-3.debian.tar.xz
1a5136dc44a9961bb20f4e019616043d 1326420 doc optional
dbus-1-doc_1.8.12-3_all.deb
-----BEGIN PGP SIGNATURE-----
iQIVAwUBVJnnsE3o/ypjx8yQAQgmzg//SlIza5Tyz/KvBbwbdaxcBJO9TWaP46ca
yyEkYXMarRZH27t5UAHY5rXKPAuHCKPGOKU27pasuaqCBQN1/U2gV5hNPQoWerzT
0JR4P3uDC4yCRnAYLV1/vH9MJb7zGYDMWwSSLYyLh/b9t9kR0u9dqn4L0FbS8JWy
w6Kehf0SpBLLAD4EsRaiXnCm2O4oePs+mb1S+2kFPxR4avzrLyjf0OuLyRKOmdR/
jhIZdMGbRjOEx5HQpeSB3xvnWxhrT3VLcTcnxsiyLGAPQoRgqokwI2KFSbVlUa0S
FA245tYtsjIwVgrqHSAhdMo7gnnqedquQjZZ1w/HltG33amPIIXeg0JzOvf7TueF
zchODx8ifp5KF0A1NObhjhzyakglGVpxFMAixkK3HkRKJ7u7x/mx6StUoSO+YYdY
MCayXuEBDRwCPczxI1Tl3yK/c2weWmtGkPVi65ne9K34mXLBOSgl0qJV9ukYEavf
OQRo0L16/5t11eu9tlE3sHErJV39RLVWjOwANOU+FBd5x5jyTp1i1iDuckPN+Phh
mrTPGomgSiW/INE/C5wjIxamy67fcXtntTOSgSboxj8Yu6VdXx+v1rvKn2cqmlkU
JlZRNxFu5x5FZTCwRscEybK8JSwnZz27su2iniz9PyyYjOMCxUPTB8HfKw5Osybt
JYoNyj0ueMU=
=EB4/
-----END PGP SIGNATURE-----
--- End Message ---
