Hello,
Introduction
============
As reported in #276419, su in the login Debian package doesn't permit to
specify options to the invoked shell and doesn't respect quoted arguments.
We plan to revert this behavior and follow su's documentation and other
implementations.
Short details
=============
Packages passing a command in argument to su must use su's -c option
and must quote the command if it contains a space.
For example:
su - root -c "ls -l /"
The following commands won't work anymore:
su - root -c ls -l /
su - root "ls -l /"
su - root ls -l /
There will be no problems for backports. -c can be used and arguments
quoted, with the past and future versions.
Needed adaptations
==================
We tried to find the packages that will be affected by this transition.
We did not audit the full archive, but focused on [1]:
* maintainer scripts [2]
* packages with an init.d script (based on a sid Contents-i386)
* packages with an cron script (based on a sid Contents-i386)
* native packages (on sid i386)
(In general, archives embedded in source packages were not checked)
Package needing changes
-----------------------
Micah Anderson <[EMAIL PROTECTED]>
backupninja-0.9.2/handlers/pgsql
backupninja-0.9.2/handlers/mysql
backupninja-0.9.2/examples/example.rdiff
Raphael Bossek <[EMAIL PROTECTED]>
python-4suite-0.99cvs20051115/debian/python-4suite-server.init.d
Phil Brooke <[EMAIL PROTECTED]>
yiff-2.14.2/build_and_install
Arnaud Kyheng <[EMAIL PROTECTED]>
gnunet-0.7.0b/contrib/init_gnunet_ubuntu
Brian May <[EMAIL PROTECTED]>
amavisd-new-2.3.3/debian/amavisd-new.cron.daily
Peter Palfrader <[EMAIL PROTECTED]>
echolot-2.1.8/debian/echolot.init
Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
samhain-2.0.10a/init/samhain.start.in
To be checked
-------------
Roderick Schertler <[EMAIL PROTECTED]>
debget-1.5/debget
(It should be OK. According to the code, it works with GNU su)
maybe
-----
Stefan Hornburg (Racke) <[EMAIL PROTECTED]>
courier-0.52.1/courier.lpspec(.in)? (maybe not used on Debian)
courier-0.52.1/courier.spec(.in)? (maybe not used on Debian)
Kenneth J. Pronovici <[EMAIL PROTECTED]>
cedar-backup2-2.7.2/CedarBackup2/peer.py (depends on executeCommand)
Arnaud Quette <[EMAIL PROTECTED]>
nut-2.0.2/scripts/HP-UX/nut-drvctl.sh (maybe not used on Debian)
nut-2.0.2/scripts/HP-UX/nut-upsd.sh (maybe not used on Debian)
Taku YASUI <[EMAIL PROTECTED]>
murasaki-0.8.11/scripts/printer (su $USER -c $CMD, $CMD may have a
space)
Debian Webmin maintainers <[EMAIL PROTECTED]>
usermin-1.160/cron/config-aix (maybe not used on Debian)
usermin-1.160/web-lib-funcs.pl
usermin-1.160/shell/index.cgi
usermin-1.160/fetchmail/check.pl
usermin-1.160/commands/run.cgi
usermin-1.160/postgresql/postgresql-lib.pl
webmin-1.230/web-lib-funcs.pl
webmin-1.230/cron/config-aix
webmin-1.230/custom/run.cgi
In comments or documentation
----------------------------
Clint Adams <[EMAIL PROTECTED]>
bricolage-1.8.8/bin/bric_ftpd
Joel Aelwyn <[EMAIL PROTECTED]>
debpool-0.2.2/debian/README.User
Debian Qt/KDE Maintainers <debian-qt-kde@lists.debian.org>
kdenetwork-3.5.0/kopete/protocols/meanwhile/README
Henrique de Moraes Holschuh <[EMAIL PROTECTED]>
cyrus21-imapd-2.1.18/debian/cyrus21-common.postinst
Robert Jordens <[EMAIL PROTECTED]>
remstats-1.0.13a/INSTALL
remstats-1.0.13a/docs/book.tex (and other formats)
remstats-1.0.13a/docs/install-user.pod
remstats-1.0.13a/docs/install.pod
remstats-1.0.13a/docs/install.txt
Matthias Klose <[EMAIL PROTECTED]>
sqlrelay-0.36.4/doc/gettingstarted/interbase.html
Guus Sliepen <[EMAIL PROTECTED]>
dhis-client-5.3/README
Craig Small <[EMAIL PROTECTED]>
lprng-3.8.28/DOCS/LPRng-Reference.html
lprng-3.8.28/DOCS/LPRng-Reference.sgml
lprng-3.8.28/DOCS/LPRng-Reference-Multipart/x9198.htm
Jonas Smedegaard <[EMAIL PROTECTED]>
pop-before-smtp-1.36/contrib/README.rootless-install
Transition plan
===============
A package will be first available for testing on experimental.
If you know that your package uses su, it would be nice if you could test
it with the login package (which will be uploaded) on experimental.
The SU_NO_SHELL_ARGS environment variable will restore the previous
behavior. The support for this variable should be dropped after Etch.
login will conflict with the package of the first category. When fixed,
these packages do not need a versionned dependency on login.
Recommandation
==============
You should follow the following synopsis for your su commands.
(This will give you more chance to be portable and to work on
POSIXLY_CORRECT environments)
su [options] [-] [username [args]]
[args] are arguments passed to the shell
Specifically:
* It is preferable to provide -c in [args] rather than in [options].
* su - root -p doesn't work if the POSIXLY_CORRECT environment
variable is set.
The following packages don't follow these rules:
Stefan Hornburg (Racke) <[EMAIL PROTECTED]>
interchange-5.3.2/debian/interchange.cron.daily
interchange-5.3.2/scripts/restart.PL
Michael Biebl <[EMAIL PROTECTED]>
powersave-0.9.25/scripts/wm_shutdown
powersave-0.9.25/scripts/do_screen_saver
powersave-0.9.25/scripts/wm_logout
powersave-0.9.25/scripts/x_helper_functions
Popularity Contest Developers <[EMAIL PROTECTED]>
popularity-contest-1.31/debian/cron.weekly
popularity-contest-1.31/FAQ
Robert Luberda <[EMAIL PROTECTED]>
dwww-1.9.26/dwww-format-man
Andreas Metzler <[EMAIL PROTECTED]>
findutils-4.2.26/locate/updatedb.sh
Paul Waite <[EMAIL PROTECTED]>
axyl-2.1.9/db/postgres/install-db.sh
Debian Webmin maintainers <[EMAIL PROTECTED]>
usermin-1.160/web-lib-funcs.pl
usermin-1.160/commands/run.cgi
webmin: ditto
[1] The rationale is that we consider there is a greater chance to find
problems on Debian specific packages/scripts since it would have fail
on other OS (on RedHat, Gentoo, Mandriva, SunOS).
Probably 10% of the archive was audited.
[2] Thanks to Bill Allombert
http://lists.debian.org/debian-devel/2005/11/msg01215.html
Kind Regards,
--
Nekral
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
