Your message dated Thu, 28 Feb 2019 19:41:05 +0100
with message-id <[email protected]>
and subject line Re: systemd: Postinstall script calls systemd-tmpfiles with
absolute paths
has caused the Debian Bug report #919644,
regarding systemd: Postinstall script calls systemd-tmpfiles with absolute paths
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
919644: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919644
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: systemd
Version: 232-25+deb9u8
Severity: important
Dear Maintainer,
The systemd postinstall script calls 'systemd-tmpfiles --create' with absolute
paths, e.g. /usr/lib/tmpfiles.d/home.conf .
As absolute paths are used, the system administrator can not overrule those
settings using config files in /etc/tmpfiles.d .
We noticed this behaviour, as systemd-tmpfiles tries to change permissions of
/home, which fails in our case as it is an NFS mount.
So in our case our permission policy is not effectivly violated, however, other
users might not be in this situation.
Using only basename filenames instead, e.g. 'systemd-tmpfiles --create
home.conf [...]', would allow both the debian postinstall script to specify
configuration files to be evaluated by systemd-tmpfiles,
as well as the administrator to override settings of those configuration files.
See also 'man systemd-tmpfiles'.
-- Package-specific info:
-- System Information:
Debian Release: 9.6
APT prefers stable-debug
APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.9.124.wap (SMP w/2 CPU cores)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages systemd depends on:
ii adduser 3.115
ii libacl1 2.2.52-3+b1
ii libapparmor1 2.11.0-3+deb9u2
ii libaudit1 1:2.6.7-2
ii libblkid1 2.29.2-1+deb9u1
ii libc6 2.24-11+deb9u4~mi
ii libcap2 1:2.25-1
ii libcryptsetup4 2:1.7.3-4
ii libgcrypt20 1.7.6-2+deb9u3
ii libgpg-error0 1.26-2
ii libidn11 1.33-1
ii libip4tc0 1.6.0+snapshot20161117-6
ii libkmod2 23-2
ii liblz4-1 0.0~r131-2+b1
ii liblzma5 5.2.2-1.2+b1
ii libmount1 2.29.2-1+deb9u1
ii libpam0g 1.1.8-3.6
ii libseccomp2 2.3.1-2.1+deb9u1
ii libselinux1 2.6-3+b3
ii libsystemd0 232-25+deb9u8
ii mount 2.29.2-1+deb9u1
ii procps 2:3.3.12-3+deb9u1
ii util-linux 2.29.2-1+deb9u1
Versions of packages systemd recommends:
ii dbus 1.10.26-0+deb9u1
ii libpam-systemd 232-25+deb9u8
Versions of packages systemd suggests:
ii policykit-1 0.105-18+deb9u1
pn systemd-container <none>
pn systemd-ui <none>
Versions of packages systemd is related to:
pn dracut <none>
ii initramfs-tools 0.130
ii udev 232-25+deb9u8
-- Configuration Files:
/etc/systemd/journald.conf changed [not included]
/etc/systemd/logind.conf changed [not included]
-- no debconf information
--- End Message ---
--- Begin Message ---
Hi
On Fri, 18 Jan 2019 09:32:21 +0100 Julian Dammann
<[email protected]> wrote:
> Package: systemd
> Version: 232-25+deb9u8
> Severity: important
>
> Dear Maintainer,
>
> The systemd postinstall script calls 'systemd-tmpfiles --create' with
> absolute paths, e.g. /usr/lib/tmpfiles.d/home.conf .
> As absolute paths are used, the system administrator can not overrule those
> settings using config files in /etc/tmpfiles.d .
>
> We noticed this behaviour, as systemd-tmpfiles tries to change permissions of
> /home, which fails in our case as it is an NFS mount.
> So in our case our permission policy is not effectivly violated, however,
> other users might not be in this situation.
>
> Using only basename filenames instead, e.g. 'systemd-tmpfiles --create
> home.conf [...]', would allow both the debian postinstall script to specify
> configuration files to be evaluated by systemd-tmpfiles,
> as well as the administrator to override settings of those configuration
> files. See also 'man systemd-tmpfiles'.
Those systemd-tmpfiles calls are generated by dh_installinit (in
stretch) and dh_installsystemd (in buster)
It's thus a problem of debhelper.
Fortunately, it has been fixed in debhelper 11.3:
* dh_installsystemd: Use the basename of the "tmpfiles" config
files. This makes "systemd-tmpfiles --create" search for it
in both /usr/lib/tmpfiles.d and in /etc/tmpfiles.d. With
this change the system administrator can now override the
"tmpfiles" config shipped by the package in
/usr/libtmpfiles.d. Thanks to Nick Groenen and Seyeong Kim
for filing the bug. (Closes: #894510)
* dh_installinit: Ditto.
This means the problem is not really fixable for stretch, as it would
require a newer version of debhelper in stable, which is not going to
happen, unfortunately.
Regards,
Michael
--
Why is it that all of the instruments seeking intelligent life in the
universe are pointed away from Earth?
signature.asc
Description: OpenPGP digital signature
--- End Message ---
_______________________________________________
Pkg-systemd-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-systemd-maintainers
