Bug#831390: libnss-extrausers is not thread safe, in particular for function getgrouplist()

2024-07-24 Thread Olaf Seibert 
This bug seems to have been inactive for many years. In the mean time
there has been a discussion on
https://sourceware.org/bugzilla/show_bug.cgi?id=27731 about
getgrouplist().

The conclusion from this is that libnss-extrausers should supply a
function _nss_extrausers_initgroups_dyn() that in a thread-safe way
should provide the required information.

Via https://forge.univention.org/bugzilla/show_bug.cgi?id=39775 it seems
that somebody even made a patch which supplies that version, but then
still uses the non-thread safe functions to implement it.

Is there even still an upstream for this library? The only place I could
find was with debian packages such as
https://packages.debian.org/sid/libnss-extrausers . From there you can
try to find an upstream in the .dsc file. That links to
https://anonscm.debian.org/cgit/collab-maint/libnss-extrausers.git/log/?h=debian
which no longer seems to exist...

(https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831390)

--
Olaf Seibert
Site Reliability Engineer

SysEleven GmbH
Boxhagener Straße 80
10245 Berlin

T +49 30 233 2012 0
F +49 30 616 7555 0

https://www.syseleven.de
https://www.linkedin.com/company/syseleven-gmbh/

Current system status always at:
https://www.syseleven-status.net/

Company headquarters: Berlin
Registered court: AG Berlin Charlottenburg, HRB 108571 Berlin
Managing directors: Andreas Hermann, Jens Ihlenfeld, Norbert Müller, Jens 
Plogsties

Bug#960661: multistrap: Incorrect error message when downloading keyring package fails

2020-05-15 Thread Olaf Seibert 
Package: multistrap
Version: 2.2.0ubuntu2
Severity: minor
Tags: patch

Dear Maintainer,

I am sending this from a system that deliberately has no Internet
access, and reportbug does not handle that well. So I had to copy/paste
this message into Thunderbird on another machine, which in turn doesn't
seem to let me add mail headers such as X-Debbugs-Cc: o.seib...@syseleven.de

If you run multistrap on a configuration which includes keyrings, such
as

> [ubuntu-security]
> source=http://archive.ubuntu.com/ubuntu
> keyring=ubuntu-keyring
> suite=focal-security
> components=main universe restricted

and downloading the keyring fails for whatever reason, the error message
is wrong.

This can much more easily happen if the patch for bug 870166 is not
applied, because then multistrap then wrongly thinks that a download
failed, the second time a keyring is processed.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=870166

Patch:

--- multistrap.old    2020-05-15 08:42:45.807146828 +
+++ multistrap    2020-05-15 08:43:32.878945964 +
@@ -300,7 +300,7 @@
     my $file = `find /var/cache/apt/archives/ -name
"$keyring_pkg*"|grep -m1 $keyring_pkg`;
     chomp ($file);
     if ($file eq "") {
-            my $msg = sprintf (_g("Unable to download keyring package:
'%s'"),$dir);
+            my $msg = sprintf (_g("Unable to download keyring package:
'%s'"),$keyring_pkg);
         die "$progname: $msg\n";
     }
     my $xdir = `mktemp -d -t keyring.XX`;

-- System Information:
Debian Release: stretch/sid
  APT prefers xenial-updates
  APT policy: (500, 'xenial-updates'), (500, 'xenial-security'), (500,
'xenial')
Architecture: amd64 (x86_64)

Kernel: Linux 4.15.0-70-generic (SMP w/8 CPU cores)
Locale: LANG=en, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL
set to en_US.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages multistrap depends on:
ii  apt    1.2.32
ii  libconfig-auto-perl    0.44-1
ii  liblocale-gettext-perl 1.07-1build1
ii  libparse-debian-packages-perl  0.03-2
ii  perl   5.22.1-9ubuntu0.6

Versions of packages multistrap recommends:
pn  emdebian-archive-keyring  

Versions of packages multistrap suggests:
ii  fakeroot  1.20.2-1ubuntu1

-- no debconf information

-- 
SysEleven GmbH
Boxhagener Straße 80
10245 Berlin

T +49 30 233 2012 0
F +49 30 616 7555 0

http://www.syseleven.de
http://www.facebook.com/SysEleven
https://www.instagram.com/syseleven/

Aktueller System-Status immer unter:
http://www.twitter.com/syseleven

Firmensitz: Berlin
Registergericht: AG Berlin Charlottenburg, HRB 108571 B
Geschäftsführer: Marc Korthaus, Jens Ihlenfeld