Hi,
So AFAICT this init script:
Deletes old recovery/crash files from the nvi text editor
Possibly emails some of them to the users
This seems like it makes more sense as a cron job that an
administrator can customize instead of a script that only runs at
bootup. I'd suggest just having it avai
Depending on how it's modified to fix that bug, I think it could
introduce a security issue as it:
* doesn't seem like an upstream script designed to run as root
* seems racy (especially after checking if something is a symlink)
* handles user content as root
AFAICT being at runlevel S at least
This appears to be the simplest fix for the bug, moving from using
runlevel S to runlevel 1. I don't believe this makes the security
situation any worse.
nvi_1.81.6-12.debdiff
Description: Binary data
Apologies, that debdiff will not solve our problems and will break
badly on sysv.
Here is a debdiff that implements a systemd unit.
(This is the first unit I've written, so review definitely needed)
nvi_1.81.6-12.debdiff
Description: Binary data
Thanks for the review Felipe
> Why did you preserve runlevel S? I don't think this really belongs in
> recovery mode.
Changed
>> +;;
>> + stop|restart|reload|force-reload)
>
> restart (and force-reload?) should probably re-run the recovery script.
Changed.
>> +Description=To recover nvi e
On Mon, Nov 2, 2015 at 5:24 PM, Felipe Sateler wrote:
++if [ -n "$sessions_found" ] ; then
++echo "done."
++else
++echo "none found."
++fi
>>>
>>> This is a behavior change: previously the recover script would not
>>> print any output. Maybe this should not
> You need to remove the -- "$@" part: it is being added twice to the
> resulting scripts (check debian/nvi/DEBIAN/{pre,post}* after a build):
>
> dpkg-maintscript-helper rm_conffile /etc/init.d/nviboot 1.81.6-12 nvi
> -- "$@" -- "$@"
>
>>> Thanks for your work!
>> Thanks for all your work reviewi
8 matches
Mail list logo
