Aaron M. Ucko
2004-May-16 18:34 UTC
[Logcheck-devel] Bug#249324: gratuitously recreates logcheck user
Package: logcheck
Version: 1.2.20
Severity: important
For some reason, logcheck.preinst unconditionally deletes and (re)adds
the logcheck user. This can have the effect of changing its uid,
which is problematic if cron has cached the old uid (as I have
observed it to do).
Please conditionalize that code on upgrading from versions prior to
1.2.19:
case "$1" in
install|upgrade)
if dpkg --compare-versions "$2" lt 1.2.19; then
...
fi
;;
esac
The postinst's chown/chgrp/chmod calls should probably also be
conditional to support admins who want somewhat different setups for
whatever reason. (I don't happen to, but I can imagine some might.)
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 2.4.26
Locale: LANG=en_US, LC_CTYPE=en_US
Versions of packages logcheck depends on:
ii adduser 3.53 Add and remove users and groups
ii cron 3.0pl1-83 management of regular background p
ii debconf [debconf-2.0] 1.4.25 Debian configuration management sy
ii debianutils 2.8.2 Miscellaneous utilities specific t
ii exim4 4.34-1 An MTA (Mail Transport Agent)
ii exim4-daemon-heavy [mai 4.34-1 Exim (v4) with extended features,
ii lockfile-progs 0.1.10 Programs for locking and unlocking
ii logcheck-database 1.2.20 A database of system log rules for
ii logtail 1.2.20 Returns parts of logfiles that hav
ii mailutils [mailx] 1:0.4+20040414-4 GNU mailutils utilities for handli
ii sysklogd [system-log-da 1.4.1-14 System Logging Daemon
-- debconf information:
logcheck/security_level: workstation
logcheck/manage_conffiles: true
logcheck/upgrade-note:
* logcheck/noroot:
* logcheck/changes:
* logcheck/install-note:
logcheck/email_address: root
logcheck/rewrite-note:
Eric Evans
2004-May-16 21:42 UTC
[Logcheck-devel] Bug#249324: gratuitously recreates logcheck user
This has been fixed in CVS and the bug will be closed on the next upload. Thanks for the report! -- Eric Evans eevans at sym-link.com -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 189 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/logcheck-devel/attachments/20040516/35a2ddde/attachment.pgp
Debian Bug Tracking System
2004-Jun-03 10:18 UTC
[Logcheck-devel] Bug#249324: marked as done (gratuitously recreates logcheck user)
Your message dated Thu, 03 Jun 2004 06:02:03 -0400 with message-id <E1BVp2x-00024C-00 at newraff.debian.org> and subject line Bug#249324: fixed in logcheck 1.2.21 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -------------------------------------- Received: (at submit) by bugs.debian.org; 16 May 2004 18:34:39 +0000>From amu at ucko.debian.net Sun May 16 11:34:39 2004Return-path: <amu at ucko.debian.net> Received: from smtp03.mrf.mail.rcn.net [207.172.4.62] by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1BPQT9-0002vB-00; Sun, 16 May 2004 11:34:39 -0700 Received: from 216-15-37-107.c3-0.161-ubr3.lnh-161.md.cable.rcn.com ([216.15.37.107] helo=tux.internal.ucko.debian.net) by smtp03.mrf.mail.rcn.net with esmtp (Exim 4.32 #2) id 1BPQT8-00028k-TM for submit at bugs.debian.org; Sun, 16 May 2004 14:34:38 -0400 Received: from amu by tux.internal.ucko.debian.net with local (Exim 4.34) id 1BPQT4-0003ts-Eh for submit at bugs.debian.org; Sun, 16 May 2004 14:34:34 -0400 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: "Aaron M. Ucko" <ucko at debian.org> To: Debian Bug Tracking System <submit at bugs.debian.org> Subject: gratuitously recreates logcheck user X-Mailer: reportbug 2.59 Date: Sun, 16 May 2004 14:34:34 -0400 X-Debbugs-Cc: ucko at debian.org Message-Id: <E1BPQT4-0003ts-Eh at tux.internal.ucko.debian.net> Sender: "Aaron M. Ucko" <amu at ucko.debian.net> X-SA-Exim-Connect-IP: <locally generated> X-SA-Exim-Mail-From: amu at ucko.debian.net Delivered-To: submit at bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE, X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2004_03_25 X-Spam-Level: Package: logcheck Version: 1.2.20 Severity: important For some reason, logcheck.preinst unconditionally deletes and (re)adds the logcheck user. This can have the effect of changing its uid, which is problematic if cron has cached the old uid (as I have observed it to do). Please conditionalize that code on upgrading from versions prior to 1.2.19: case "$1" in install|upgrade) if dpkg --compare-versions "$2" lt 1.2.19; then ... fi ;; esac The postinst's chown/chgrp/chmod calls should probably also be conditional to support admins who want somewhat different setups for whatever reason. (I don't happen to, but I can imagine some might.) -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.4.26 Locale: LANG=en_US, LC_CTYPE=en_US Versions of packages logcheck depends on: ii adduser 3.53 Add and remove users and groups ii cron 3.0pl1-83 management of regular background p ii debconf [debconf-2.0] 1.4.25 Debian configuration management sy ii debianutils 2.8.2 Miscellaneous utilities specific t ii exim4 4.34-1 An MTA (Mail Transport Agent) ii exim4-daemon-heavy [mai 4.34-1 Exim (v4) with extended features, ii lockfile-progs 0.1.10 Programs for locking and unlocking ii logcheck-database 1.2.20 A database of system log rules for ii logtail 1.2.20 Returns parts of logfiles that hav ii mailutils [mailx] 1:0.4+20040414-4 GNU mailutils utilities for handli ii sysklogd [system-log-da 1.4.1-14 System Logging Daemon -- debconf information: logcheck/security_level: workstation logcheck/manage_conffiles: true logcheck/upgrade-note: * logcheck/noroot: * logcheck/changes: * logcheck/install-note: logcheck/email_address: root logcheck/rewrite-note: --------------------------------------- Received: (at 249324-close) by bugs.debian.org; 3 Jun 2004 10:08:36 +0000>From katie at ftp-master.debian.org Thu Jun 03 03:08:36 2004Return-path: <katie at ftp-master.debian.org> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1BVp9H-0005PB-00; Thu, 03 Jun 2004 03:08:35 -0700 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1BVp2x-00024C-00; Thu, 03 Jun 2004 06:02:03 -0400 From: Todd Troxell <ttroxell at debian.org> To: 249324-close at bugs.debian.org X-Katie: $Revision: 1.49 $ Subject: Bug#249324: fixed in logcheck 1.2.21 Message-Id: <E1BVp2x-00024C-00 at newraff.debian.org> Sender: Archive Administrator <katie at ftp-master.debian.org> Date: Thu, 03 Jun 2004 06:02:03 -0400 Delivered-To: 249324-close at bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2004_03_25 X-Spam-Level: X-CrossAssassin-Score: 13 Source: logcheck Source-Version: 1.2.21 We believe that the bug you reported is fixed in the latest version of logcheck, which is due to be installed in the Debian FTP archive: logcheck-database_1.2.21_all.deb to pool/main/l/logcheck/logcheck-database_1.2.21_all.deb logcheck_1.2.21.dsc to pool/main/l/logcheck/logcheck_1.2.21.dsc logcheck_1.2.21.tar.gz to pool/main/l/logcheck/logcheck_1.2.21.tar.gz logcheck_1.2.21_all.deb to pool/main/l/logcheck/logcheck_1.2.21_all.deb logtail_1.2.21_all.deb to pool/main/l/logcheck/logtail_1.2.21_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 249324 at bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Todd Troxell <ttroxell at debian.org> (supplier of updated logcheck package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster at debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Thursday, 03 Jun 2004 05:49:47 -0500 Source: logcheck Binary: logcheck logtail logcheck-database Architecture: source all Version: 1.2.21 Distribution: unstable Urgency: low Maintainer: Debian logcheck Team <logcheck-devel at lists.alioth.debian.org> Changed-By: Todd Troxell <ttroxell at debian.org> Description: logcheck - Mails anomalies in the system logfiles to the administrator logcheck-database - A database of system log rules for the use of log checkers logtail - Print log file lines that have not been read Closes: 174173 182992 186849 192192 198767 213709 222240 226937 248409 248816 249074 249181 249324 250373 250374 251364 251463 252173 Changes: logcheck (1.2.21) unstable; urgency=low . maks: * Better description of logtail package. * Recommend use of an offsite email address in main conf. * Added and updated bind, cracklib, innd, kernel, logcheck, nntpcache, Login.app, proftp, postfix, pump, sendmail rulefiles. (Closes: #248816, #213709, #198767, #248409, #249074, #250374, #250373, #249181) * Added -v switch (outputs logcheck version). * Harden permissions regarding world. * Added and updated arpwatch, bind, gconf, gdm, kernel, openvpn, postfix, rpc.statd and spamd rules. thanks to Peter Palfrader <weasel at debian.org>. * New Config option for subject tags [logcheck]. * Lower all debconf messages priority. * Added and updated oidentd rules. (Closes: #186849) thanks to Tobias Wolter <towo+bugs at ydal.de> * Ignore normal use of su and sudo. (Closes: #182992, #192192) * Remove empty file innd. * Add switches to logtails default arguments. * Added cvs-build, cvs-clean debian/rules - stolen from apt. * Denote /etc/logcheck/logcheck.logfile as CFG in manpage and logcheck. * Move logtail.8 from debian to doc dir. * Added Japanese translation. thanks to Hideki Yamane (Closes: #251463) * Added French translation. thanks to R?mi Pannequin (Closes: #252173) * Fix bashishm in preinst and postinst. (Closes: #251364) todd: * Add debconf to logcheck Depends: * Check the return values of all commands that write to disk. (Closes: #174173) * Add NEWS.Debian to logcheck.docs (Followup to #247360) eevans: * Made addition of logcheck user and permissions/ownership changes a conditional of an upgrade from a version less than 1.2.19. (Closes: #249324) * Added a note to README.Debian on how to manually change the cronjob interval. (Closes: #222240, #226937) alfie: * src/logcheck: test also for readability for the header.txt and footer.txt. * debian/changelog: stripped all trailing whitespace from the file. * debian/*templates: Some small consistency and formating updates. Updated the debian/po/*.po files too. Files: ca12c9c51dc70453a7fcb1859f17ccc3 670 admin optional logcheck_1.2.21.dsc 2def0e9e4ccc428e49126c5e391e4597 72037 admin optional logcheck_1.2.21.tar.gz c87bba838b413e6f939edd7336e07579 36388 admin optional logcheck_1.2.21_all.deb 806b69d2d16042c4f2060df79d73a1bd 39956 admin optional logcheck-database_1.2.21_all.deb 2554603f91374e07d19293a5277ab153 21170 admin optional logtail_1.2.21_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD4DBQFAvvYw4u3oQ3FHP2YRAkukAKCztbEVc4ziE6zmo4VijzQHma/yKwCYvKTP 1FzcH4V8Ag3K8hSwSnDbvw==s9Dc -----END PGP SIGNATURE-----