Your message dated Tue, 30 Jan 2007 21:47:02 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#388693: fixed in fuse 2.6.2-1 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: fuse-utils Version: 2.5.3-4.1 Severity: important Tags: patch -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 I upgraded fuse-utils today and noticed that although a command run by the postinst script failed (the invocation of dpkg-statoverride) the script did not abort. dpkg-statoverride failed to run because an override for /usr/bin/fusermount already existed. The net result is that the mode of that file would never have been updated if I hadn't noticed the failure myself. In my opinion, ignoring the failure of commands by appending '|| true' to them is careless and can even be dangerous. I respectfully suggest a number of changes: First, the postinst script. This change will cause package installation to fail if there is a genuine error while creating the fuse group (as it should; without the group the package will not function and so the administrator needs to be notified of the failure so it can be rectified). But since addgroup is only run if the fuse group is not already present, it will not fail if the group already exists (which, looking at #383076, seems to be the reason for ignoring the failure of addgroup). -addgroup --system fuse || true +getent group fuse >/dev/null || addgroup --system fuse I don't think the maintainer script should blindly change the permission of the /dev/fuse file (or any other file). If the administrator has customised the owner or permission of the device then his changes should be preserved: -if [ -c /dev/fuse ]; then chown root:fuse /dev/fuse; fi -if [ -c /dev/.static/dev/fuse ]; - then chown root:fuse /dev/.static/dev/fuse; -fi The owner (and permissions) for the device should only be set by udev, or MAKEDEV. About the call to udevcontrol... the man page for the utility does not mention what the reload_rules command does, or why it may fail... so I'm not sure how to replace the use of || true in this case. Finally, I think the use of dpkg-statoverride to set the permission of /usr/bin/fusermount is wrong. dpkg-statoverride is a tool for the system administrator to use to *override* the default permissions of a file; package maintainer scripts should simply use chown and chmod, after having checked whether the administrator has overriden a file's permissions. -dpkg-statoverride --add --update root fuse 4750 /usr/bin/fusermount || true +if ! dpkg-statoverride --list /usr/bin/fusermount >/dev/null; then + chown root:fuse /usr/bin/fusermount + chmod 4750 /usr/bin/fusermount +fi Now, the postrm script. IMO the administrator's decision to override the permissions of the file should be removed (if at all) only when the package is purged: -dpkg-statoverride --remove /usr/bin/fusermount || true And again, if the removal of the fuse group fails, the administrator should be informed so that he can remove the group manually. Not the use of if...fi instead of &&; this is done so that the command will not cause the script to fail if the fuse group is not present -delgroup --system fuse || true +if getent group fuse >/dev/null; then delgroup --system fuse; fi The final issue is how to handle upgrades from earlier versions of the package that used dpkg-statoverride to set the permission of /usr/bin/fusermount. I suggest creating a preinst script (note the version number being compared against is 2.5.3-5; this must be the version number of the package that fixes this bug): #!/bin/sh -e if test "$2" -lt '2.5.3-5' then stat="$(dpkg-statoverride --list /usr/bin/fusermount)" if test "$stat" = 'root fuse 4754 /usr/bin/fusermount; then dpkg-statoverride --remove /usr/bin/fusermount elif test "$stat" = 'root fuse 4750 /usr/bin/fusermount; then dpkg-statoverride --remove /usr/bin/fusermount fi fi This will result in a clean system in all three cases: 1. where the user has not created their own statoverride for the file, the existing statoverride will be removed 2. where the user has not created their own statoverride for the file, and upgraded from an older version of fuse-utils where fusermount was shipped mode 4754, the existing statoverride will be removed and the postinst will update fusermount to be mode 4750 3. where the user has created their own statoverride for the file, it will be preserved, and the postinst will not change the mode of the file The messages that made me realise that using dpkg-statoverride in a package's maintainer scripts are archived at <http://lists.debian.org/debian-mentors/2001/02/msg00170.html> and <http://lists.debian.org/debian-mentors/2001/02/msg00174.html>. - -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (530, 'testing'), (520, 'unstable'), (510, 'experimental') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-2-k7 Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8) Versions of packages fuse-utils depends on: ii adduser 3.97 Add and remove users and groups ii libc6 2.3.6.ds1-4 GNU C Library: Shared libraries ii makedev 2.3.1-83 creates device files in /dev ii sed 4.1.5-1 The GNU sed stream editor ii ucf 2.0014 Update Configuration File: preserv ii udev 0.100-1 /dev/ and hotplug management daemo fuse-utils recommends no packages. - -- debconf information: fuse-utils/groupcreate: false fuse-utils/groupdelete: true fuse-utils/group: fuse fuse-utils/grouprenamemigrate: true -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (GNU/Linux) iD8DBQFFEzU+shl/216gEHgRAgTzAKDFuQvee3fV/lo9trDxuHKRrgbhEgCgstco /155BafmAztH00HkUpPhHTc= =Od3D -----END PGP SIGNATURE-----
--- End Message ---
--- Begin Message ---Source: fuse Source-Version: 2.6.2-1 We believe that the bug you reported is fixed in the latest version of fuse, which is due to be installed in the Debian FTP archive: fuse-utils_2.6.2-1_i386.deb to pool/main/f/fuse/fuse-utils_2.6.2-1_i386.deb fuse_2.6.2-1.diff.gz to pool/main/f/fuse/fuse_2.6.2-1.diff.gz fuse_2.6.2-1.dsc to pool/main/f/fuse/fuse_2.6.2-1.dsc fuse_2.6.2.orig.tar.gz to pool/main/f/fuse/fuse_2.6.2.orig.tar.gz libfuse-dev_2.6.2-1_i386.deb to pool/main/f/fuse/libfuse-dev_2.6.2-1_i386.deb libfuse2_2.6.2-1_i386.deb to pool/main/f/fuse/libfuse2_2.6.2-1_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Bartosz Fenski <[EMAIL PROTECTED]> (supplier of updated fuse package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Tue, 30 Jan 2007 22:32:38 +0100 Source: fuse Binary: libfuse2 libfuse-dev fuse-utils Architecture: source i386 Version: 2.6.2-1 Distribution: unstable Urgency: low Maintainer: Bartosz Fenski <[EMAIL PROTECTED]> Changed-By: Bartosz Fenski <[EMAIL PROTECTED]> Description: fuse-utils - Filesystem in USErspace (utilities) libfuse-dev - Filesystem in USErspace (development files) libfuse2 - Filesystem in USErspace library Closes: 386736 388266 388693 393126 393693 397364 398709 404904 Changes: fuse (2.6.2-1) unstable; urgency=low . * New upstream release. (Closes: #398709, #397364) - includes init script which hopefully fixes problems with creation of fuse device. (Closes: #393126) - works ok on read only root filesystem. (Closes: #393693) * Contains Sam Morris's patches. Thanks! (Closes: #388693) * Does not remove fuse group again. (Closes: #388266) * Makes fusermount world readable. (Closes: #386736) * ACK NMU thanks! (Closes: #404904) Files: 1e6472f78e487b851b377e53c67e09f2 601 libs optional fuse_2.6.2-1.dsc fa3837fa6bc920303b02fb3820606964 472682 libs optional fuse_2.6.2.orig.tar.gz 54fb722cdfafa8229c9461ec0fbfaaea 8778 libs optional fuse_2.6.2-1.diff.gz bac948802c047c91588e38c4be0b121c 71310 utils optional fuse-utils_2.6.2-1_i386.deb 9afdb79aae2993fbd87fce1a6f266433 122236 libdevel optional libfuse-dev_2.6.2-1_i386.deb 62cb77e318b366c6f7214cf46032296f 68348 libs optional libfuse2_2.6.2-1_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFFv7sChQui3hP+/EARAhqcAJ9OxAdC0KxKlGAWLc5JfHT+es7C8QCgiYMv NHeRdnKC+uDe09FBvN/QwIY= =8IH5 -----END PGP SIGNATURE-----
--- End Message ---
