Your message dated Mon, 15 Dec 2014 11:04:14 +0000 with message-id <[email protected]> and subject line Bug#773107: fixed in dbus 1.9.4-2 has caused the Debian Bug report #773107, regarding dbus-daemon-launch-helper permissions temporarily wrong during upgrades to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 773107: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773107 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: dbus Version: 1.8.12-1 Severity: important dbus-daemon-launch-helper is expected to be setuid root and executable by group messagebus, i.e. "root messagebus 4754" in dpkg-statoverride syntax. However, because messagebus is a dynamically-allocated system group, the file in the .deb is actually "root root 0755", with ownership and permissions fixed up during installation. At the moment we just do a trivial chown/chmod in the postinst: if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then chown root:"$MESSAGEUSER" "$LAUNCHER" chmod 4754 "$LAUNCHER" fi However, this is not as robust as it could be. When a new dbus has been unpacked but not yet configured, dbus-daemon-launch-helper is temporarily "root root 0755", breaking system service activation. While upgrading a wheezy laptop to jessie, I hit one of the current dpkg bugs with trigger cycles (man-db -> man-db) which stopped the upgrade while dbus was in this state. An error message from PackageKit notification demonstrated the bug: dpkg: cycle found while processing triggers: chain of packages whose triggers are or may be responsible: man-db -> man-db ... Error: GDBus.Error:org.freedesktop.DBus.Error.Spawn.PermissionsInvalid: The permission of the setuid helper is not correct E: Sub-process /usr/bin/dpkg returned an error code (1) I think we could make dbus more robust by following the pattern suggested in Policy §10.9: # postinst if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER" fi # postrm, $1 = purge if dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1 ; then dpkg-statoverride --remove "$LAUNCHER" fi This would not immediately help upgrades from current dbus versions to the first version with this bug fixed, but all subsequent upgrades (e.g. jessie -> stretch) would avoid the broken transitional state. We could optionally also do something like this in preinst: # preinst if getent group "$MESSAGEUSER" >/dev/null && \ -x "$LAUNCHER" && \ ! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER" fi to improve the robustness of upgrades from current dbus versions to the fixed version. Regards, S
--- End Message ---
--- Begin Message ---Source: dbus Source-Version: 1.9.4-2 We believe that the bug you reported is fixed in the latest version of dbus, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie <[email protected]> (supplier of updated dbus package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Mon, 15 Dec 2014 08:18:15 +0000 Source: dbus Binary: dbus dbus-udeb dbus-x11 libdbus-1-3 libdbus-1-3-udeb dbus-1-doc libdbus-1-dev dbus-1-dbg Architecture: all source Version: 1.9.4-2 Distribution: experimental Urgency: medium Maintainer: Utopia Maintenance Team <[email protected]> Changed-By: Simon McVittie <[email protected]> Closes: 773107 Description: dbus-1-dbg - simple interprocess messaging system (debug symbols) dbus-1-doc - simple interprocess messaging system (documentation) dbus - simple interprocess messaging system (daemon and utilities) dbus-udeb - simple interprocess messaging system (minimal runtime) (udeb) dbus-x11 - simple interprocess messaging system (X11 deps) libdbus-1-3 - simple interprocess messaging system (library) libdbus-1-3-udeb - simple interprocess messaging system (minimal library) (udeb) libdbus-1-dev - simple interprocess messaging system (development headers) Changes: dbus (1.9.4-2) experimental; urgency=medium . * postinst: use dpkg-statoverride to set the permissions for dbus-daemon-launch-helper (expected to be 04754 root:messagebus) as suggested in Policy §10.9. This avoids a temporarily broken state when an upgraded dbus is unpacked but not yet configured (Closes: #773107) * preinst: opportunistically set up the same dpkg-statoverride entry if the group already exists, to avoid the same broken state during upgrades from older versions without needing Pre-Depends: adduser * postrm: delete the dpkg-statoverride entry on purge Checksums-Sha1: c9d04a2152b4a783801eabc26d5bec9ca408e165 2778 dbus_1.9.4-2.dsc 56a236cd145642f3693d2eb52d270bd47a78ec11 37656 dbus_1.9.4-2.debian.tar.xz 19a52be72f456e2748e3339d1a19249fb1ab27e1 1314182 dbus-1-doc_1.9.4-2_all.deb Checksums-Sha256: b70d80fd863e55ab249f6e18975bdc1c7365a886eb98eca39836341710d7fdae 2778 dbus_1.9.4-2.dsc 2700c5f3fb52acf7aefc7e3e8d0219777c1f554da9b2f96f328eab21caae2b9a 37656 dbus_1.9.4-2.debian.tar.xz 2b03ede992a7bf545e7793f98b215b0e5d9614fb1c5d0e74e77c7c1f76cc04f4 1314182 dbus-1-doc_1.9.4-2_all.deb Files: 27e1da8541a5f1ce4ef1b6aefa859793 2778 admin optional dbus_1.9.4-2.dsc 7a00701e773980b948d2a46fae18c7a6 37656 admin optional dbus_1.9.4-2.debian.tar.xz f27b5b8a963e0d6944defc54061c4758 1314182 doc optional dbus-1-doc_1.9.4-2_all.deb -----BEGIN PGP SIGNATURE----- iQIVAwUBVI68wU3o/ypjx8yQAQgBKQ/+J10c2yXYNpdjAn6tvk/2bp5GW+pzLF+v j2EWxtKgdIXmuWj9Gfl+T2+NeF2++JlbuAAcOPi8UesEa4Mj4k6FtYTpX81gwPW+ f0pBnap2sg1vR3+JEgWOoP2Seup7mttwZbE6vyFhBx9neu+fmst/YiHGoKuYUqrl mBAg6jRjUjpucR+7I8thpDpc0sMViIQQVJbZ/6EeWi5gn/dlI3/951SoXmsxVxGG dvvEOz3g2f3wuCkoZKISKUWcFAL2bGZrUBPWcIRncycfvkns6xT2UPCxYfVY7mff sfasuaYWL9+/DRtEeK0MvcS5lNorJ93f+HplxvLM6Gie50UFFuon0Vojychfhrsn REKmwrjaN3UlA6QbG8NFX2UjAKNxbfRjrQ01mRWIKkDP22oaBPiBQvCdkhfEllgx D6NztW1b0Whw7+ucAGOBTR9vmRk70i1q4xyaNQRF7gaqZr7CN4YHJnZSPgpntjp8 y/wsumSRcuBiq3VUtPh/B3mg480f29MwFPA0AI2oszfAzFlTOYQ85AcMnFmeMD0R S+UCsrANaAjY1F+mp/xgdpNoZ4AuIA+NZL9gtLkHpBGGNxFoW3hiHpwww1dVA0bs v0/F59Nu285C9IMwYJKwAUFWA1utkqoWR9bxB+SjmgG1lp9tlbD/xu83YL/eE3aq 0sLkeMSvZrk= =tqIl -----END PGP SIGNATURE-----
--- End Message ---

