Your message dated Wed, 28 Oct 2015 09:34:51 +0000 with message-id <[email protected]> and subject line Bug#763391: fixed in fakechroot 2.18-1 has caused the Debian Bug report #763391, regarding fakechroot: chfn in a fakechroot environment to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 763391: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763391 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: fakechroot Version: 2.17.2-1 Severity: normal Tags: patch Dear Maintainer, The command chfn fails in a fakechroot environment : it is setuid root, and the variable LD_LIBRARY_PATH is ignored. As a result, it tries to alter /etc/passwd outside of the (fake)chroot and fails because of insufficient permissions. This prevents the installation of avahi-daemon, colord, usbmuxd and logcheck : # aptitude install avahi-daemon ... Setting up avahi-daemon (0.6.31-4) ... chfn: PAM: System error adduser: `/usr/bin/chfn -f Avahi mDNS daemon avahi' returned error code 1. Exiting. dpkg: error processing package avahi-daemon (--configure): subprocess installed post-installation script returned error exit status 1 ... (in the (fake)chroot : # cat /usr/sbin/policy-rc.d #!/bin/sh exit 101 # cat /sbin/start-stop-daemon #!/bin/sh echo echo "Warning: Fake start-stop-daemon called, doing nothing") Is it possible to add a replacement for chfn ? Here is a (unoptimized !) example : it just changes /etc/passwd inside of the (fake)chroot (no need of setuid/setgid). Regards, JH Chatenet *** rustine14.patch diff -Naur a/scripts/chfn.fakechroot.sh b/scripts/chfn.fakechroot.sh --- a/scripts/chfn.fakechroot.sh 1970-01-01 01:00:00.000000000 +0100 +++ b/scripts/chfn.fakechroot.sh 2014-04-14 21:51:42.000000000 +0200 @@ -0,0 +1,181 @@ +#!@SHELL@ + +# chfn +# +# Replacement for chfn command which changes a gecos field in +# etc/passwd under the (fake)chroot. There is no locking and no permission check. + +which_option() { + option_name="$1" + option_value="$2" + case $option_name in + -f|--full-name) + has_new_name=1 + new_name="$(echo $option_value|tr -d ':,=')" + ;; + -h|--home-phone) + has_new_home_phone=1 + new_home_phone="$(echo $option_value|tr -d ':,=')" + ;; + -o|--other) + has_new_other=1 + new_other="$(echo $option_value|tr -d ':')" + ;; + -r|--room) + has_new_room=1 + new_room="$(echo $option_value|tr -d ':,=')" + ;; + -R|--root) + has_root=1 + root="$option_value" + ;; + -w|--work-phone) + has_new_work_phone=1 + new_work_phone="$(echo $option_value|tr -d ':,=')" + ;; + esac +} + +parse_gecos_field() { + gecos_field="$1" + + old_name="${gecos_field%%,*}" + gecos_field="${gecos_field#$old_name}" + + if [ -z "$gecos_field" ]; then + return + else + gecos_field="${gecos_field#,}" + fi + + old_room="${gecos_field%%,*}" + gecos_field="${gecos_field#$old_room}" + gecos_field="${gecos_field#,}" + + old_work_phone="${gecos_field%%,*}" + gecos_field="${gecos_field#$old_work_phone}" + gecos_field="${gecos_field#,}" + + old_home_phone="${gecos_field%%,*}" + gecos_field="${gecos_field#$old_home_phone}" + gecos_field="${gecos_field#,}" + + if [ -n "$gecos_field" ]; then + has_old_other=1 + old_other="$gecos_field" + fi +} + +while [ $# -gt 0 ]; do + case $1 in + -u|--help) + echo "fakechroot : replacement of chfn" + chfn -u + exit 0 + ;; + -f|--full-name|-h|--home-phone|-o|--other|-r|--room|-R|--root|-w|--work-phone) + option_name="$1" + option_value="$2" + which_option "$option_name" "$option_value" + shift 2 + ;; + --full-name=*|--home-phone=*|--other=*|--room=*|--root=*|--work-phone=*) + option_name="${1%%=*}" + option_value="${1#*=}" + which_option "$option_name" "$option_value" + shift + ;; + -f*|-h*|-o*|-r*|-R*|-w*) + option_value="${1#-?}" + option_name="${1%$option_value}" + which_option "$option_name" "$option_value" + shift + ;; + --) + shift + break + ;; + *) + break + ;; + esac +done + +if [ $# -gt 0 ]; then + user="$1" +else + user=$(id -u -n) +fi + + +# Where is the root ? +if [ -n "$root" ]; then + if [ "${root#/}" != "$root" ]; then + root="${FAKECHROOT_BASE_ORIG}${root}" + fi +else + root="$FAKECHROOT_BASE_ORIG" +fi + +if [ ! -e "$root/etc/passwd" ]; then + echo "fakechroot chfn replacement : $root/etc/passwd : no such file" >&2 + exit 1 +fi + +# Is there such user ? +grep -q "^${user}:" "$root/etc/passwd" +ret=$? + +if [ $ret -eq 1 ]; then + echo "fakechroot chfn replacement : $user : no such user" >&2 + exit 2 +elif [ $ret -eq 2 ]; then + echo "fakechroot chfn replacement : grep error" >&2 + exit 3 +fi + +# What is the old gecos field ? +old_gecos_field=$(sed -n "/^${user}/ {s/^\([^:]*:\)\{4\}\([^:]*\):.*$/\2/;p;q}" "$root/etc/passwd") + +parse_gecos_field "$old_gecos_field" + +# Assemble new gecos + +if [ -n "$has_new_name" ]; then + new_gecos_field="$new_name" +else + new_gecos_field="$old_name" +fi + +if [ -n "$has_new_room" ]; then + new_gecos_field="${new_gecos_field},$new_room" +else + new_gecos_field="${new_gecos_field},$old_room" +fi + +if [ -n "$has_new_work_phone" ]; then + new_gecos_field="${new_gecos_field},$new_work_phone" +else + new_gecos_field="${new_gecos_field},$old_work_phone" +fi + +if [ -n "$has_new_home_phone" ]; then + new_gecos_field="${new_gecos_field},$new_home_phone" +else + new_gecos_field="${new_gecos_field},$old_home_phone" +fi + +if [ -n "$has_new_other" ]; then + new_gecos_field="${new_gecos_field},$new_other" +elif [ -n "$has_old_other" ]; then + new_gecos_field="${new_gecos_field},$old_other" +fi + +name_only="${new_gecos_field%%,*}" + +if [ "${new_gecos_field#$name_only}" = ",,," ]; then + new_gecos_field="$name_only" +fi + +# New /etc/passwd +sed -i "s/^\(${user}:\([^:]*:\)\{3\}\)\([^:]*\)/\1${new_gecos_field}/" "$root/etc/passwd" diff -Naur a/scripts/chroot.env.sh b/scripts/chroot.env.sh --- a/scripts/chroot.env.sh 2014-04-15 17:31:38.000000000 +0200 +++ b/scripts/chroot.env.sh 2014-04-17 08:26:46.000000000 +0200 @@ -10,6 +10,7 @@ fakechroot_chroot_env_cmd_subst="" for fakechroot_chroot_env_d in `echo $PATH | tr ':' ' '`; do fakechroot_chroot_env_cmd_subst="$fakechroot_chroot_env_cmd_subst + $fakechroot_chroot_env_d/chfn=@bindir@/chfn.fakechroot $fakechroot_chroot_env_d/chroot=@sbindir@/chroot.fakechroot $fakechroot_chroot_env_d/env=@bindir@/env.fakechroot $fakechroot_chroot_env_d/ischroot=/bin/true diff -Naur a/scripts/Makefile.am b/scripts/Makefile.am --- a/scripts/Makefile.am 2014-04-15 17:26:38.000000000 +0200 +++ b/scripts/Makefile.am 2014-04-17 08:27:34.000000000 +0200 @@ -1,10 +1,10 @@ sysconfdir = @sysconfdir@/@PACKAGE@ -src_wrappers = chroot.fakechroot.sh env.fakechroot.sh fakechroot.sh ldd.fakechroot.pl +src_wrappers = chfn.fakechroot.sh chroot.fakechroot.sh env.fakechroot.sh fakechroot.sh ldd.fakechroot.pl src_envs = chroot.env.sh debootstrap.env.sh rinse.env.sh example_scripts = relocatesymlinks.sh restoremode.sh savemode.sh -bin_SCRIPTS = env.fakechroot fakechroot ldd.fakechroot +bin_SCRIPTS = chfn.fakechroot env.fakechroot fakechroot ldd.fakechroot sbin_SCRIPTS = chroot.fakechroot sysconf_DATA = chroot.env debootstrap.env rinse.env @@ -26,6 +26,10 @@ -e 's,[@]SHELL[@],$(SHELL),g' \ -e 's,[@]VERSION[@],$(VERSION),g' +chfn.fakechroot: $(srcdir)/chfn.fakechroot.sh + $(do_subst) < $(srcdir)/chfn.fakechroot.sh> $@ + chmod +x $@ + chroot.env: $(srcdir)/chroot.env.sh $(do_subst) < $(srcdir)/chroot.env.sh > $@ chmod +x $@ -- System Information: Debian Release: jessie/sid APT prefers testing APT policy: (500, 'testing') Architecture: amd64 (x86_64) Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages fakechroot depends on: ii libfakechroot 2.17.2-1 fakechroot recommends no packages. fakechroot suggests no packages. -- no debconf information
--- End Message ---
--- Begin Message ---Source: fakechroot Source-Version: 2.18-1 We believe that the bug you reported is fixed in the latest version of fakechroot, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Piotr Roszatycki <[email protected]> (supplier of updated fakechroot package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Mon, 26 Oct 2015 22:08:24 +0100 Source: fakechroot Binary: fakechroot libfakechroot Architecture: source all amd64 Version: 2.18-1 Distribution: unstable Urgency: medium Maintainer: Piotr Roszatycki <[email protected]> Changed-By: Piotr Roszatycki <[email protected]> Description: fakechroot - gives a fake chroot environment - utilities libfakechroot - gives a fake chroot environment - runtime Closes: 745082 749632 763391 774332 Changes: fakechroot (2.18-1) unstable; urgency=medium . * New upstream release: - Works correctly with stretch and vivid. Closes: #745082, #763391, #774332. - Doesn't mix _BSD_SOURCE and _XOPEN_SOURCE macros. Closes: #749632. * Build-Requires: debhelper >= 9. Checksums-Sha1: 59dc6582f9ebea49790df466b4341fe26b9f5c8f 1891 fakechroot_2.18-1.dsc ae375fa0a54c5ecef72f50154fef862d6f98d6fb 470498 fakechroot_2.18.orig.tar.gz 9659409597fdcf56baa744496333b79f91936a70 9216 fakechroot_2.18-1.debian.tar.xz 5a786aa38e6153f6191edffd1a45166014fb00fc 29488 fakechroot_2.18-1_all.deb 4266db7b76d958e3cff6b03e3c4c84db986535c5 43116 libfakechroot_2.18-1_amd64.deb Checksums-Sha256: ad7c73e6e13691db6c0f94d0e395ef30d6741d9e16fc0681f44dea9c28209c8f 1891 fakechroot_2.18-1.dsc 728316cf7d1a2fdf8454e0ca39b3b9790e450a778c96cac9d488662a74d4418e 470498 fakechroot_2.18.orig.tar.gz c8bbe01d179136366284f491391b2b7fdbae00ec21ff3da31063c5f8dc7cd2dc 9216 fakechroot_2.18-1.debian.tar.xz e6d23b6c93c024df3f952af3898d7ac3e536f835d3a44562c78270ffe9349580 29488 fakechroot_2.18-1_all.deb 2c649f130fd06fb16670d9631e74f2022e8d8cdf4e6540151a68af8dbac0e988 43116 libfakechroot_2.18-1_amd64.deb Files: b704c9a7e06149eee3e34e9fd6ca60e9 1891 utils optional fakechroot_2.18-1.dsc bdcee07d3c9e3a8ff8443e2bed27a4f8 470498 utils optional fakechroot_2.18.orig.tar.gz b9b2a21537149ec93bbf3da2fe7bb25c 9216 utils optional fakechroot_2.18-1.debian.tar.xz e9ea5c1233170ae38c0e4e24a2eb8388 29488 utils optional fakechroot_2.18-1_all.deb 58a79f19e11b942de30c05a3f1f47fb0 43116 libs optional libfakechroot_2.18-1_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBAgAGBQJWMI/XAAoJEFZiF/PEOVycDTwP/i2EobwQzlPiEbFOHjMGHeVK YhRFZX69PPo3qUC5BY5vNJGbatAG9KSHSzsCJiBaGqDLSwczVsesBKo96DPMDYWo 9UukmpPz6ejhaQrr5Hw59j5bKIrIF7RyKYWNjmCLVcAtH9Ez7oq2If2zmXAZrm1h 9dz+qlOjX728+s/PM1pZtzG61pg6o/GUcA1Hpj+pLUn2LLy0mSoHohhHsIDYB5BR kp7/8cTX8D/EbMnjvReosm+dPHSPlRvtqNPERAWM9XdRtcNDqKImTGv4eOA6kZvd iBCxP1JAkcHbhvOrAg4W0fG7wz36iv2dIQL5Oy2fshI74YyzTFcRFs8iMSp9dx3J fz7pcBwayehSmC/kN6YgJxVBf4uzcNkHu3DCNfDQ9XU5AEwkOD+rwUuO43TsOoiv WOM3/vUDvM59APnYlw87S5VT3xjfQAfQP2cGQp8JtsdgRx8MM6KzVDA17oDrN6+C 3mHdYXkFe3vVWvsRFcn/ECxU5c+hw9U3Wf/e9iGIhYWNZZwwXsne5cFcDCH8hp8J T45c9sNhO5HHS8YX1k8OKKZnzoS8QxZErbLdTEvAvyQfLX6yr3LmyI8EIvJxiOaX FTB+KJTRVl9NU1YOHVNTj0CTZDz/qBa+UKffMx3v4T5URgHduH6uyvThtvdKHCeX Y9CMPsl9fJgz4W7Paojg =rOhd -----END PGP SIGNATURE-----
--- End Message ---
