Your message dated Tue, 24 Jan 2017 22:04:09 +0000
with message-id <[email protected]>
and subject line fixed
has caused the Debian Bug report #762603,
regarding dbeacon: should not run as root
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
762603: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762603
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: dbeacon
Version: 0.3.9.3-2
Severity: wishlist
Dear Maintainer,
attached is a patch that fixes two things for me:
- make dbeacon run as user '_dbeacon' instead of 'root' for
security reasons
- introduce a way to specify command line options to the deamons
when running multiple instances (/etc/dbeacon/INSTANCE.options)
thanks for considering the patch,
Raoul
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16-1-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages dbeacon depends on:
ii libc6 2.19-11
ii libgcc1 1:4.9.1-15
ii libstdc++6 4.9.1-15
ii lsb-base 4.1+Debian13
Versions of packages dbeacon recommends:
ii libxml-parser-perl 2.41-3
ii perl 5.20.1-1
Versions of packages dbeacon suggests:
pn librrds-perl <none>
-- no debconf information
diff -uN debian.orig/init.d debian/init.d
--- debian.orig/init.d 2014-09-23 18:03:40.323388457 +0200
+++ debian/init.d 2014-09-23 18:02:54.491289761 +0200
@@ -16,6 +16,9 @@
NAME=dbeacon
DESC="Multicast Beacon"
CONFIG_DIR=/etc/dbeacon
+USER=_dbeacon
+PIDDIR=/run/dbeacon
+LIBDIR=/var/lib/dbeacon
test -x $DAEMON || exit 0
test -d $CONFIG_DIR || exit 0
@@ -27,24 +30,27 @@
case "$1" in
start)
log_daemon_msg "Starting $DESC"
+ mkdir -p $PIDDIR $LIBDIR || exit 1
+ chown $USER:$USER $PIDDIR $LIBDIR || exit 1
for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do
NAME=${CONFIG%%.conf}
log_progress_msg "$NAME"
STATUS=0
+ [ -e ${CONFIG_DIR}/${NAME}.options ] && . ${CONFIG_DIR}/${NAME}.options
- start-stop-daemon --start --quiet \
- --pidfile /var/run/dbeacon.${NAME}.pid \
+ start-stop-daemon --start --quiet --chuid $USER:$USER \
+ --pidfile $PIDDIR/dbeacon.${NAME}.pid \
--exec $DAEMON -- $DAEMON_OPTS \
-D \
-c ${CONFIG_DIR}/${NAME}.conf \
- -p /var/run/dbeacon.${NAME}.pid || STATUS=1
+ -p $PIDDIR/dbeacon.${NAME}.pid || STATUS=1
done
log_end_msg ${STATUS:-0}
;;
stop)
log_daemon_msg "Stopping $DESC"
- for PIDFILE in `ls /var/run/dbeacon.*.pid 2> /dev/null`; do
- NAME=`echo $PIDFILE | cut -c18-`
+ for PIDFILE in `ls $PIDDIR/dbeacon.*.pid 2> /dev/null`; do
+ NAME=`echo $PIDFILE | cut -c22-`
NAME=${NAME%%.pid}
kill `cat $PIDFILE` || true
start-stop-daemon --stop --oknodo --quiet \
@@ -57,7 +63,7 @@
GLOBAL_STATUS=0
for CONFIG in `cd $CONFIG_DIR; ls *.conf 2> /dev/null`; do
NAME=${CONFIG%%.conf}
- status_of_proc -p /var/run/dbeacon.${NAME}.pid dbeacon "dbeacon '${NAME}'" || GLOBAL_STATUS=1
+ status_of_proc -p $PIDDIR/dbeacon.${NAME}.pid dbeacon "dbeacon '${NAME}'" || GLOBAL_STATUS=1
done
exit $GLOBAL_STATUS
;;
Common subdirectories: debian.orig/patches and debian/patches
diff -uN debian.orig/postinst debian/postinst
--- debian.orig/postinst 1970-01-01 01:00:00.000000000 +0100
+++ debian/postinst 2014-09-23 18:08:06.879965765 +0200
@@ -0,0 +1,41 @@
+#!/bin/sh
+# postinst script for bwctl
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <postinst> `abort-remove'
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ configure)
+ adduser --system --group --home /nonexistent \
+ --no-create-home --disabled-login --force-badname _dbeacon
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
Common subdirectories: debian.orig/source and debian/source
--- End Message ---
--- Begin Message ---
Fixed: 0.4.0-2
Hi,
Sorry, forgot to close in changelog.
Thanks,
Iain.
signature.asc
Description: PGP signature
--- End Message ---
