Your message dated Wed, 03 Jan 2018 23:03:57 +0000 with message-id <[email protected]> and subject line Bug#849636: fixed in apt 1.6~alpha6 has caused the Debian Bug report #849636, regarding apt-daily: do not use pidof to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 849636: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=849636 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: apt Version: 1.4~beta2 The script '/usr/lib/apt/apt.systemd.daily' uses 'pidof dbus-daemon' to check whether dbus is running and whether to send a message. With SELinux enabled this causes avc denials like: type=PROCTITLE msg=audit(12/29/16 07:43:22.385:42209) : proctitle=pidof dbus-daemon type=PATH msg=audit(12/29/16 07:43:22.385:42209) : item=0 name=3/stat nametype=UNKNOWN type=CWD msg=audit(12/29/16 07:43:22.385:42209) : cwd=/proc type=SYSCALL msg=audit(12/29/16 07:43:22.385:42209) : arch=armeb syscall=open per=PER_LINUX_32BIT success=no exit=EACCES(Permission denied) a0=0x7ec069a4 a1=O_RDONLY|O_NOFOLLOW a2=0x1b6 a3=0x1b6 items=1 ppid=366 1 pid=3797 auid=unset uid=root gid=root euid=root suid=root fsuid=root egid=root sgid=root fsgid=root tty=(none) ses=unset comm=pidof exe=/sbin/killall5 subj=system_u:system_r:apt_t:s0 key=(null) type=AVC msg=audit(12/29/16 07:43:22.385:42209) : avc: denied { search } for pid=3797 comm=pidof name=3 dev="proc" ino=6775 scontext=system_u:system_r:apt_t:s0 tcontext=system_u:system_r:kernel_t:s0 tclass=di r permissive=0 I do not like to grant apt these permissions but I also want apt to announce an update to dbus, so can you rework the dbus check? Kindly Regards, Christian Göttsche
--- End Message ---
--- Begin Message ---Source: apt Source-Version: 1.6~alpha6 We believe that the bug you reported is fixed in the latest version of apt, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Julian Andres Klode <[email protected]> (supplier of updated apt package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 03 Jan 2018 22:33:37 +0000 Source: apt Binary: apt libapt-pkg5.0 libapt-inst2.0 apt-doc libapt-pkg-dev libapt-pkg-doc apt-utils apt-transport-https Architecture: source Version: 1.6~alpha6 Distribution: unstable Urgency: medium Maintainer: APT Development Team <[email protected]> Changed-By: Julian Andres Klode <[email protected]> Description: apt - commandline package manager apt-doc - documentation for APT apt-transport-https - transitional package for https support apt-utils - package management related utility programs libapt-inst2.0 - deb package format runtime library libapt-pkg-dev - development files for APT's libapt-pkg and libapt-inst libapt-pkg-doc - documentation for APT development libapt-pkg5.0 - package management runtime library Closes: 668948 849636 881875 882850 884922 Changes: apt (1.6~alpha6) unstable; urgency=medium . [ Julian Andres Klode ] * Add Breaks: aptitude (<< 0.8.10) for gzip method removal * Also look at https_proxy for https URLs * Run wrap-and-sort * Translate shared documentation parts again * tests: Improve handling profiling messages on CI * connect: Store the IP used when picking a connection * Add rapid "happy eyeballs" connection fallback (RFC 8305) (Closes: #668948) (LP: #1308200) . [ David Kalnischkies ] * allow multivalue fields in deb822 sources to be folded (Closes: 881875) * support COLUMNS environment variable in apt tools * allow apt_auth.conf(5) to be translated * if insecure repo is allowed continue on all http errors * don't auto-switch candidate if installed is good enough * update libapt-pkg symbols file * explicitly name token in auth.conf parsing error * fix over-calculating dpkg commandline length * avoid some useless casts reported by -Wuseless-cast * deal with floats without old-style cast * support multiline values in LookupTag * mark some 500 HTTP codes as transient acquire errors * report transient errors as transient errors * implement Acquire::Retries support for all items * give the methods more metadata about the files to acquire * implement fallback to alternative URIs for all items * do not remap current files if nullptrs in cache generation * apt.daily: remove unused dbus signal for apt update (Closes: 849636) * Support cleartext signed InRelease files with CRLF line endings. Thanks to Lukas Wunner for detailed report & initial patch! (Closes: 884922) * document http options in new apt-transport-http manpage * document https options in new apt-transport-https manpage * refactor message generation for methods * allow a method to request auxiliary files * reimplement and simplify mirror:// method * require methods to request AuxRequest capability at startup * add tag-based control over mirror choices from the list * non-local mirrorlists shouldn't redirect to local * add apt-transport-mirror manpage . [ Milo Casagrande ] * Italian program translation update (Closes: 882850) . [ Christian Göttsche ] * apt.daily: fix several "shellcheck" annotations Checksums-Sha1: 991742019c2d59f7fa878567832e4e6d9d22e187 2710 apt_1.6~alpha6.dsc 98e4ffac61185514093dd91a5ecdd82111693acf 2111456 apt_1.6~alpha6.tar.xz 34a34ae208e3301f0ecc48a3ba5c9ff0a5971be2 7329 apt_1.6~alpha6_source.buildinfo Checksums-Sha256: 0a34f3594e568e58ffda9bea341e5065ed181756be8dc24ac72ac5c0fa269b01 2710 apt_1.6~alpha6.dsc ddcdb5f3ec1922f6a42a18b9ea2fd4945e945510d26a548c16de4874aa30b817 2111456 apt_1.6~alpha6.tar.xz 1138e999717a841d3269184642a040a2ed85d4b79658ec604d08f3bd478e30b5 7329 apt_1.6~alpha6_source.buildinfo Files: 6c80816b16bc76917c34c9a6d344fcfe 2710 admin important apt_1.6~alpha6.dsc 3d49ac109b935909a313a4ff2a39a5af 2111456 admin important apt_1.6~alpha6.tar.xz f64c46dcf5454c007ff340c88453b8e9 7329 admin important apt_1.6~alpha6_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIsBAEBCgAWBQJaTVsfDxxqYWtAZGViaWFuLm9yZwAKCRDXPDnlZYCzhtdND/0S AS49Sxsrsk/AJXncGnqggyPd15ozIfCux9F4B+8BGH+r57RsQkHaVblpNx0O7M10 IV/Z9KmdW8f+/0Ik8Lswjw6FsJNvjVInba65KwwesyxJxTsygcIWDDRSFpMzYUYi oUOmg9JVzOkkFAt6VM8PCiqGdjxjiuJ1wbP3cFjM1Grx/Eibi5gWtJBWYnthz3Av kAzB3t+dTLmjDp4Qmg+f8ysN/bi2cev6rsIonup7r7psiIYkbBnPyqlmN1ONPgZf nC5JQsCglCs985DH4COnTZula41Xfe3gn49tnk9Y1UM1n0IsVQF7TDSYJYuiKsiC 0Q/qIzMDB7r7H4FGpTV5bYngzL0wk5hnLphp7Vavg8LbWheUatFMqBnp6G/3stGq CrfGd6AC16lGrVbhnRn9Sxee3AOViQP+6WtNQ6rXI0gqQod8P7YCoRoi6Kmoo83y CONusd4q6WOk6tJVs39hdOsYsdZ3HKz3ylmWJVaXeTZGt3PbYN0B/QrIx63yo/+d +knjkKKU7iKavjpJdD8CDgJiSDErAw/Yn5SQ3C80LKkgfQaCASvbHvTRNOtL6mQX cl9dbSnhYjKqHzg4Trn9sYUm1kCNgFZW5catON2A+NTomWO4BMykEb7nHHUz8yF2 ylHG/sj1P6SXKpsELF6Cc69cN5dsGHtUyiMGn4gdkw== =uj2J -----END PGP SIGNATURE-----
--- End Message ---
