Your message dated Thu, 15 Nov 2018 10:37:16 +0000
with message-id <[email protected]>
and subject line
has caused the Debian Bug report #687410,
regarding sysvinit: non-privileged user can cause sysvinit.postinst to fail
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
687410: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=687410
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: sysvinit
Version: 2.88dsf-31
Severity: normal
sysvinit.postinst has the following code:
PID="$(pidof /sbin/init || true)"
[...]
kill -s USR1 "$PID"
But a normal user can cause "pidof /sbin/init" to produce more than
one output, e.g. with "chpst -b /sbin/init cat", or even (hoping for
some sort of race condition) "while true; do /sbin/init; done".
In that case, PID will be set to something like "1 15364", which means
that kill will fail with something like:
(bash):
kill: 1 15364: arguments must be process or job IDs
(dash):
kill: Illegal number: 1 23452
both return a non-zero error code, which will cause the maintainer
script to bail due to the "set -e", leaving a very cryptic message for
the upgrade.
It seems like a bad thing for a non-privileged user to be able to deny
the sysadmin the ability to effectively upgrade a package.
using pidof -s doesn't seem to fix things, because that is as likely
to return the non-privileged process ID as the privileged process ID.
If pidof could limit itself to only reporting on processes running as
a given user (the superuser in this case), that might avoid this
situation.
The core of the problem here is that argv[0] is an unreliable source
of information about what the proces actually is, since it is under
the control of the person running the process.
--dkg
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 3.2.0-3-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages sysvinit depends on:
ii debianutils 4.3.2
ii initscripts 2.88dsf-31
ii libc6 2.13-35
ii libselinux1 2.1.9-5
ii libsepol1 2.1.4-3
ii sysv-rc 2.88dsf-31
ii sysvinit-utils 2.88dsf-31
sysvinit recommends no packages.
sysvinit suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
It seems this code is not present in current (2.88dsf-60) version of
src:sysvinit.
pgpbidOK1tjUu.pgp
Description: PGP signature
--- End Message ---
