Your message dated Thu, 14 Jan 2021 18:03:28 +0000 with message-id <[email protected]> and subject line Bug#975710: fixed in flatpak 1.10.0-1 has caused the Debian Bug report #975710, regarding flatpak: Starts gvfs-daemon when logging in as root to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 975710: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=975710 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: flatpak Version: 1.8.3-2 Severity: minor Tags: patch When I log into my machine with ssh as root, gvfs-daemon is indirectly started by flatpak using DBUS activation, in root's systemd user session. Maybe consider this patch for /etc/profile.d/flatpak.sh ? --- flatpak.sh.orig 2020-11-24 13:01:00.000000000 +0100 +++ flatpak.sh 2020-11-25 13:40:09.055342009 +0100 @@ -5,7 +5,7 @@ ( unset G_MESSAGES_DEBUG echo "${XDG_DATA_HOME:-"$HOME/.local/share"}/flatpak" - flatpak --installations + GIO_USE_VFS=local flatpak --installations ) | ( new_dirs= while read -r install_path Thanks for your consideration, -- Mourad DC -- System Information: Debian Release: bullseye/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-2-amd64 (SMP w/4 CPU threads) Kernel taint flags: TAINT_PROPRIETARY_MODULE, TAINT_OOT_MODULE, TAINT_UNSIGNED_MODULE Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages flatpak depends on: ii adduser 3.118 ii bubblewrap 0.4.1-1 ii dbus 1.12.20-1 ii libappstream-glib8 0.7.17-1 ii libarchive13 3.4.3-2 ii libc6 2.31-4 ii libdconf1 0.38.0-1 ii libfuse2 2.9.9-3 ii libgdk-pixbuf-2.0-0 2.40.0+dfsg-7 ii libgdk-pixbuf2.0-0 2.40.0+dfsg-7 ii libglib2.0-0 2.66.3-1 ii libgpgme11 1.14.0-1+b1 ii libjson-glib-1.0-0 1.6.0-1 ii libmalcontent-0-0 0.9.0-2 ii libostree-1-1 2020.8-2 ii libpolkit-agent-1-0 0.117-1 ii libpolkit-gobject-1-0 0.117-1 ii libseccomp2 2.5.0-3 ii libsoup2.4-1 2.72.0-2 ii libsystemd0 246.6-5 ii libxau6 1:1.0.8-1+b2 ii libxml2 2.9.10+dfsg-6.2 ii libzstd1 1.4.5+dfsg-4 ii xdg-dbus-proxy 0.1.2-1 Versions of packages flatpak recommends: ii desktop-file-utils 0.26-1 ii gtk-update-icon-cache 3.24.23-2 ii hicolor-icon-theme 0.17-2 ii libpam-systemd 246.6-5 ii p11-kit 0.23.21-2 ii policykit-1 0.117-1 ii shared-mime-info 2.0-1 ii xdg-desktop-portal 1.8.0-2 ii xdg-desktop-portal-gtk [xdg-desktop-portal-backend] 1.8.0-1 Versions of packages flatpak suggests: ii avahi-daemon 0.8-3 pn malcontent-gui <none> -- Configuration Files: /etc/profile.d/flatpak.sh changed: if command -v flatpak > /dev/null; then # set XDG_DATA_DIRS to include Flatpak installations new_dirs=$( ( unset G_MESSAGES_DEBUG echo "${XDG_DATA_HOME:-"$HOME/.local/share"}/flatpak" GIO_USE_VFS=local flatpak --installations ) | ( new_dirs= while read -r install_path do share_path=$install_path/exports/share case ":$XDG_DATA_DIRS:" in (*":$share_path:"*) :;; (*":$share_path/:"*) :;; (*) new_dirs=${new_dirs:+${new_dirs}:}$share_path;; esac done echo "$new_dirs" ) ) export XDG_DATA_DIRS XDG_DATA_DIRS="${new_dirs:+${new_dirs}:}${XDG_DATA_DIRS:-/usr/local/share:/usr/share}" fi -- no debconf information
--- End Message ---
--- Begin Message ---Source: flatpak Source-Version: 1.10.0-1 Done: Simon McVittie <[email protected]> We believe that the bug you reported is fixed in the latest version of flatpak, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Simon McVittie <[email protected]> (supplier of updated flatpak package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 14 Jan 2021 12:35:25 +0000 Source: flatpak Architecture: source Version: 1.10.0-1 Distribution: experimental Urgency: high Maintainer: Utopia Maintenance Team <[email protected]> Changed-By: Simon McVittie <[email protected]> Closes: 975710 Changes: flatpak (1.10.0-1) experimental; urgency=medium . * d/control: Fix branch in Vcs-Git for experimental * Merge packaging from unstable * New upstream release, starting the 1.10.x branch * Drop patches, applied upstream * d/flatpak.install: Install new systemd environment generator * d/tests: Mark update portal test as flaky due to https://github.com/flatpak/flatpak/issues/4065 . flatpak (1.8.5-1) unstable; urgency=high . * New upstream release fixing a sandbox escape vulnerability (GHSA-4ppf-fxf6-vxg2) * Mark patch for #975710 as having been applied upstream . flatpak (1.8.4-2) unstable; urgency=medium . * Mark patch for #972138 as having been applied upstream * Add patch to avoid gvfs-daemon being started when logging in as root. Thanks to Mourad De Clerck (Closes: #975710) * Add package-specific info from bubblewrap to bug reports. In particular, this will tell us whether it's setuid. Checksums-Sha1: 0c481cc6d4c1d8bf827382710455093ff99593d0 3638 flatpak_1.10.0-1.dsc 8082383da2a0bee5568b0ae6712310664601584d 1504300 flatpak_1.10.0.orig.tar.xz c11d2cd38b4a24b683a59a81606edb5c6ad23980 29856 flatpak_1.10.0-1.debian.tar.xz 2c521bda3a4d506f9c9f5a4db3f5be3f577f616c 11517 flatpak_1.10.0-1_source.buildinfo Checksums-Sha256: 9d7aabed950389c75ac8b7dfb422d09742198401162b263f45a9a8d3c9bdc0d7 3638 flatpak_1.10.0-1.dsc c70215792b7cbece83c489dab86adc9bfaf9b140c506affe2a48c92afa3d69b7 1504300 flatpak_1.10.0.orig.tar.xz 0720d7841f3c316aa535000d99afede71bf301e387b4b16d1c6292ad3e5d3ba0 29856 flatpak_1.10.0-1.debian.tar.xz 7ca74bf751a61e0ee91c282a7564070bc643748aa1806610db91277f0c1a2d7d 11517 flatpak_1.10.0-1_source.buildinfo Files: 626f70b623a56e591500010364e32784 3638 admin optional flatpak_1.10.0-1.dsc 1dcdb221ef80f9b97469a29e6eee092e 1504300 admin optional flatpak_1.10.0.orig.tar.xz f97fa07767da077ac847af49236c9e0c 29856 admin optional flatpak_1.10.0-1.debian.tar.xz 59156a761924271e7769689719ae14c5 11517 admin optional flatpak_1.10.0-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEENuxaZEik9e95vv6Y4FrhR4+BTE8FAmAAhHEACgkQ4FrhR4+B TE9fDxAArLaIuY2a/o3yvi/bq2OYn/KRRwGO+Rg9TgVlrxPggysvkGHt3Jhw+68S lhiA/ir5t+lMLLWNpBwJeNFWVu0fQRBtozRgbJF43aNNKR+2lUII6gViW5+Dv/gc SyHSsWAZCmZx+7SDUsXwe96OlEeaFG5mCTsZXE+raOiu7kkQ5xohraNR3nBUzsNT wGoFtAxE80v4HbR40uImFWS7ph+05UZzN2mtdu4ThmOT7xozWgWpyDKNk3Sa71n1 tsKyLbZQdye9RD5xwXBc0KMN4noypq+mK1LQ9jEClLAE34ZnW0LMaG0hPDU2ppMM u5nGM9UILsRxmzoo9rxb/ogdYqjwYIaWlA9w4j7HO7BhiWWwDSb0SxoDmcb2wYN6 XiL+VzRPDKbqWI4fkC4zVTgqmHnuh0CKEgWo23n2ny44zk236asZDybgxIpd3UGL b/a4ybZ/9jTwn6fIDjmTDhHHIz0MDqdISVTIULAmtsV93eOynQYnVIgoEp0ifpaJ V85Db96jwCUtIV3nNssJ7cIQcOYPtri/MYsjA19Nzu3I/5l//ZqkiMR4E8gHAvFC SWtUs+0qLfsRV0JSgOvuuf77NX6uFJTVF7RD7gdHnGVfztrp62cwnV9mjesT4VeR 2LHevgXroy4KsJ5n+XFhcDdAU5GFSheBJCkKVeYSVdRshzHB0As= =GyX2 -----END PGP SIGNATURE-----
--- End Message ---
