Your message dated Wed, 25 Feb 2026 00:18:41 +0000
with message-id <[email protected]>
and subject line Bug#1082432: fixed in rust-laurel 0.7.3-2
has caused the Debian Bug report #1082432,
regarding audit, rust-laurel: Permission mismatch for /etc/audit/ dirs
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1082432: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1082432
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: audit, rust-laurel
Severity: important
X-Debbugs-Cc: Helmut Grohne <[email protected]>
Hi!
While analyzing the archive for mismatched file metadata (as part of
the preparation to add support into dpkg), thanks to Helmut gathering
the data from the archive. I noticed that these two source packages
generate binaries that have a mismatch in the permissions for the
/etc/audit/ and /etc/audit/plugins.d/ directories, where there could be
security implications, if the contents are expected to contain secrets
that only root is supposed to read, as the permissions of the directory
are decided by the first package being unpacked, and subsequent
directory unpacks get ignored (including any change in permissions).
$ dpkg-deb -c audispd-plugins_1%3a4.0.1-1_amd64.deb | grep '/etc/audit.*/$'
drwxr-x--- root/root 0 2024-08-09 11:04 ./etc/audit/
drwxr-x--- root/root 0 2024-08-09 11:04 ./etc/audit/plugins.d/
$ dpkg-deb -c auditd_1%3a4.0.1-1_amd64.deb | grep '/etc/audit.*/$'
drwxr-x--- root/root 0 2024-08-09 11:04 ./etc/audit/
drwxr-x--- root/root 0 2024-08-09 11:04 ./etc/audit/plugins.d/
drwxr-x--- root/root 0 2024-08-09 11:04 ./etc/audit/rules.d/
$ dpkg-deb -c laurel_0.6.3-1_amd64.deb | grep '/etc/audit.*/$'
drwxr-xr-x root/root 0 2024-09-11 10:33 ./etc/audit/
drwxr-xr-x root/root 0 2024-09-11 10:33 ./etc/audit/plugins.d/
I assume the correct ones are coming from the audit source, but assigned
to both for awareness and coordination purposes, feel free to reassign
to whichever might need to adapt the permissions. If this has security
implications then it might be worth to set the security tag, and rise
the severity and perhaps prepare a change for a stable update too? If
there are no security implications, it would still be good to make the
permissions consistent, otherwise dpkg would start warning or erroring
out on mismatched metadata once the support gets in and is enabled.
Thanks,
Guillem
--- End Message ---
--- Begin Message ---
Source: rust-laurel
Source-Version: 0.7.3-2
Done: Hilko Bengen <[email protected]>
We believe that the bug you reported is fixed in the latest version of
rust-laurel, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Hilko Bengen <[email protected]> (supplier of updated rust-laurel package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Wed, 25 Feb 2026 00:58:55 +0100
Source: rust-laurel
Architecture: source
Version: 0.7.3-2
Distribution: unstable
Urgency: medium
Maintainer: Debian Rust Maintainers
<[email protected]>
Changed-By: Hilko Bengen <[email protected]>
Closes: 1082432
Changes:
rust-laurel (0.7.3-2) unstable; urgency=medium
.
* Add patch to disable filter_sockaddr test on big-endian
* Fix /etc/auditd directory permissions (Closes: #1082432)
Checksums-Sha1:
4ac20916dc77677b79d65680e192a3bac9369350 3458 rust-laurel_0.7.3-2.dsc
d3ade02be93cf771acd12dad33b53f6620f13645 5752 rust-laurel_0.7.3-2.debian.tar.xz
8eb2f8cb6772445e14ef39e7413b64b7ba2ad657 7397
rust-laurel_0.7.3-2_source.buildinfo
Checksums-Sha256:
6b4e72bf0b14e624841f4a2e578858b0d77b27375b6e268ae69e46e3561683f7 3458
rust-laurel_0.7.3-2.dsc
cce2ffa57db4dd0e71e78382047bb41189019a5a060483e3d36f09a8e29bc070 5752
rust-laurel_0.7.3-2.debian.tar.xz
dbf67c62c3ebc38d1cef7f2270e8f7282e06c4e4de979372eec48007a7e760c7 7397
rust-laurel_0.7.3-2_source.buildinfo
Files:
a28114f06b87bcde829ea9d79560b715 3458 admin optional rust-laurel_0.7.3-2.dsc
5c076c0ae57d6d6dc95def2b8b59845d 5752 admin optional
rust-laurel_0.7.3-2.debian.tar.xz
b2c3c17c86670946db728ed7ceb374c3 7397 admin optional
rust-laurel_0.7.3-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEErnMQVUQqHZbPTUx4dbcQY1whOn4FAmmeO0UACgkQdbcQY1wh
On4k/Q//SoLNKpM6kamhoynDhopkAaYk+8KBdK14L92Nk1dG4bCXxFhOi6wpfep0
1KBBlUm6oVEsLYMji1YVk53OvRFKYShCQ91XH5JmLd7ROd0m4w+rJR8RcdLmHiZD
jZAktQrpNm7bllK/6C38pgldPwmA9WkqGl6rtlMCP8Ie/Hs/AXsmPJ55JjqkL7NQ
ozYmga3rV7XD0MBhU1dp4JrKqMR6mdk+MM+ctMQYz59dEJFrhOhVpXyAG7RCR+AH
DBNPScO/W6nmh6njbBFE3r4cxldmfpHa21zGLXsFGZ4EQz8RE2L5hGNoWOSnFcgc
pKvdNQ7uqh0fH5wUG9DG/iGP28z3yLJciWLlOKYml97rSOlZ+H+ak9SstZs8QRA1
pKmLE4dK3MMn0sH6MXbbpE7J617K4cINpS1+QKEHLEgcsg/R0P7FhloATornAr1O
ekLJO1QK+4PoZRArE7oVWLI9hDGOt0DZuEz4GAKcUOttihvQ20nFXJLyKiEuzE8f
4vTJKc4dEY/Dsx+lOxkM83JYNeKErwoGiPvCKqt5y/Wk12KeslIVQrl1OsEizAF1
rkm803hqpIB/RHuleIqjA+zpelwkDKDclMH72tZ33WzHg8rzlfUdWSR98pP886/V
pOYS3NFHLYU7Dp6CGZY6ex0iwQuGymyLs2Lx3+abG923R5b13YE=
=Olz3
-----END PGP SIGNATURE-----
pgpdupEUoB2sF.pgp
Description: PGP signature
--- End Message ---
