Package: approx Version: 3.5-1 Severity: important Hello,
"approx-import", "approx-gc" and "approx-import" want to be run as the user that is defined in "/etc/approx/approx.conf", which happens to be "approx" in the default configuration. However, again in the default configuration, the user "approx" does not have a valid shell. Because of this, to be able to use "approx-import", "approx-gc" or "approx-update", one has to write very long command lines like the following: === 8< === su -s /bin/bash -c "/usr/sbin/approx-import /var/cache/apt/archives/*.deb" approx === >8 === As you can see, this is a bit inconvenient. Furthermore, none of the other competing apt proxy utilities (such as apt-cacher, apt-cacher-ng, apt-proxy) require such long command lines just to import packages. Here's a command-line conversation showing the severity of the problem: (I have added a few line breaks for readability.) === 8< === root:~ # approx-import /var/cache/apt/archives/*.deb Failure: not running as user approx root:~ # su approx root:~ # echo $? 1 root:~ # su -c "approx-import /var/cache/apt/archives/*.deb" approx root:~ # echo $? 1 root:~ # grep approx /etc/passwd approx:x:121:145::/var/cache/approx:/bin/false root:~ # su -s /bin/bash -c "approx-import /var/cache/apt/archives/*.deb" approx bash: approx-import: command not found root:~ # su -s /bin/bash -c "/usr/sbin/approx-import /var/cache/apt/archives/*.deb" approx root:~ # echo $? 0 # finally... ... === >8 === As you can see, the combination of the installation path of "approx-import" and the fact that the user "approx" has "/bin/false" as the default shell amounts to big inconveniences when one tries to use "approx-import", "approx-gc" or "approx-update". Here is a suggestion: "approx-import" could check if it is being run as root, and then try to set its user ID to the one defined in the configuration file of "approx". Otherwise, it could emit a warning message stating that it is being run as a user other than "root" and "approx" and then it could try to run as the user who actually runs "approx-import". (Similar suggestions apply to "approx-gc" and "approx-update".) Regards, M. Vefa Bicakci -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
