Your message dated Wed, 22 Aug 2018 13:49:41 +0000 with message-id <e1fstw1-000cpa...@fasolo.debian.org> and subject line Bug#903917: fixed in sssd 1.16.3-1 has caused the Debian Bug report #903917, regarding libsss-sudo.postinst clobbers local change to /etc/nsswitch.conf to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 903917: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=903917 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: libsss-sudo Version: 1.16.2-1 Severity: serious Justification: policy violation (section 10.7.3) User: ubuntu-de...@lists.ubuntu.com Usertags: origin-ubuntu cosmic Steps to reproduce: 1. apt install sssd 2. Edit /etc/nsswitch.conf and remove "sss" from the "sudoers" entry 3. apt install --reinstall libsss-sudo Expected behaviour: "sss" remains not present in /etc/nsswitch.conf (ie. the local change is preserved). Actual behaviour: "sss" is re-added to nsswitch.conf. I have verified this behaviour in a Debian sid container today. Policy violation: This breaks "local changes must be preserved during a package upgrade" from policy section 10.7.3. Suggested fix: Make the change only on fresh install of the package, rather than on upgrade. Additional information: You might be interested to know that the reason users are hitting this is that they are trying to work around a different bug that is reported downstream here: https://bugs.launchpad.net/ubuntu/+source/sssd/+bug/1249777. But the workaround gets removed on upgrade. Thanks, Robie
signature.asc
Description: PGP signature
--- End Message ---
--- Begin Message ---Source: sssd Source-Version: 1.16.3-1 We believe that the bug you reported is fixed in the latest version of sssd, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 903...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Timo Aaltonen <tjaal...@debian.org> (supplier of updated sssd package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 22 Aug 2018 16:34:01 +0300 Source: sssd Binary: sssd sssd-common sssd-ad sssd-ad-common sssd-dbus sssd-ipa sssd-kcm sssd-krb5 sssd-krb5-common sssd-ldap sssd-proxy sssd-tools libnss-sss libpam-sss libipa-hbac0 libipa-hbac-dev libsss-certmap0 libsss-certmap-dev libsss-idmap0 libsss-idmap-dev libsss-nss-idmap0 libsss-nss-idmap-dev libsss-sudo libsss-simpleifp0 libsss-simpleifp-dev libwbclient-sssd libwbclient-sssd-dev python-libipa-hbac python-libsss-nss-idmap python-sss python3-libipa-hbac python3-libsss-nss-idmap python3-sss Architecture: source Version: 1.16.3-1 Distribution: unstable Urgency: medium Maintainer: Debian SSSD Team <pkg-sssd-de...@alioth-lists.debian.net> Changed-By: Timo Aaltonen <tjaal...@debian.org> Description: libipa-hbac-dev - FreeIPA HBAC Evaluator library -- development files libipa-hbac0 - FreeIPA HBAC Evaluator library libnss-sss - Nss library for the System Security Services Daemon libpam-sss - Pam module for the System Security Services Daemon libsss-certmap-dev - Certificate mapping library for SSSD -- development files libsss-certmap0 - Certificate mapping library for SSSD libsss-idmap-dev - ID mapping library for SSSD -- development files libsss-idmap0 - ID mapping library for SSSD libsss-nss-idmap-dev - SID based lookups library for SSSD -- development files libsss-nss-idmap0 - SID based lookups library for SSSD libsss-simpleifp-dev - SSSD D-Bus responder helper library -- development files libsss-simpleifp0 - SSSD D-Bus responder helper library libsss-sudo - Communicator library for sudo libwbclient-sssd - SSSD libwbclient implementation libwbclient-sssd-dev - SSSD libwbclient implementation -- development files python-libipa-hbac - Python bindings for the FreeIPA HBAC Evaluator library python-libsss-nss-idmap - Python bindings for the SID lookups library python-sss - Python module for the System Security Services Daemon python3-libipa-hbac - Python3 bindings for the FreeIPA HBAC Evaluator library python3-libsss-nss-idmap - Python3 bindings for the SID lookups library python3-sss - Python3 module for the System Security Services Daemon sssd - System Security Services Daemon -- metapackage sssd-ad - System Security Services Daemon -- Active Directory back end sssd-ad-common - System Security Services Daemon -- PAC responder sssd-common - System Security Services Daemon -- common files sssd-dbus - System Security Services Daemon -- D-Bus responder sssd-ipa - System Security Services Daemon -- IPA back end sssd-kcm - System Security Services Daemon -- Kerberos KCM server implementa sssd-krb5 - System Security Services Daemon -- Kerberos back end sssd-krb5-common - System Security Services Daemon -- Kerberos helpers sssd-ldap - System Security Services Daemon -- LDAP back end sssd-proxy - System Security Services Daemon -- proxy back end sssd-tools - System Security Services Daemon -- tools Closes: 903917 905220 Changes: sssd (1.16.3-1) unstable; urgency=medium . * New upstream release. * control: Add python-sss to sssd-tools depends. (Closes: #905220) * libsss-sudo: Add sss entry to nsswitch only on initial install. (Closes: #903917) * control: Update list address. * disable-tests.diff: Dropped, all tests pass on a proper buildd setup which should have /etc/{hosts,networks} populated. Checksums-Sha1: 6c5aebaef0048016c343851b4d66c534cfca969f 4746 sssd_1.16.3-1.dsc 4a2512a59930c79d416d74b62e6bd580c874824f 6217114 sssd_1.16.3.orig.tar.gz 1e696d3431b9a8b957b04393c30e17f94a3ebe9c 97492 sssd_1.16.3-1.diff.gz 891ef01c4c79108782e7ad2c2989240ba1450eaf 8797 sssd_1.16.3-1_source.buildinfo Checksums-Sha256: 5f1a1dc69abcc19aec3e8c4b2adc790c51194d492653fcbde70e45d1eec66e8f 4746 sssd_1.16.3-1.dsc ee5d17a0c663c09819cbab9364085b9e57faeca02406cc30efe14cc0cfc04ec4 6217114 sssd_1.16.3.orig.tar.gz 6f345c617b54789c8c0a9e3cfa446d5b7d06592057a49b02efb947bb1966c311 97492 sssd_1.16.3-1.diff.gz 06424b42689727fd940fc490c8bcf1ece18b83a28ca2f9f0e6d3af2f5ae994c8 8797 sssd_1.16.3-1_source.buildinfo Files: bfdb43302768b5356358c2f26448b6b8 4746 utils optional sssd_1.16.3-1.dsc af4288c9d1f9953e3b3b6e0b165a5ece 6217114 utils optional sssd_1.16.3.orig.tar.gz 331058055cae07e65a72e1f3374c8bf5 97492 utils optional sssd_1.16.3-1.diff.gz a6fc9770c2aecd0fddb02c532aec5b98 8797 utils optional sssd_1.16.3-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEdS3ifE3rFwGbS2Yjy3AxZaiJhNwFAlt9ZlkACgkQy3AxZaiJ hNzn6w/+KO/kBiSJ7iwFf/AOYQuUcpMVliTUQUn4TID2HlLljPSuu80zabAz/y3G njttY1Cge7Tz0mTg6WUM4CynYp0ak1Q0FlRBWVYsV/yDeL+5MEnn/AsyzVRc5vPT 5RovKjOWNv2QdsTVGeBsjAVP6Wpv/3cpwIovDv67MJnjJPVIrSXyjXcaifGL58cG xOfvyh9Bi5vBbVNALqUIJuDzH7MwSkuszqpWSOtNEbOH7YH6R9VNFefNyVmMGFXG esZOlntTMlf0pkUdBK9u+hO7GnEAMOjnrvsB3EyRO7oX7D8blm35+v+A7YmMwFV7 7FNmqaDuf5ZlNUw4lNLS0xamp431q/fG1rR6w48H2QsTeJ9dfR/sVqxDrfG9hbcv bM+iVup1TXU2LyZBRLqY5JcdxAAkIYszWURkkF1iaifeFR4ge3vdssiZDra0w3r9 ZOBm0pNJDEKwk8VJGqmwkYGcaTM8DULwx8XpMVCyIGn6NObscTJmvv1ux0yfbvM5 7eGiEEbT/IRkwQRMWyKWvEyFJ8pNoVAQ6KilMg7/oqTjpjz7Inl8MCZXGD7wdmPt Mrus0/vbNA3QJXMTx3cjNIR1SsQC5jkLVlvjbHKOQCKwB9/frZ3ygSckGUL7no42 m9PufrN+9ewtd1mlnj9lxl9yh7QEBqSrraYAzbCh45W5vxepggI= =RDLW -----END PGP SIGNATURE-----
--- End Message ---
