Package: dpkg Version: 1.20.9 Severity: important Tags: patch X-Debbugs-Cc: maillist-d...@barfooze.de
the code in statdb_node_apply, unlike all other functions trying to chown a file, ignores --force-not-root, which breaks usage in a non-root container. see attached patch to fix the issue (it might be required to add a header to get the definition of forcible_nonroot_error(); i haven't been able to test compilation. -- Package-specific info: System tainted due to merged-usr-via-aliased-dirs. -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 5.4.36 (SMP w/16 CPU threads) Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/dash Init: unable to detect Versions of packages dpkg depends on: ii libbz2-1.0 1.0.8-4 ii libc6 2.33-7 ii liblzma5 5.2.5-2 ii libselinux1 3.3-1+b1 ii tar 1.34+dfsg-1 ii zlib1g 1:1.2.11.dfsg-2 dpkg recommends no packages. Versions of packages dpkg suggests: ii apt 2.3.12 pn debsig-verify <none> -- Configuration Files: /etc/dpkg/dpkg.cfg changed: no-debsig log /var/log/dpkg.log force-not-root -- no debconf information
diff --git a/src/statoverride/main.c b/src/statoverride/main.c index 1b3c998d4..89474d62a 100644 --- a/src/statoverride/main.c +++ b/src/statoverride/main.c @@ -185,9 +185,9 @@ statdb_node_remove(const char *filename) static void statdb_node_apply(const char *filename, struct file_stat *filestat) { - if (chown(filename, filestat->uid, filestat->gid) < 0) + if (forcible_nonroot_error(chown(filename, filestat->uid, filestat->gid))) ohshite(_("error setting ownership of '%.255s'"), filename); - if (chmod(filename, filestat->mode & ~S_IFMT)) + if (forcible_nonroot_error(chmod(filename, filestat->mode & ~S_IFMT))) ohshite(_("error setting permissions of '%.255s'"), filename); dpkg_selabel_load();