Package: release.debian.org Severity: normal Tags: bullseye User: release.debian....@packages.debian.org Usertags: pu X-Debbugs-Cc: golang-github-containers-com...@packages.debian.org, siret...@tauware.de Control: affects -1 + src:golang-github-containers-common
[ Reason ] Podman relies on DBUS for correct functioning and reads the DBUS_SESSION_BUS_ADDRESS environent variables. As it turns out, some session managers use multiple values, separated by comma, to add additional information, such as a "guid". Unfortunately, an oversight in the parsing code in podman 3 fails to take multi-value items into account and leads to podman failing to connect to the session bus. [ Impact ] This is highly inconvenient to the users as they would have to either use a session manager that sets the DBUS_SESSION_BUS_ADDRESS without commas, or the user would have to sanitize the environment manually. Only very highly skilled users that happened to find https://github.com/containers/podman/issues/15546 or https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1018816 would be able to figure this out. [ Tests ] This was manually tested. [ Risks ] the risk of regression is minimal, the patch was taken from upstream, and is included in later releases. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] diff --git a/debian/changelog b/debian/changelog index c23b4b9b..97d97794 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +golang-github-containers-common (0.33.4+ds1-1+deb11u2) bullseye; urgency=medium + + * Fix parsing of DBUS_SESSION_BUS_ADDRESS, Closes: #1018816 + + -- Reinhard Tartler <siret...@tauware.de> Mon, 10 Apr 2023 18:19:51 -0400 + golang-github-containers-common (0.33.4+ds1-1+deb11u1) bullseye; urgency=medium * Backport seccomp patches from upstream to allow execution of newer diff --git a/debian/patches/DBUS_SESSION_BUS_ADDRESS_parsing.patch b/debian/patches/DBUS_SESSION_BUS_ADDRESS_parsing.patch new file mode 100644 index 00000000..d1408a43 --- /dev/null +++ b/debian/patches/DBUS_SESSION_BUS_ADDRESS_parsing.patch @@ -0,0 +1,37 @@ +commit 47ea9a8cbcc35d1e758b01ae40f37fec8a2e310b +Author: Giuseppe Scrivano <gscri...@redhat.com> +Date: Mon Jul 26 15:00:25 2021 +0200 + + config: split arguments in DBUS_SESSION_BUS_ADDRESS + + split the DBUS_SESSION_BUS_ADDRESS value so that something like: + + unix:path=/run/user/1000/bus,guid=817e9ffcfb383869ad17ea8360e7428a + + will ignore ",guid=817e9ffcfb383869ad17ea8360e7428a" when checking + that the path exists. + + Closes: https://bugzilla.redhat.com/show_bug.cgi?id=1984531 + + Signed-off-by: Giuseppe Scrivano <gscri...@redhat.com> + +--- a/pkg/config/config.go ++++ b/pkg/config/config.go +@@ -538,9 +538,14 @@ + + session := os.Getenv("DBUS_SESSION_BUS_ADDRESS") + hasSession := session != "" +- if hasSession && strings.HasPrefix(session, "unix:path=") { +- _, err := os.Stat(strings.TrimPrefix(session, "unix:path=")) +- hasSession = err == nil ++ if hasSession { ++ for _, part := range strings.Split(session, ",") { ++ if strings.HasPrefix(part, "unix:path=") { ++ _, err := os.Stat(strings.TrimPrefix(part, "unix:path=")) ++ hasSession = err == nil ++ break ++ } ++ } + } + + if !hasSession { diff --git a/debian/patches/series b/debian/patches/series index c2a2b119..201ff0d9 100644 --- a/debian/patches/series +++ b/debian/patches/series @@ -6,3 +6,4 @@ seccomp-fixup.patch 08bbb0dfae71da36afd3be1ca104701e6cfa4406.patch 0f242ca74bd16175bc55013ed457c88137bec0cf.patch 689e5b074454da5228bb05604f89b7a876baa8fe.patch +DBUS_SESSION_BUS_ADDRESS_parsing.patch