Package: release.debian.org Severity: normal X-Debbugs-Cc: [email protected], [email protected] Control: affects -1 + src:procps User: [email protected] Usertags: unblock
Please unblock package procps Apologies to package maintainer and the RT: I have framed this as an NMU so I can produce a changelog and debdiff that represent a viable upload for the purposes of this unblock request. I hope Craig has an opportunity to take over this upload but want to initiate the unblock request while still possible. That would mean the changelog and version number potentially changing before upload. [ Reason ] To fix RC bug #1108549, of which there are two parts: 1. (severity: serious) w acts on the value of uninitialised memory if systemd not present. On some systems this leads to a segfault. 2. (severity: important) w provides incomplete security audit information when run on a system using elogind (falls back to reading utmp instead of yielding the sessions recorded by elogind.) The change in the new version replaces the decision tree for collecting session information, fixing both the above bugs together, although the first bug can also be fixed by a one-line change, which is included in a reworked version of an existing patch. [ Impact ] Some users will experience confusing output that could in the worse case mislead on security status, particularly as it partially works due to falling back to reading utmp. Some users may experience a segfault with a basic system tool, which reduces user confidence. [ Tests ] I (original bug and patch submitter) conducted the following tests: | scenario | systemd | elogind | none [1] | | ----------- | ------- | ------- | -------- | | sessions | ✓ | ✓ | ✓ (utmp) | | no sessions | ✓ [2] | ✓ [2] | ✓ [2] | | error | | | N/A | [1]: No session management simulated by renaming /run/systemd under elogind [2]: 'No sessions' scenario exercised by scheduling at job The case of error from sd_get_sessions() is untested; this seems low risk. [ Risks ] Risk of introducing a regression with undertested paths or other unintended consequences. The change is small enough that we can be fairly confident it is correct by inspection and the key combinations in the matrix of use cases has been tested manually. [ Checklist ] [x] all changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in testing [ Other info ] 1. BTS bug with discussion: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108549 2. changelog and version number could change before upload if package maintainer has an opportunity to take over. unblock procps/2:4.0.4-8.1
diff -Nru procps-4.0.4/debian/changelog procps-4.0.4/debian/changelog --- procps-4.0.4/debian/changelog 2025-04-14 09:06:27.000000000 +0100 +++ procps-4.0.4/debian/changelog 2025-07-30 06:36:43.000000000 +0100 @@ -1,3 +1,16 @@ +procps (2:4.0.4-8.1) unstable; urgency=medium + + * Non-maintainer upload. + + [ Craig Small ] + * d/changelog: Fix number for skill bug + + [ Andrew Bower ] + * Initialise sessions variable in w. (Closes: #1108549) + * d/patches: get sessions even if !sd_booted() + + -- Andrew Bower <[email protected]> Wed, 30 Jul 2025 06:36:43 +0100 + procps (2:4.0.4-8) unstable; urgency=medium * Port 4.0.5 patches: @@ -6,7 +19,7 @@ - library: Use clock_gettime for pids API Closes: #842879 - kill: Correctly parse negative pids - sysctl: Don't read some keys Closes: #978688 - - skill: Fix lonesome : in help Closes: #1086441 + - skill: Fix lonesome : in help Closes: #1086641 - sysctl.conf.5 Note changes with systemd Closes: #1077187 - vmstat.8: si/so are changed by --unit Closes: #1061944 - w: Don't crash with short option Closes: #1054345 diff -Nru procps-4.0.4/debian/patches/series procps-4.0.4/debian/patches/series --- procps-4.0.4/debian/patches/series 2025-04-14 09:06:27.000000000 +0100 +++ procps-4.0.4/debian/patches/series 2025-07-30 06:36:43.000000000 +0100 @@ -21,3 +21,4 @@ library_lxc_leak sysctl_conf5_update library_use_clock_gettime +w_sessions_without_sd diff -Nru procps-4.0.4/debian/patches/w_sessions_without_sd procps-4.0.4/debian/patches/w_sessions_without_sd --- procps-4.0.4/debian/patches/w_sessions_without_sd 1970-01-01 01:00:00.000000000 +0100 +++ procps-4.0.4/debian/patches/w_sessions_without_sd 2025-07-30 06:36:43.000000000 +0100 @@ -0,0 +1,66 @@ +From: Andrew Bower <[email protected]> +Date: Sun, 27 Jul 2025 22:14:43 +0100 +Bug-Debian: https://bugs.debian.org/1108549 +Subject: w: Get sessions even if !sd_booted() + +Use sd_get_sessions() to determine whether systemd-style session recording is +in use rather than checking for sd_booted(), but only fall back to reading utmp +if !sd_booted(). This allows sessions to be listed that have been recorded by +elogind. + +--- + src/w.c | 18 +++++++----------- + 1 file changed, 7 insertions(+), 11 deletions(-) + +diff --git a/src/w.c b/src/w.c +index 01652ac..26805ef 100644 +--- a/src/w.c ++++ b/src/w.c +@@ -964,6 +964,8 @@ void print_user_terminals( + int main(int argc, char **argv) + { + char *match_user = NULL, *p; ++ char **sessions_list; ++ int sessions; + utmp_t *u; + struct winsize win; + int ch; +@@ -1113,16 +1115,11 @@ int main(int argc, char **argv) + + if (term_mode) { + print_user_terminals(longform, maxcmd, from, userlen, fromlen, ip_addresses, pids, info, pids_cache); +- } else { + #if (defined(WITH_SYSTEMD) || defined(WITH_ELOGIND)) && defined(HAVE_SD_SESSION_GET_LEADER) +- char **sessions_list; +- int sessions = 0; +- if (sd_booted() > 0) +- sessions = sd_get_sessions (&sessions_list); +- if (sessions < 0 && sessions != -ENOENT) ++ } else if ((sessions = sd_get_sessions (&sessions_list)) ++ < 0 && sessions != -ENOENT) { + error(EXIT_FAILURE, -sessions, _("error getting sessions")); +- if (sessions > 0) { +- //int i; ++ } else if (sessions > 0) { + for (int i = 0; i < sessions; i++) { + char *class, *name; + int r; +@@ -1146,6 +1143,8 @@ int main(int argc, char **argv) + free(sessions_list[i]); + } + free(sessions_list); ++ } else if (!sd_booted()) { ++#else + } else { + #endif + #ifdef HAVE_UTMPX_H +@@ -1175,9 +1174,6 @@ int main(int argc, char **argv) + endutxent(); + #else + endutent(); +-#endif +-#if (defined(WITH_SYSTEMD) || defined(WITH_ELOGIND)) && defined(HAVE_SD_SESSION_GET_LEADER) +- } + #endif + } + diff -Nru procps-4.0.4/debian/patches/w_terminal_mode procps-4.0.4/debian/patches/w_terminal_mode --- procps-4.0.4/debian/patches/w_terminal_mode 2025-04-14 09:06:27.000000000 +0100 +++ procps-4.0.4/debian/patches/w_terminal_mode 2025-07-30 06:36:43.000000000 +0100 @@ -20,10 +20,13 @@ * From/IP won't work for utmp systems . This patch includes the upstreams original commit and the enhancement. + . + Updated 2025-07-23 to avoid acting on the value of uninitialized sessions + variable. Author: Craig Small <[email protected]> Origin: upstream, https://gitlab.com/procps-ng/procps/-/commit/f53cc24d57085c87ebb1871b92c0069b72a60926 Applied-Upstream: 4.0.6 -Last-Update: 2025-04-14 +Last-Update: 2025-07-23 --- This patch header follows DEP-3: http://dep.debian.net/deps/dep3/ --- a/man/w.1 @@ -485,7 +488,7 @@ + } else { +#if (defined(WITH_SYSTEMD) || defined(WITH_ELOGIND)) && defined(HAVE_SD_SESSION_GET_LEADER) + char **sessions_list; -+ int sessions; ++ int sessions = 0; + if (sd_booted() > 0) sessions = sd_get_sessions (&sessions_list); - if (sessions < 0 && sessions != -ENOENT)
