On Wed, Dec 08, 2010 at 08:44:48PM +, Adam D. Barratt wrote:
> On Tue, 2010-12-07 at 17:31 +, Roger Leigh wrote:
> > I've made a new upload of schroot to unstable which fixes a few
> > security- and upgrade-related bugs. The bulk of the changes are
> > documentation (manual pages, release notes and changelogs). The
> > code changes are tiny, but are important to have to upgrade from
> > lenny cleanly and fully document security issues and program
> > behaviour.
>
> Unblocked; thanks.
>
> As discussed on IRC, it's a shame that this resulted in a new
> translatable (and currently untranslated) string, although the fact that
> the string should rarely be seen and is in the program translation
> rather than a debconf template mitigates this slightly.
I've allowed a fortnight for translation updates to come back, and
made a new release (1.4.17-1) containing five translation updates
and an additional RC bugfix. Please could you unblock this to
allow it into squeeze?
Changes:
http://git.debian.org/?p=buildd-tools/schroot.git;a=commitdiff;h=debian/schroot-1.4.17-1;hp=debian/schroot-1.4.16-1
Changes with generated files included:
http://git.debian.org/?p=buildd-tools/schroot.git;a=commitdiff;h=distribution/schroot-1.4.17;hp=distribution/schroot-1.4.16
Many thanks,
Roger
schroot (1.4.17-1) unstable; urgency=low
* New upstream stable release.
* 15killprocs: Don't kill processes in other sessions
(Closes: #608054). Compare full chroot path in addition to device
and inode numbers, since the device and inode are not sufficiently
unique (they are shared between non-cloned sessions such as for
directory type chroots).
* Updated translations:
- da (Closes: #606305). Thanks to Joe Hansen.
- de (Closes: #606245). Thanks to Holger Wansing.
- fr (Closes: #606394). Thanks to Thomas Blein.
- it. Thanks to Vincenzo Campanella.
- zh_CN. Thanks to Ji ZhengYu.
--
.''`. Roger Leigh
: :' : Debian GNU/Linux http://people.debian.org/~rleigh/
`. `' Printing on GNU/Linux? http://gutenprint.sourceforge.net/
`-GPG Public Key: 0x25BFB848 Please GPG sign your mail.
diff --git a/NEWS b/NEWS
index 8fa9bba..bdc5677 100644
--- a/NEWS
+++ b/NEWS
@@ -1,12 +1,16 @@
NEWS-*- outline -*-
-Welcome to schroot 1.4.16. Please read these release notes carefully.
+Welcome to schroot 1.4.17. Please read these release notes carefully.
Full installation instructions are provided in the INSTALL file. The
README file also contains more specific notes regarding building and
configuration.
+* Major changes in 1.4.17:
+
+ None.
+
* Major changes in 1.4.16:
1) Chroot naming restrictions introduced in 1.4.0 have been relaxed
diff --git a/debian/changelog b/debian/changelog
index 19022bf..fdb1c7f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,20 @@
+schroot (1.4.17-1) unstable; urgency=low
+
+ * New upstream stable release.
+ * 15killprocs: Don't kill processes in other sessions
+(Closes: #608054). Compare full chroot path in addition to device
+and inode numbers, since the device and inode are not sufficiently
+unique (they are shared between non-cloned sessions such as for
+directory type chroots).
+ * Updated translations:
+- da (Closes: #606305). Thanks to Joe Hansen.
+- de (Closes: #606245). Thanks to Holger Wansing.
+- fr (Closes: #606394). Thanks to Thomas Blein.
+- it. Thanks to Vincenzo Campanella.
+- zh_CN. Thanks to Ji ZhengYu.
+
+ -- Roger Leigh Wed, 29 Dec 2010 16:41:30 +
+
schroot (1.4.16-1) unstable; urgency=low
* New upstream stable release.
diff --git a/etc/setup.d/15killprocs b/etc/setup.d/15killprocs
index 619035e..1f246b0 100755
--- a/etc/setup.d/15killprocs
+++ b/etc/setup.d/15killprocs
@@ -40,28 +40,35 @@ do_kill_all()
info "Killing processes run inside $1"
ls /proc | egrep '^[[:digit:]]+$' |
while read pid; do
+ # Check if process root are the same device/inode as chroot
+ # root (for efficiency)
if [ /proc/"$pid"/root -ef "$1" ]; then
-exe=$(readlink /proc/"$pid"/exe || true)
-info "Killing left-over pid $pid (${exe##$1})"
-info " Sending SIGTERM to pid $pid"
+ # Check if process and chroot root are the same (may be
+ # different even if device/inode match).
+ root=$(readlink /proc/"$pid"/root || true)
+ if [ "$root" = "$1" ]; then
+ exe=$(readlink /proc/"$pid"/exe || true)
+ info "Killing left-over pid $pid (${exe##$1})"
+ info " Sending SIGTERM to pid $pid"
-/bin/kill -TERM "$pid" 2>/dev/null
+ /bin/kill -TERM "$pid" 2>/dev/null
-count=0
-max=5
-while [ -d /proc/"$pid" ]; do
-count=$(( $count + 1 ))
-info " Waiting for pid $pid to shut down... ($count/$max)"
-sleep 1
-# Wait for $max seco