Package: couchdb
Version: 1.1.0-1
Severity: normal
Tags: patch
couchdb 1.1.0-1 appears to have been created by taking the 0.9.0-1 source and
merging the new upstream. This means that the packaging work that happened for
versions 0.9.0-2 through to 0.11.0-2.3 is missing.
This has caused a regression of #532756, #60005 and #569965 as well as several
other issues that were fixed but not raised as bugs in BTS.
I have attached a patch that merges into 1.1.0-1 the still relevant changes
from 0.9.0-2 to 0.11.0-2.3. This includes:
* Restoring debian/changelog entries that were cut
* debian/patches/init.patch to fix the broken init.d script
* Fixes for #532756, #60005 and #569965
* Updating debian/copyright to include changes upstream
* Tidying up of scripts by previous maintainers
-- System Information:
Debian Release: wheezy/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 3.0.0-1-486
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages couchdb depends on:
ii adduser 3.113 add and remove users and groups
ii erlang-base 1:14.b.3-dfsg-2 Erlang/OTP virtual machine and bas
ii erlang-nox 1:14.b.3-dfsg-2 Erlang/OTP applications that don't
ii libc6 2.13-11 Embedded GNU C Library: Shared lib
ii libcurl3 7.21.6-3 Multi-protocol file transfer libra
ii libicu44 4.4.2-2 International Components for Unico
ii libjs-jquery 1.6.2-1 JavaScript library for dynamic web
ii libjs-jquery-form 4-1 jQuery Form Plugin
ii libmozjs2d 1.9.1.19-3 The Mozilla SpiderMonkey JavaScrip
ii lsb-base 3.2-27 Linux Standard Base 3.2 init scrip
couchdb recommends no packages.
couchdb suggests no packages.
-- Configuration Files:
/etc/couchdb/default.ini [Errno 13] Permission denied:
u'/etc/couchdb/default.ini'
/etc/couchdb/local.ini [Errno 13] Permission denied: u'/etc/couchdb/local.ini'
-- no debconf information
diff -Nur couchdb-1.1.0/debian/changelog couchdb-1.1.0-merged//debian/changelog
--- couchdb-1.1.0/debian/changelog 2011-07-28 15:37:05.000000000 +0100
+++ couchdb-1.1.0-merged//debian/changelog 2011-07-28 15:38:25.797821284 +0100
@@ -13,6 +13,130 @@
-- Laszlo Boszormenyi (GCS) <g...@debian.hu> Thu, 14 Apr 2011 11:56:01 +0200
+couchdb (0.11.0-2.3) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * debian/rules: make sure /var/{lib,log}/couchdb have permission set to 750
+ (related to #600051).
+
+ -- Serafeim Zanikolas <s...@debian.org> Mon, 01 Nov 2010 20:08:08 +0100
+
+couchdb (0.11.0-2.2) unstable; urgency=high
+
+ * Non-maintainer upload.
+ * Apply permission settings during package build (as opposed to during
+ package installation) (Closes: #600051). Setting high urgency for RC bug.
+
+ -- Serafeim Zanikolas <s...@debian.org> Sat, 30 Oct 2010 13:03:20 +0200
+
+couchdb (0.11.0-2.1) unstable; urgency=high
+
+ * Non-maintainer upload by the Security Team.
+ * CVE-2010-2234: fix Cross-site request forgery vulnerability
+ (Closes: #570013)
+
+ -- Giuseppe Iuculano <iucul...@debian.org> Sun, 26 Sep 2010 11:09:53 +0200
+
+couchdb (0.11.0-2) unstable; urgency=low
+
+ * Added patch from upstream which fixes compatibiluty with Erlang R14A
+ (closes: #587768, #587386).
+
+ -- Sergei Golovan <sgolo...@debian.org> Mon, 05 Jul 2010 23:04:45 +0400
+
+couchdb (0.11.0-1) unstable; urgency=medium (security fixes)
+
+ * New upstream release, including security fix for CVE-2010-00009.
+ (closes: #576304, #577417)
+ * Removed debian/patches/icu-patch.patch, as it's no longer needed.
+
+ -- Sam Bisbee <sbis...@computervip.com> Fri, 16 Apr 2010 18:04:47 +0400
+
+couchdb (0.10.1-2) unstable; urgency=low
+
+ [ Elliot Murphy ]
+ * Updated debian/control, added Elliot to Uploaders
+ * Dropped $ENABLE_SERVER portion of debian/patches/init.patch
+
+ [ Sam Bisbee ]
+ * Updated debian/patches/init.patch, adding a grace period to the init
+ script's stop task to allow couchdb's child processes (ie., heart) a chance
+ to exit before deciding whether the task was successful or not. This adds a
+ dependency on procps (`ps` command).
+ * Removed debian/preinst, undoing killall preinst patch from 0.10.0-1 that is
+ no longer needed due to the grace period init patch in this release. This
+ also removes the dependency on psmisc. (closes: #562901)
+ * Updated debian/control, bumping Debian standards version to 3.8.4.
+ * Updated debian/control, adding mawk as a dependency. The majority of
+ systems will have it installed with the base system, but it's required and
+ not essential. (closes: #569965)
+
+ -- Sam Bisbee <sbis...@computervip.com> Tue, 09 Mar 2010 21:55:59 +0300
+
+couchdb (0.10.1-1) unstable; urgency=low
+
+ * New upstream release (closes: #550782).
+ * Cleaning up nmu related lintian warnings.
+
+ -- Sam Bisbee <sbis...@computervip.com> Wed, 23 Dec 2009 23:15:27 -0500
+
+couchdb (0.10.0-1) unstable; urgency=low
+
+ [ Elliot Murphy ]
+ * Updated debian/copyright, added src/etap*
+ * Updated debian/control, changed Maintainer to Erlang team address
+ * Updated debian/control, changed Vcs- links to new locations.
+
+ [ Sergei Golovan ]
+ * New upstream release (closes: #551212, #554080, #554593).
+ * Removed unnecessary build dependency on transitional erlang-nox package.
+ * Replaced subst variables in dependencies by ${erlang:Depends} which allows
+ to calculate dependencies automatically. This removes erlang-nox from
+ dependencies (closes: #532756).
+ * Bumped standards version to 3.8.3.
+ * It's normal if /etc/init.d script is left after package removal as a
+ config file (and the binary isn't available). Therefore made it return
+ success in case if /usr/bin/couchdb doesn't exist or isn't an executable.
+ * Change current directory to /var/run/couchdb in init script to prevent
+ error messages about access violation by code server if the current dir
+ isn't readable by the couchdb user.
+ * Put log files directly into /var/log/couchdb directory. There's no reason
+ to have different log subdirectories for different couchdb versions.
+
+ [ Noah Slater ]
+ * Updated debian/control, updated Build-Depends on debhelper to 7.2.11.
+
+ [ Sam Bisbee ]
+ * Updated debian/control, repointed Vcs links.
+ * Fix "replacing libreadline5-dev build dependency with libreadline-
+ dev" Updated debian/control, changed libreadline5-dev dependency to
+ libreadline-dev. (Closes: #553742)
+ * Updated debian/README.Debian, removed log directory partitioning info
+ per Sergei's related changes to put all logs in one directory.
+ * Updated debian/postrm, rmdir didn't like that its target directories
+ weren't non-empty (despite passed args), causing errors and failing to
+ remove directories. Also removed the version partitioning cases.
+ * Created debian/preinst, now we make sure that couchdb isn't running any
+ beam processes on upgrade. Upgrading from 0.9.0-2 was leaving old code in a
+ running beam process, so you were running 0.9.0 couchdb but had 0.10.0 code
+ installed until you killed the process. Adds a dependency on psmisc.
+
+ -- Sam Bisbee <sbis...@computervip.com> Sat, 21 Nov 2009 17:10:39 -0500
+
+couchdb (0.9.0-2) unstable; urgency=low
+
+ * Updated debian/dirs, removed /var/run/couchdb directory per policy.
+ * Updated debian/patches/pid.patch, create /var/run/couchdb dynamically.
+ * Updated debian/postrm, added VERSION variable.
+ * Updated debian/postrm, added missing removal of log directories.
+ * Updated debian/postrm, fixed missing function error.
+ * Updated debian/rules, added patch for debian/postrm to update VERSION.
+ * Updated debian/rules, fixed bug with configure patch.
+ * Updated debian/control, added build-dependency on erlang-dev >= 1:13.b
+ to make transition to Erlang R13B easier.
+
+ -- Noah Slater <nsla...@tumbolia.org> Mon, 11 May 2009 11:26:55 +0400
+
couchdb (0.9.0-1) unstable; urgency=low
* New upstream release. Closes: #522051
diff -Nur couchdb-1.1.0/debian/control couchdb-1.1.0-merged//debian/control
--- couchdb-1.1.0/debian/control 2011-07-28 15:37:05.000000000 +0100
+++ couchdb-1.1.0-merged//debian/control 2011-07-28 16:03:39.000000000 +0100
@@ -3,15 +3,35 @@
Priority: optional
Maintainer: Laszlo Boszormenyi (GCS) <g...@debian.hu>
Standards-Version: 3.9.2
-Build-Depends: cdbs (>= 0.4.42), debhelper (>= 5.0.37.2),
- erlang-dev (>= 1:11.b.2), erlang-nox, help2man, libcurl4-openssl-dev,
- libicu-dev, libmozjs-dev, libreadline-dev
+Build-Depends: cdbs (>= 0.4.42),
+ debhelper (>= 7.2.11),
+ erlang-crypto,
+ erlang-dev (>= 1:13.b.1-dfsg-3),
+ erlang-eunit,
+ erlang-inets,
+ erlang-xmerl,
+ help2man,
+ libcurl4-openssl-dev,
+ libicu-dev,
+ libmozjs-dev,
+ libreadline-dev
Homepage: http://couchdb.apache.org/
Package: couchdb
Architecture: any
-Depends: ${misc:Depends}, ${shlibs:Depends}, ${erlang-base:Depends},
- ${erlang-nox:Depends}, erlang-base-hipe | erlang-base | ${erlang-abi:Depends}, adduser, libjs-jquery (>= 1.4.2), libjs-jquery-form, lsb-base
+Depends: adduser,
+ erlang-base-hipe | erlang-base | ${erlang-abi:Depends},
+ libjs-jquery (>= 1.4.2),
+ libjs-jquery-form (>= 2.36),
+ lsb-base,
+ mawk,
+ procps,
+ ${erlang-crypto:Depends},
+ ${erlang-inets:Depends},
+ ${erlang-xmerl:Depends},
+ ${erlang:Depends},
+ ${misc:Depends},
+ ${shlibs:Depends}
Description: RESTful document oriented database
Apache CouchDB is a distributed, fault-tolerant and schema-free
document-oriented database accessible via a RESTful HTTP/JSON API. Among other
diff -Nur couchdb-1.1.0/debian/copyright couchdb-1.1.0-merged//debian/copyright
--- couchdb-1.1.0/debian/copyright 2011-07-28 15:37:05.000000000 +0100
+++ couchdb-1.1.0-merged//debian/copyright 2011-07-27 23:53:57.338744230 +0100
@@ -34,7 +34,11 @@
Copyright: Copyright 2008, Chandrashekhar Mullaparthi
License: BSD
On Debian systems the full text of the BSD License can be found in the
- `/usr/share/common-licenses/BSD. file.
+ `/usr/share/common-licenses/BSD' file.
+
+Files: src/etap/*
+Copyright: Copyright 2008-2009 Nick Gerakines <n...@gerakines.net>
+License: MIT
License: GAP
Copying and distribution of this package, with or without modification, are
diff -Nur couchdb-1.1.0/debian/dirs couchdb-1.1.0-merged//debian/dirs
--- couchdb-1.1.0/debian/dirs 2011-07-28 15:37:05.000000000 +0100
+++ couchdb-1.1.0-merged//debian/dirs 1970-01-01 01:00:00.000000000 +0100
@@ -1 +0,0 @@
-usr/share/lintian/overrides
diff -Nur couchdb-1.1.0/debian/patches/init.patch couchdb-1.1.0-merged//debian/patches/init.patch
--- couchdb-1.1.0/debian/patches/init.patch 1970-01-01 01:00:00.000000000 +0100
+++ couchdb-1.1.0-merged//debian/patches/init.patch 2011-07-26 18:32:24.000000000 +0100
@@ -0,0 +1,81 @@
+--- couchdb-0.10.1/etc/init/couchdb.tpl.in 2009-07-14 16:21:39.000000000 -0400
++++ couchdb-0.10.1.new/etc/init/couchdb.tpl.in 2010-03-08 22:18:35.000000000 -0500
+@@ -33,8 +33,12 @@
+ RUN_DIR=%localstaterundir%
+ LSB_LIBRARY=/lib/lsb/init-functions
+
++# Grace time in seconds to give the beam process to stop when we're running the
++# stop target. Will end before grace time ends if the process ends sooner.
++STOP_GRACE_TIME=5
++
+ if test ! -x $COUCHDB; then
+- exit $SCRIPT_ERROR
++ exit $SCRIPT_OK
+ fi
+
+ if test -r $CONFIGURATION_FILE; then
+@@ -77,6 +81,7 @@
+ command="$command $COUCHDB_OPTIONS"
+ fi
+ mkdir -p "$RUN_DIR"
++ cd "$RUN_DIR"
+ if test -n "$COUCHDB_USER"; then
+ chown $COUCHDB_USER "$RUN_DIR"
+ if su $COUCHDB_USER -c "$command" > /dev/null; then
+@@ -96,23 +101,50 @@
+ stop_couchdb () {
+ # Stop the running Apache CouchDB process.
+
++ pidFile="$RUN_DIR/couchdb.pid"
++ if [ ! -r "$pidFile" ]
++ then
++ #exists, but can't read it
++ [ -f "$pidFile" ] && return $SCRIPT_ERROR
++
++ #doesn't exist, so assume couchdb is already stopped
++ return $SCRIPT_OK
++ fi
++
++ pid=`cat $pidFile`
++ #unset $pidFile
++ [ -z "$pid" ] && return $SCRIPT_OK
++
+ command="$COUCHDB -d"
+ if test -n "$COUCHDB_OPTIONS"; then
+ command="$command $COUCHDB_OPTIONS"
+ fi
++
++ # We need `heart`'s pid because its ppid is set to 1 when the beam proc
++ # ends, thereby hiding itself from our `ps` check bellow.
++ heart_pid=`ps -f --ppid $pid | grep "heart -pid $pid " | awk '{print $2}'`
++ [ -n "$heart_pid" ] && heart_pid=",$heart_pid" #for `ps` call formatting
++
+ if test -n "$COUCHDB_USER"; then
+- if su $COUCHDB_USER -c "$command" > /dev/null; then
+- return $SCRIPT_OK
+- else
++ if ! su $COUCHDB_USER -c "$command" > /dev/null; then
+ return $SCRIPT_ERROR
+ fi
+ else
+- if $command > /dev/null; then
+- return $SCRIPT_OK
+- else
++ if ! $command > /dev/null; then
+ return $SCRIPT_ERROR
+ fi
+ fi
++
++ i=0
++ while ps -p $pid$heart_pid --ppid $pid$heart_pid > /dev/null
++ do
++ [ $i -ge $STOP_GRACE_TIME ] && return $SCRIPT_ERROR
++
++ sleep 1
++ i=`expr $i + 1`
++ done
++
++ return $SCRIPT_OK
+ }
+
+ display_status () {
diff -Nur couchdb-1.1.0/debian/postinst couchdb-1.1.0-merged//debian/postinst
--- couchdb-1.1.0/debian/postinst 2011-07-28 15:37:05.000000000 +0100
+++ couchdb-1.1.0-merged//debian/postinst 2011-07-26 23:42:46.199045955 +0100
@@ -6,56 +6,25 @@
# permitted in any medium without royalty provided the copyright notice and this
# notice are preserved.
-create_administrative_user () {
- if ! getent passwd couchdb > /dev/null; then
- adduser --system --quiet \
- --home /var/lib/couchdb --no-create-home \
- --shell /bin/bash --group --gecos "CouchDB Administrator" couchdb
- fi
-}
-
-check_administrative_user () {
- if test "`id -u couchdb`" -eq 0; then
- echo "The couchdb administrative user must not be root." >&2
- false
- fi
-}
-
-check_administrative_group () {
- if test "`id -g couchdb`" -eq 0; then
- echo "The couchdb administrative group must not be root." >&2
- false
- fi
-}
-
-fix_directory_ownership () {
- chown -R couchdb:couchdb /etc/couchdb
- chown -R couchdb:couchdb /var/lib/couchdb
- chown -R couchdb:couchdb /var/log/couchdb
- test -e /var/run/couchdb || \
- install -m 0770 -o couchdb -gcouchdb -d /var/run/couchdb
- chown -R couchdb:couchdb /var/run/couchdb
-}
-
-fix_directory_permissions () {
- chmod -R 0770 /etc/couchdb
- chmod -R 0770 /var/lib/couchdb
- chmod -R 0770 /var/log/couchdb
- chmod -R 0770 /var/run/couchdb
-}
-
-parse_script_option_list () {
- case $1 in
- configure)
- create_administrative_user
- check_administrative_user
- check_administrative_group
- fix_directory_ownership
- fix_directory_permissions
- ;;
- esac
-}
-
-parse_script_option_list $@
+case $1 in
+ configure)
+ if ! getent passwd couchdb > /dev/null; then
+ adduser --system --quiet \
+ --home /var/lib/couchdb --no-create-home \
+ --shell /bin/bash --group --gecos "CouchDB Administrator" couchdb
+ fi
+ if test "`id -u couchdb`" -eq 0; then
+ echo "The couchdb administrative user must not be root." >&2
+ false
+ fi
+ if test "`id -g couchdb`" -eq 0; then
+ echo "The couchdb administrative group must not be root." >&2
+ false
+ fi
+ chown -R couchdb:couchdb /etc/couchdb
+ chown -R couchdb:couchdb /var/lib/couchdb
+ chown -R couchdb:couchdb /var/log/couchdb
+ ;;
+esac
#DEBHELPER#
diff -Nur couchdb-1.1.0/debian/postrm couchdb-1.1.0-merged//debian/postrm
--- couchdb-1.1.0/debian/postrm 2011-07-28 15:37:05.000000000 +0100
+++ couchdb-1.1.0-merged//debian/postrm 2011-07-28 00:34:13.370745343 +0100
@@ -6,43 +6,29 @@
# permitted in any medium without royalty provided the copyright notice and this
# notice are preserved.
-PACKAGE_VERSION=0.7.3
+VERSION=%VERSION%
-remove_directory_collection () {
- rm -fr /var/log/couchdb/$PACKAGE_VERSION
- if test -d /etc/couchdb; then
- rmdir --ignore-fail-on-non-empty /etc/couchdb || true
- fi
- if test -d /var/lib/couchdb/$PACKAGE_VERSION; then
- rmdir --ignore-fail-on-non-empty /var/lib/couchdb/$PACKAGE_VERSION || true
- fi
- if test -d /var/lib/couchdb; then
- rmdir --ignore-fail-on-non-empty /var/lib/couchdb || true
- fi
- if test -d /var/run/couchdb; then
- rmdir --ignore-fail-on-non-empty /var/run/couchdb || true
- fi
-}
-
-delete_administrative_user_group () {
- if getent passwd couchdb > /dev/null && which deluser > /dev/null; then
- deluser couchdb
- fi
- if getent group couchdb > /dev/null && which delgroup > /dev/null; then
- delgroup couchdb
- fi
-}
-
-parse_script_option_list () {
- case $1 in
- purge)
-# remove_file_collection
- remove_directory_collection
- delete_administrative_user_group
- ;;
- esac
-}
-
-parse_script_option_list $@
+case $1 in
+ purge)
+ if test -d "/etc/couchdb"; then
+ rm -r -f "/etc/couchdb"
+ fi
+ if test -d "/var/lib/couchdb"; then
+ rm -r -f "/var/lib/couchdb"
+ fi
+ if test -d "/var/log/couchdb"; then
+ rm -r -f "/var/log/couchdb"
+ fi
+ if test -d "/var/run/couchdb"; then
+ rm -r -f "/var/run/couchdb"
+ fi
+ if getent passwd couchdb > /dev/null && which deluser > /dev/null; then
+ deluser couchdb
+ fi
+ if getent group couchdb > /dev/null && which delgroup > /dev/null; then
+ delgroup couchdb
+ fi
+ ;;
+esac
#DEBHELPER#
diff -Nur couchdb-1.1.0/debian/README.Debian couchdb-1.1.0-merged//debian/README.Debian
--- couchdb-1.1.0/debian/README.Debian 2011-07-28 15:37:05.000000000 +0100
+++ couchdb-1.1.0-merged//debian/README.Debian 2011-07-26 23:52:31.855046225 +0100
@@ -10,13 +10,12 @@
http://wiki.apache.org/couchdb/BreakingChanges
Because the internal database format may change, rendering your database
-unusable with a new version of the package, the database and log directories are
+unusable with a new version of the package, the database directory is
partitioned by the CouchDB release number of the database format in use.
-The database and log directories are named like this:
+The partitioned database directories are named like this:
/var/lib/couchdb/VERSION
- /var/log/couchdb/VERSION
Before you upgrade to a new version of this package with a changed database
format you should export any data that you want keep from the old database and
@@ -24,4 +23,4 @@
Migration tools are available in the `python-couchdb` package.
- -- Noah Slater <nsla...@tumbolia.org>, Tue, 31 Mar 2009 18:19:24 +0100
+ -- Sam Bisbee <sbis...@computervip.com> Wed, 11 Nov 2009 23:22:21 -0500
diff -Nur couchdb-1.1.0/debian/rules couchdb-1.1.0-merged//debian/rules
--- couchdb-1.1.0/debian/rules 2011-07-28 15:37:05.000000000 +0100
+++ couchdb-1.1.0-merged//debian/rules 2011-07-27 00:01:45.855046480 +0100
@@ -14,33 +14,36 @@
DEB_INSTALL_DOCS_ALL =
DEB_DH_INSTALLINIT_ARGS = --onlyscripts
-LIB = lib/\$${package_identifier}
-LOG = log/\$${package_identifier}
+LIB = ${localstatedir}/lib/\$${package_identifier}
# @@ workaround for #486848
binary-arch binary-indep: build
post-patches::
- sed -i s,$(LIB)],$(LIB)/$(DEB_UPSTREAM_VERSION)], configure
- sed -i s,$(LOG)],$(LOG)/$(DEB_UPSTREAM_VERSION)], configure
+ sed -i s,$(LIB)$$,$(LIB)/$(DEB_UPSTREAM_VERSION), configure
+ sed -i s,VERSION=%VERSION%$$,VERSION=$(DEB_UPSTREAM_VERSION), debian/postrm
cleanbuilddir::
- sed -i s,$(LIB)/$(DEB_UPSTREAM_VERSION)],$(LIB)], configure
- sed -i s,$(LOG)/$(DEB_UPSTREAM_VERSION)],$(LOG)], configure
+ sed -i s,$(LIB)/$(DEB_UPSTREAM_VERSION)$$,$(LIB), configure
+ sed -i s,VERSION=$(DEB_UPSTREAM_VERSION)$$,VERSION=%VERSION%, debian/postrm
common-binary-post-install-arch::
+ rm -r debian/couchdb/var/run
rm -f debian/couchdb/usr/share/doc/couchdb/LICENSE.gz
rm -f debian/couchdb/usr/share/doc/couchdb/INSTALL.*
rm -f debian/couchdb/usr/lib/couchdb/erlang/lib/couch-*/priv/lib/couch_erl_driver.la
rm -f debian/couchdb/usr/share/couchdb/www/script/jquery.js
rm -f debian/couchdb/usr/share/couchdb/www/script/jquery.form.js
- rmdir debian/couchdb/var/run/couchdb/
chmod a-x debian/couchdb/usr/share/couchdb/server/main.js
sed -i "/dependency_libs/ s/'.*'/''/" `find debian/couchdb -name '*.la'`
dh_link /usr/share/javascript/jquery/jquery.js /usr/share/couchdb/www/script/jquery.js
dh_link /usr/share/javascript/jquery-form/jquery.form.js /usr/share/couchdb/www/script/jquery.form.js
common-binary-predeb-arch::
+ dh_fixperms debian/couchdb/
+ chmod 660 debian/couchdb/etc/couchdb/local.ini
+ chmod 750 debian/couchdb/var/lib/couchdb
+ chmod 750 debian/couchdb/var/log/couchdb
erlang-depends
# @@ only works from source directory, see #494141
