Ubuntu
apt package

Merge lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/oneiric/apt

  1. Oneiric (11.10)
  2. fix-for-404724
  3. Merge into oneiric
Proposed by Kenneth Solbø Andersen
Status: Merged
Merge reported by: Michael Vogt
Merged at revision: not available
Proposed branch: lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724
Merge into: lp:ubuntu/oneiric/apt
Diff against target: 42 lines (+16/-1)
2 files modified
apt-pkg/deb/dpkgpm.cc (+9/-1)
debian/changelog (+7/-0)
To merge this branch: bzr merge lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724
Reviewer Review Type Date Requested Status
Michael Vogt (community) Approve
Review via email: mp+65900@code.launchpad.net

Description of the change

Sets term.log permissions to root.adm and 644

To post a comment you must log in.
Revision history for this message
Michael Vogt (mvo) wrote :

On Sun, Jun 26, 2011 at 03:18:42PM -0000, Kenneth Solbø Andersen wrote:
> Kenneth Solbø Andersen has proposed merging lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.
>
> Requested reviews:
> Michael Vogt (mvo)
> Related bugs:
> Bug #404724 in apt (Ubuntu): "unnecessarily restrictive permissions on /var/log/apt/term.log"
> https://bugs.launchpad.net/ubuntu/+source/apt/+bug/404724
>
> For more details, see:
> https://code.launchpad.net/~ksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900
>
> Sets term.log permissions to root.adm and 644

Thanks a bunch for your patch! I'm traveling right now so I can not
commit it right away. But from a quick look it looks great! The only
small thing that should be checked is if any of the calls return
NULL. While highly unlikely its still safer as otherwise the null
pointer dereference will cause a segfault.

Thanks,
 Michael

> --
> https://code.launchpad.net/~ksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900
> You are requested to review the proposed merge of lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.

> === modified file 'apt-pkg/deb/dpkgpm.cc'
> --- apt-pkg/deb/dpkgpm.cc 2011-06-07 15:55:07 +0000
> +++ apt-pkg/deb/dpkgpm.cc 2011-06-26 15:18:34 +0000
> @@ -32,6 +32,8 @@
> #include <algorithm>
> #include <sstream>
> #include <map>
> +#include <pwd.h>
> +#include <grp.h>
>
> #include <termios.h>
> #include <unistd.h>
> @@ -666,7 +668,12 @@
> return _error->WarningE("OpenLog", _("Could not open file '%s'"), logfile_name.c_str());
> setvbuf(term_out, NULL, _IONBF, 0);
> SetCloseExec(fileno(term_out), true);
> - chmod(logfile_name.c_str(), 0600);
> + struct passwd *pw;
> + struct group *gr;
> + pw = getpwnam("root");
> + gr = getgrnam("adm");
> + chown(logfile_name.c_str(), pw->pw_uid, gr->gr_gid);
> + chmod(logfile_name.c_str(), 0644);
> fprintf(term_out, "\nLog started: %s\n", timestr);
> }
>
>
> === modified file 'debian/changelog'
> --- debian/changelog 2011-06-09 13:56:25 +0000
> +++ debian/changelog 2011-06-26 15:18:34 +0000
> @@ -1,3 +1,10 @@
> +apt (0.8.14.1ubuntu8) oneiric; urgency=low
> +
> + * apt-pkg/deb/dpkgpm.cc:
> + - set permissions of term.log to root.adm and 644 (LP: #404724)
> +
> + -- Kenneth Solb?? Andersen <email address hidden> Sun, 26 Jun 2011 15:36:56 +0200
> +
> apt (0.8.14.1ubuntu7) oneiric; urgency=low
>
> [ Michael Vogt ]
>

Revision history for this message
Kenneth Solbø Andersen (ksa618) wrote :
Download full text (3.3 KiB)

On Sun, Jun 26, 2011 at 5:52 PM, Michael Vogt <email address hidden>wrote:

> On Sun, Jun 26, 2011 at 03:18:42PM -0000, Kenneth Solbø Andersen wrote:
> > Kenneth Solbø Andersen has proposed merging
> lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.
> >
> > Requested reviews:
> > Michael Vogt (mvo)
> > Related bugs:
> > Bug #404724 in apt (Ubuntu): "unnecessarily restrictive permissions on
> /var/log/apt/term.log"
> > https://bugs.launchpad.net/ubuntu/+source/apt/+bug/404724
> >
> > For more details, see:
> >
> https://code.launchpad.net/~ksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900<https://code.launchpad.net/%7Eksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900>
> >
> > Sets term.log permissions to root.adm and 644
>
> Thanks a bunch for your patch! I'm traveling right now so I can not
> commit it right away. But from a quick look it looks great! The only
> small thing that should be checked is if any of the calls return
> NULL. While highly unlikely its still safer as otherwise the null
> pointer dereference will cause a segfault.
>
> Thanks,
> Michael
>

I've added a check for NULL locally, but, since I'm new to bug fixing, I'm
unsure about what to do now. Do I update the changelog and use debcommit or
leave the changelog unaltered and use debcommit, or something else?

- Kenneth

>
> > --
> >
> https://code.launchpad.net/~ksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900<https://code.launchpad.net/%7Eksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900>
> > You are requested to review the proposed merge of
> lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.
>
> > === modified file 'apt-pkg/deb/dpkgpm.cc'
> > --- apt-pkg/deb/dpkgpm.cc 2011-06-07 15:55:07 +0000
> > +++ apt-pkg/deb/dpkgpm.cc 2011-06-26 15:18:34 +0000
> > @@ -32,6 +32,8 @@
> > #include <algorithm>
> > #include <sstream>
> > #include <map>
> > +#include <pwd.h>
> > +#include <grp.h>
> >
> > #include <termios.h>
> > #include <unistd.h>
> > @@ -666,7 +668,12 @@
> > return _error->WarningE("OpenLog", _("Could not open file '%s'"),
> logfile_name.c_str());
> > setvbuf(term_out, NULL, _IONBF, 0);
> > SetCloseExec(fileno(term_out), true);
> > - chmod(logfile_name.c_str(), 0600);
> > + struct passwd *pw;
> > + struct group *gr;
> > + pw = getpwnam("root");
> > + gr = getgrnam("adm");
> > + chown(logfile_name.c_str(), pw->pw_uid, gr->gr_gid);
> > + chmod(logfile_name.c_str(), 0644);
> > fprintf(term_out, "\nLog started: %s\n", timestr);
> > }
> >
> >
> > === modified file 'debian/changelog'
> > --- debian/changelog 2011-06-09 13:56:25 +0000
> > +++ debian/changelog 2011-06-26 15:18:34 +0000
> > @@ -1,3 +1,10 @@
> > +apt (0.8.14.1ubuntu8) oneiric; urgency=low
> > +
> > + * apt-pkg/deb/dpkgpm.cc:
> > + - set permissions of term.log to root.adm and 644 (LP: #404724)
> > +
> > + -- Kenneth Solb?? Andersen <email address hidden> Sun, 26 Jun 2011
> 15:36:56 +0200
> > +
> > apt (0.8.14.1ubuntu7) oneiric; urgency=low
> >
> > [ Michael Vogt ]
> >
>
>
> --
>
> https://code.launchpad.net/~ksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900<https://code...

Read more...

Revision history for this message
Michael Vogt (mvo) wrote :
Download full text (4.1 KiB)

On Sun, Jun 26, 2011 at 04:07:26PM -0000, Kenneth Solbø Andersen wrote:
> On Sun, Jun 26, 2011 at 5:52 PM, Michael Vogt <email address hidden>wrote:
>
> > On Sun, Jun 26, 2011 at 03:18:42PM -0000, Kenneth Solbø Andersen wrote:
> > > Kenneth Solbø Andersen has proposed merging
> > lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.
> > >
> > > Requested reviews:
> > > Michael Vogt (mvo)
> > > Related bugs:
> > > Bug #404724 in apt (Ubuntu): "unnecessarily restrictive permissions on
> > /var/log/apt/term.log"
> > > https://bugs.launchpad.net/ubuntu/+source/apt/+bug/404724
> > >
> > > For more details, see:
> > >
> > https://code.launchpad.net/~ksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900<https://code.launchpad.net/%7Eksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900>
> > >
> > > Sets term.log permissions to root.adm and 644
> >
> > Thanks a bunch for your patch! I'm traveling right now so I can not
> > commit it right away. But from a quick look it looks great! The only
> > small thing that should be checked is if any of the calls return
> > NULL. While highly unlikely its still safer as otherwise the null
> > pointer dereference will cause a segfault.
> >
> > Thanks,
> > Michael
> >
>
> I've added a check for NULL locally, but, since I'm new to bug fixing, I'm
> unsure about what to do now. Do I update the changelog and use debcommit or
> leave the changelog unaltered and use debcommit, or something else?

Thanks, there are no really strict rules for this, but my advice is to
leave the debian/changelog as it is and just use like:
"bzr commit -m 'add check for NULL in getpwnam/getgrnam'"

and then "bzr push" so that it appears on the server. Unless of course
you already used "bzr checkout" in which case the push will happen
automatically.

Thanks,
 Michael

> - Kenneth
>
> >
> > > --
> > >
> > https://code.launchpad.net/~ksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900<https://code.launchpad.net/%7Eksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900>
> > > You are requested to review the proposed merge of
> > lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.
> >
> > > === modified file 'apt-pkg/deb/dpkgpm.cc'
> > > --- apt-pkg/deb/dpkgpm.cc 2011-06-07 15:55:07 +0000
> > > +++ apt-pkg/deb/dpkgpm.cc 2011-06-26 15:18:34 +0000
> > > @@ -32,6 +32,8 @@
> > > #include <algorithm>
> > > #include <sstream>
> > > #include <map>
> > > +#include <pwd.h>
> > > +#include <grp.h>
> > >
> > > #include <termios.h>
> > > #include <unistd.h>
> > > @@ -666,7 +668,12 @@
> > > return _error->WarningE("OpenLog", _("Could not open file '%s'"),
> > logfile_name.c_str());
> > > setvbuf(term_out, NULL, _IONBF, 0);
> > > SetCloseExec(fileno(term_out), true);
> > > - chmod(logfile_name.c_str(), 0600);
> > > + struct passwd *pw;
> > > + struct group *gr;
> > > + pw = getpwnam("root");
> > > + gr = getgrnam("adm");
> > > + chown(logfile_name.c_str(), pw->pw_uid, gr->gr_gid);
> > > + chmod(logfile_name.c_str(), 0644);
> > > fprintf(term_out, "\nLog started: %s\n", timestr);
> > > }
> > >
> > >
> > > === modified file 'debian/changelog'
...

Read more...

lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 updated
149. By Kenneth Solbø Andersen

add check for NULL in getpwnam/getgrnam

Revision history for this message
Michael Vogt (mvo) wrote :

Thanks! This looks great, I merged it into my "mvo" branch and it will go into both debian and ubuntu with the next upload.

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1=== modified file 'apt-pkg/deb/dpkgpm.cc'
2--- apt-pkg/deb/dpkgpm.cc 2011-06-07 15:55:07 +0000
3+++ apt-pkg/deb/dpkgpm.cc 2011-06-26 16:26:31 +0000
4@@ -32,6 +32,8 @@
5 #include <algorithm>
6 #include <sstream>
7 #include <map>
8+#include <pwd.h>
9+#include <grp.h>
10
11 #include <termios.h>
12 #include <unistd.h>
13@@ -666,7 +668,13 @@
14 return _error->WarningE("OpenLog", _("Could not open file '%s'"), logfile_name.c_str());
15 setvbuf(term_out, NULL, _IONBF, 0);
16 SetCloseExec(fileno(term_out), true);
17- chmod(logfile_name.c_str(), 0600);
18+ struct passwd *pw;
19+ struct group *gr;
20+ pw = getpwnam("root");
21+ gr = getgrnam("adm");
22+ if (pw != NULL && gr != NULL)
23+ chown(logfile_name.c_str(), pw->pw_uid, gr->gr_gid);
24+ chmod(logfile_name.c_str(), 0644);
25 fprintf(term_out, "\nLog started: %s\n", timestr);
26 }
27
28
29=== modified file 'debian/changelog'
30--- debian/changelog 2011-06-09 13:56:25 +0000
31+++ debian/changelog 2011-06-26 16:26:31 +0000
32@@ -1,3 +1,10 @@
33+apt (0.8.14.1ubuntu8) oneiric; urgency=low
34+
35+ * apt-pkg/deb/dpkgpm.cc:
36+ - set permissions of term.log to root.adm and 644 (LP: #404724)
37+
38+ -- Kenneth Solbø Andersen <ksa618@gmail.com> Sun, 26 Jun 2011 15:36:56 +0200
39+
40 apt (0.8.14.1ubuntu7) oneiric; urgency=low
41
42 [ Michael Vogt ]

Subscribers

People subscribed via source and target branches