On Sun, Jun 26, 2011 at 04:07:26PM -0000, Kenneth Solbø Andersen wrote:
> On Sun, Jun 26, 2011 at 5:52 PM, Michael Vogt <email address hidden>wrote:
>
> > On Sun, Jun 26, 2011 at 03:18:42PM -0000, Kenneth Solbø Andersen wrote:
> > > Kenneth Solbø Andersen has proposed merging
> > lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.
> > >
> > > Requested reviews:
> > > Michael Vogt (mvo)
> > > Related bugs:
> > > Bug #404724 in apt (Ubuntu): "unnecessarily restrictive permissions on
> > /var/log/apt/term.log"
> > > https://bugs.launchpad.net/ubuntu/+source/apt/+bug/404724
> > >
> > > For more details, see:
> > >
> > https://code.launchpad.net/~ksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900<https://code.launchpad.net/%7Eksa618/ubuntu/oneiric/apt/fix-for-404724/+merge/65900>
> > >
> > > Sets term.log permissions to root.adm and 644
> >
> > Thanks a bunch for your patch! I'm traveling right now so I can not
> > commit it right away. But from a quick look it looks great! The only
> > small thing that should be checked is if any of the calls return
> > NULL. While highly unlikely its still safer as otherwise the null
> > pointer dereference will cause a segfault.
> >
> > Thanks,
> > Michael
> >
>
> I've added a check for NULL locally, but, since I'm new to bug fixing, I'm
> unsure about what to do now. Do I update the changelog and use debcommit or
> leave the changelog unaltered and use debcommit, or something else?
Thanks, there are no really strict rules for this, but my advice is to
leave the debian/changelog as it is and just use like:
"bzr commit -m 'add check for NULL in getpwnam/getgrnam'"
and then "bzr push" so that it appears on the server. Unless of course
you already used "bzr checkout" in which case the push will happen
automatically.
On Sun, Jun 26, 2011 at 04:07:26PM -0000, Kenneth Solbø Andersen wrote: apt/term. log" /bugs.launchpad .net/ubuntu/ +source/ apt/+bug/ 404724 /code.launchpad .net/~ksa618/ ubuntu/ oneiric/ apt/fix- for-404724/ +merge/ 65900<https:/ /code.launchpad .net/%7Eksa618/ ubuntu/ oneiric/ apt/fix- for-404724/ +merge/ 65900>
> On Sun, Jun 26, 2011 at 5:52 PM, Michael Vogt <email address hidden>wrote:
>
> > On Sun, Jun 26, 2011 at 03:18:42PM -0000, Kenneth Solbø Andersen wrote:
> > > Kenneth Solbø Andersen has proposed merging
> > lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.
> > >
> > > Requested reviews:
> > > Michael Vogt (mvo)
> > > Related bugs:
> > > Bug #404724 in apt (Ubuntu): "unnecessarily restrictive permissions on
> > /var/log/
> > > https:/
> > >
> > > For more details, see:
> > >
> > https:/
> > >
> > > Sets term.log permissions to root.adm and 644
> >
> > Thanks a bunch for your patch! I'm traveling right now so I can not
> > commit it right away. But from a quick look it looks great! The only
> > small thing that should be checked is if any of the calls return
> > NULL. While highly unlikely its still safer as otherwise the null
> > pointer dereference will cause a segfault.
> >
> > Thanks,
> > Michael
> >
>
> I've added a check for NULL locally, but, since I'm new to bug fixing, I'm
> unsure about what to do now. Do I update the changelog and use debcommit or
> leave the changelog unaltered and use debcommit, or something else?
Thanks, there are no really strict rules for this, but my advice is to
leave the debian/changelog as it is and just use like:
"bzr commit -m 'add check for NULL in getpwnam/getgrnam'"
and then "bzr push" so that it appears on the server. Unless of course
you already used "bzr checkout" in which case the push will happen
automatically.
Thanks,
Michael
> - Kenneth /code.launchpad .net/~ksa618/ ubuntu/ oneiric/ apt/fix- for-404724/ +merge/ 65900<https:/ /code.launchpad .net/%7Eksa618/ ubuntu/ oneiric/ apt/fix- for-404724/ +merge/ 65900> deb/dpkgpm. cc' deb/dpkgpm. cc 2011-06-07 15:55:07 +0000 deb/dpkgpm. cc 2011-06-26 15:18:34 +0000 >WarningE( "OpenLog" , _("Could not open file '%s'"), name.c_ str()); fileno( term_out) , true); name.c_ str(), 0600); name.c_ str(), pw->pw_uid, gr->gr_gid); name.c_ str(), 0644); deb/dpkgpm. cc: /code.launchpad .net/~ksa618/ ubuntu/ oneiric/ apt/fix- for-404724/ +merge/ 65900<https:/ /code.launchpad .net/%7Eksa618/ ubuntu/ oneiric/ apt/fix- for-404724/ +merge/ 65900> /code.launchpad .net/~ksa618/ ubuntu/ oneiric/ apt/fix- for-404724/ +merge/ 65900
>
> >
> > > --
> > >
> > https:/
> > > You are requested to review the proposed merge of
> > lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.
> >
> > > === modified file 'apt-pkg/
> > > --- apt-pkg/
> > > +++ apt-pkg/
> > > @@ -32,6 +32,8 @@
> > > #include <algorithm>
> > > #include <sstream>
> > > #include <map>
> > > +#include <pwd.h>
> > > +#include <grp.h>
> > >
> > > #include <termios.h>
> > > #include <unistd.h>
> > > @@ -666,7 +668,12 @@
> > > return _error-
> > logfile_
> > > setvbuf(term_out, NULL, _IONBF, 0);
> > > SetCloseExec(
> > > - chmod(logfile_
> > > + struct passwd *pw;
> > > + struct group *gr;
> > > + pw = getpwnam("root");
> > > + gr = getgrnam("adm");
> > > + chown(logfile_
> > > + chmod(logfile_
> > > fprintf(term_out, "\nLog started: %s\n", timestr);
> > > }
> > >
> > >
> > > === modified file 'debian/changelog'
> > > --- debian/changelog 2011-06-09 13:56:25 +0000
> > > +++ debian/changelog 2011-06-26 15:18:34 +0000
> > > @@ -1,3 +1,10 @@
> > > +apt (0.8.14.1ubuntu8) oneiric; urgency=low
> > > +
> > > + * apt-pkg/
> > > + - set permissions of term.log to root.adm and 644 (LP: #404724)
> > > +
> > > + -- Kenneth Solb?? Andersen <email address hidden> Sun, 26 Jun 2011
> > 15:36:56 +0200
> > > +
> > > apt (0.8.14.1ubuntu7) oneiric; urgency=low
> > >
> > > [ Michael Vogt ]
> > >
> >
> >
> > --
> >
> > https:/
> > You are the owner of lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724.
> >
>
> --
> https:/
> You are requested to review the proposed merge of lp:~ksa618/ubuntu/oneiric/apt/fix-for-404724 into lp:ubuntu/apt.