NetBSD Problem Report #47645
From www@NetBSD.org Thu Mar 14 03:26:46 2013
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [149.20.53.66])
by www.NetBSD.org (Postfix) with ESMTP id 0B3A463EE4D
for <gnats-bugs@gnats.NetBSD.org>; Thu, 14 Mar 2013 03:26:46 +0000 (UTC)
Message-Id: <20130314032645.3E7D463EE4D@www.NetBSD.org>
Date: Thu, 14 Mar 2013 03:26:45 +0000 (UTC)
From: uwe@NetBSD.org
Reply-To: uwe@NetBSD.org
To: gnats-bugs@NetBSD.org
Subject: /etc/daily and /etc/security may use wrong pkg_admin
X-Send-Pr-Version: www-1.0
>Number: 47645
>Category: misc
>Synopsis: /etc/daily and /etc/security may use wrong pkg_admin
>Confidential: no
>Severity: non-critical
>Priority: low
>Responsible: misc-bug-people
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Thu Mar 14 03:30:00 +0000 2013
>Closed-Date: Thu Aug 23 22:10:34 +0000 2018
>Last-Modified: Thu Aug 23 22:10:34 +0000 2018
>Originator: Valery Ushakov
>Release: NetBSD 6.1
>Organization:
>Environment:
NetBSD pony 6.1_RC1 NetBSD 6.1_RC1 (GENERIC) #0: Mon Mar 11 03:09:49 MSK 2013 uwe@amd64:/home/uwe/work/netbsd/build6/obj/macppc/sys/arch/macppc/compile/GENERIC macppc
>Description:
This is a follow up to security/36746, which was fixed by making
location of pkg_info binary configurable.
Since that time /etc/security started using pkg_admin, which has the
same problem. And /etc/daily also started using pkg_info and pkg_admin
with the same results.
>How-To-Repeat:
Install pkgtools/pkg_install package.
Disable pkg_install in base (/usr/sbin) by making it non-executable.
Observe daily and security failing with:
/etc/daily: pkg_info: permission denied
/etc/security: pkg_admin: permission denied
>Fix:
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->feedback
State-Changed-By: agc@NetBSD.org
State-Changed-When: Wed, 01 May 2013 05:37:35 +0000
State-Changed-Why:
I committed a fix for this - pls let me know if everything's OK.
From: "Alistair G. Crooks" <agc@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/47645 CVS commit: src
Date: Wed, 1 May 2013 05:36:26 +0000
Module Name: src
Committed By: agc
Date: Wed May 1 05:36:25 UTC 2013
Modified Files:
src/distrib/sets/lists/etc: mi
src/etc: daily security
src/etc/defaults: Makefile security.conf
Added Files:
src/etc: pkgpath.conf
src/etc/defaults: pkgpath.conf
Log Message:
Fix for problematic paths in /etc/daily and /etc/security reported in
PR/47645.
Add a separate file which contains the paths for the pkg_admin and
pkg_info utilities. This is called /etc/pkgpath.conf (to distinguish it
from pkg.conf).
Thanks also to Edgar Fuss for the sanity check.
To generate a diff of this commit:
cvs rdiff -u -r1.230 -r1.231 src/distrib/sets/lists/etc/mi
cvs rdiff -u -r1.88 -r1.89 src/etc/daily
cvs rdiff -u -r0 -r1.1 src/etc/pkgpath.conf
cvs rdiff -u -r1.111 -r1.112 src/etc/security
cvs rdiff -u -r1.5 -r1.6 src/etc/defaults/Makefile
cvs rdiff -u -r0 -r1.1 src/etc/defaults/pkgpath.conf
cvs rdiff -u -r1.24 -r1.25 src/etc/defaults/security.conf
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: "Alistair G. Crooks" <agc@netbsd.org>
To: gnats-bugs@gnats.NetBSD.org
Cc:
Subject: PR/47645 CVS commit: src/etc
Date: Wed, 1 May 2013 15:55:53 +0000
Module Name: src
Committed By: agc
Date: Wed May 1 15:55:53 UTC 2013
Modified Files:
src/etc: Makefile
Log Message:
Install pkgpath.conf in /etc - part of fix for misc PR/47645
To generate a diff of this commit:
cvs rdiff -u -r1.407 -r1.408 src/etc/Makefile
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: feedback->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Mon, 23 Dec 2013 23:38:06 +0000
State-Changed-Why:
Feedback timeout.
From: Valery Ushakov <uwe@stderr.spb.ru>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: PR/47645 CVS commit: src/etc
Date: Tue, 21 Oct 2014 01:26:08 +0400
Please, can these commits be pulled up to -6?
Sorry I missed the feedback window :). I had to upagrade via fresh
install (new hdd) and realized this is not in -6.
-uwe
State-Changed-From-To: closed->open
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Tue, 21 Oct 2014 14:01:53 +0000
State-Changed-Why:
pullup-6 is desired.
From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: PR/47645 CVS commit: src/etc
Date: Tue, 21 Oct 2014 14:03:43 +0000
On Mon, Oct 20, 2014 at 10:50:01PM +0000, Valery Ushakov wrote:
> Please, can these commits be pulled up to -6?
>
> Sorry I missed the feedback window :). I had to upagrade via fresh
> install (new hdd) and realized this is not in -6.
I think this might be considered a bit invasive for -6 since it adds a
new widget in /etc. I remember the original commits not being entirely
popular because of this...
releng?
--
David A. Holland
dholland@netbsd.org
From: Martin Husemann <martin@duskware.de>
To: gnats-bugs@NetBSD.org
Cc: misc-bug-people@netbsd.org, gnats-admin@netbsd.org,
netbsd-bugs@netbsd.org, uwe@NetBSD.org
Subject: Re: PR/47645 CVS commit: src/etc
Date: Tue, 21 Oct 2014 16:11:03 +0200
The older the release, the more likely this situation will happen, so a
pullup to -6 would make sense for me.
Martin
From: Valery Ushakov <uwe@stderr.spb.ru>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: PR/47645 CVS commit: src/etc
Date: Tue, 21 Oct 2014 18:38:06 +0400
On Tue, Oct 21, 2014 at 14:05:00 +0000, David Holland wrote:
> I think this might be considered a bit invasive for -6 since it adds a
> new widget in /etc. I remember the original commits not being entirely
> popular because of this...
The new file was added b/c both /etc/daily and /etc/security use pkg_*
tools. daily only uses them to fetch pkg-vulnerabilities and,
arguably, that belongs to security in the first place. Of course,
changing that in -6 now would be even more troublesome.
-uwe
From: David Holland <dholland-bugs@netbsd.org>
To: gnats-bugs@NetBSD.org
Cc:
Subject: Re: PR/47645 CVS commit: src/etc
Date: Tue, 21 Oct 2014 15:00:11 +0000
On Tue, Oct 21, 2014 at 02:45:01PM +0000, Valery Ushakov wrote:
>> I think this might be considered a bit invasive for -6 since it adds a
>> new widget in /etc.
>
> The new file was added b/c both /etc/daily and /etc/security use pkg_*
> tools.
Yes, I realize that...
--
David A. Holland
dholland@netbsd.org
State-Changed-From-To: open->needs-pullups
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Mon, 31 Oct 2016 03:21:30 +0000
State-Changed-Why:
pullup-6 was wanted, but nobody's done it yet
State-Changed-From-To: needs-pullups->closed
State-Changed-By: maya@NetBSD.org
State-Changed-When: Thu, 23 Aug 2018 22:10:34 +0000
State-Changed-Why:
netbsd-6 is EOL.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.43 2018/01/16 07:36:43 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.