[Aptitude-devel] Bug#662983: When called by aptitude, apt-listbugs crash and precludes the package upgrade

Wed Mar 7 23:01:29 UTC 2012

On Wed, 7 Mar 2012 22:31:18 +0100 Nicolas DEGAND wrote:

> On Wed, 7 Mar 2012 21:11:43 +0100 Francesco Poli wrote:
> 
> > On Wed, 07 Mar 2012 20:17:19 +0100 Nicolas DEGAND wrote:
> > 
> > > Package: apt-listbugs
> > > Version: 0.1.6
> > > Severity: important
> > 
> > Hi Nicolas,
> > thanks for your bug report!
> > 
> > > 
> > > I try to upgrade packages with aptitude. When it calls apt-listbugs, it crashes with the following messages:
> > > 
> > > Are you sure you want to install/upgrade the above packages? [Y/n/?/...] /usr/lib/ruby/1.8/open-uri.rb:32:in `initialize': No such device or address - /dev/tty (Errno::ENXIO)
> > >         from /usr/lib/ruby/1.8/open-uri.rb:32:in `open_uri_original_open'
> > >         from /usr/lib/ruby/1.8/open-uri.rb:32:in `open'
> > >         from /usr/share/apt-listbugs/apt-listbugs/logic.rb:1053:in `tty'
> > >         from /usr/share/apt-listbugs/apt-listbugs/logic.rb:1060:in `ask'
> > >         from /usr/share/apt-listbugs/apt-listbugs/logic.rb:350:in `view'
> > >         from /usr/sbin/apt-listbugs:415
> > > E: Le sous-processus /usr/sbin/apt-listbugs apt || exit 10 a renvoyé un code d'erreur (10)
> > > E: Failure running script /usr/sbin/apt-listbugs apt || exit 10
> > > 
> > > Note that I am unable to answer to the question of the first line. Everything is outputted in one wave.
> > 
> > How are you invoking aptitude?
> > Inside an su -c command as in
> > 
> >   su -c "aptitude safe-upgrade"
> > 
> > by chance?
>
> Using the aptitude ncurses interface (invoking "aptitude") with my usual 
> account. I type the root password when asked by aptitude. 

Hello Aptitude Development Team, could you please take a look at bug
#662983 ?

I am suspecting that the issue is due to aptitude invoking commands
(that need to be run as root) with an "su -c command".
Do I understand correctly that this is what is done by  src/ui.cc:499
of current git master HEAD (commit c3b706f3c921585c70d2fc15d75f0713762efae3)?

  execl(root_program.c_str(), root_program.c_str(), "-c", cmdbuf.str
().c_str(), NULL);

If this is confirmed, then I am under the impression that this strategy
causes problems, due to a recently applied security fix for binary
package login: see bug #628843 where CVE-2005-4890 is fixed by removing
from the child process of "su -c command" the ability to open "/dev/tty"
as explained in message #20.
This seems to be confirmed by su man page, which says:

 -c, --command COMMAND
     Specify a command that will be invoked by the shell using its -c.

     The executed command will have no controlling terminal. This option
     cannot be used to execute interractive programs which need a
     controlling TTY.

Well, apt-listbugs needs a controlling TTY for interactive use...

What could be done to make aptitude's ncurses interface and
apt-listbugs work better together?

 (A) Should apt-listbugs try harder to detect whether a controlling TTY
is available and switch to a non-interactive failure mode, in case no
controlling TTY may be used?

 (B) Could aptitude's ncurses interface behave differently to adapt to
the security fix for CVE-2005-4890? Should I reassign this bug report
(#662983) to aptitude?

Maybe both (A) and (B)?

I would greatly appreciate your advice and help.
Thanks for your time!

-- 
 http://www.inventati.org/frx/frx-gpg-key-transition-2010.txt
 New GnuPG key, see the transition document!
..................................................... Francesco Poli .
 GnuPG key fpr == CA01 1147 9CD2 EFDF FB82  3925 3E1C 27E1 1F69 BFFE
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 836 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/aptitude-devel/attachments/20120308/9e021d55/attachment.pgp>