Bug#1108297: unblock: darktable/5.0.1-2

Wed Jun 25 10:35:20 BST 2025

Package: release.debian.org
Severity: normal
X-Debbugs-Cc: darktable at packages.debian.org, pkg-phototools-devel at lists.alioth.debian.org
Control: affects -1 + src:darktable
User: release.debian.org at packages.debian.org
Usertags: unblock

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Please unblock package darktable

[ Reason ]

5.0.1-1 created a backup file without read permissions for the
user. This confusing for users, and prevents some (reasonable) backup
strategies from backing up those files. Hypothetically it could
prevent some (less reasonable) backup programs from running.

[ Impact ]

The backup files in question are empty, so there isn't any real data
loss. Subjectively the bug is somehow embarrassing behaviour for an
application targetted at "regular users".

[ Tests ]

I have run the new build for an hour or so on amd64, doing my normal
workflow.  I have also verified that the reproducer from #1108072 is
fixed.

[ Risks ]

The change involves one line of code, but since the change is
upstream, it adds a patch. That patch will go away with the next
upstream release of darktable (recently released, including the commit
I cherry-picked).

I _think_ the upstream patch doesn't go quite far enough, as it
generates files without group readability for people with umask
002. OTOH, that's probably a niche concern, and I preferred to use the
upstream patch since it was a bit more tested.

[ Checklist ]
  [x] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

[ Other info ]

In my opinion this is a low risk, but also relatively low impact case.

unblock darktable/5.0.1-2


-----BEGIN PGP SIGNATURE-----

iHUEARYIAB0WIQS5beC2erx2PFqyC7XhcL+0NDTnAAUCaFvC2AAKCRDhcL+0NDTn
APwaAQDzngRigdSrPqfUpBQ7+xrIFj+ICoCtZMhdeFGdjaAvnwEA0ImSmG8N0/Ds
rGTBhj1pQUMnz/WOW/rDSRjLFyVn+wA=
=Qm5G
-----END PGP SIGNATURE-----
-------------- next part --------------
diff -Nru darktable-5.0.1/debian/changelog darktable-5.0.1/debian/changelog

--- darktable-5.0.1/debian/changelog	2025-02-18 10:45:19.000000000 -0400
+++ darktable-5.0.1/debian/changelog	2025-06-24 06:49:18.000000000 -0300
@@ -1,3 +1,10 @@
+darktable (5.0.1-2) unstable; urgency=medium
+
+  * Add user-read permission to dummy database backup files. Cherry picked
+    from upstream commit d8c060354a (Closes: #1108072).
+
+ -- David Bremner <bremner at debian.org>  Tue, 24 Jun 2025 06:49:18 -0300
+
 darktable (5.0.1-1) unstable; urgency=medium
 
   * New upstream version 5.0.1
diff -Nru darktable-5.0.1/debian/patches/add-user-read-permission-to-dummy-databa.patch darktable-5.0.1/debian/patches/add-user-read-permission-to-dummy-databa.patch
--- darktable-5.0.1/debian/patches/add-user-read-permission-to-dummy-databa.patch	1969-12-31 20:00:00.000000000 -0400
+++ darktable-5.0.1/debian/patches/add-user-read-permission-to-dummy-databa.patch	2025-06-24 06:49:18.000000000 -0300
@@ -0,0 +1,22 @@
+From: ralfbrown <ralfbrown at users.noreply.github.com>
+Date: Tue, 20 May 2025 04:44:02 -0400
+X-Dgit-Generated: 5.0.1-2 ee7d4a156463ee2d04c57dfe243172d8cbceb1bd
+Subject: add user-read permission to dummy database backup files
+
+(cherry picked from commit d8c060354ac3d37f5f668c34d636ad08c0eb570f)
+
+---
+
+diff --git a/src/common/database.c b/src/common/database.c
+index eda9d2e4cc..5a05a7ef22 100644
+--- a/src/common/database.c
++++ b/src/common/database.c
+@@ -4079,7 +4079,7 @@ void dt_database_backup(const char *filename)
+     else
+     {
+       // there is nothing to backup, create an empty file to prevent further backup attempts
+-      const int fd = g_open(backup, O_CREAT, S_IWUSR);
++      const int fd = g_open(backup, O_CREAT, S_IWUSR | S_IRUSR);
+       if(fd < 0 || !g_close(fd, &gerror)) copy_status = FALSE;
+     }
+     if(!copy_status)
diff -Nru darktable-5.0.1/debian/patches/series darktable-5.0.1/debian/patches/series
--- darktable-5.0.1/debian/patches/series	1969-12-31 20:00:00.000000000 -0400
+++ darktable-5.0.1/debian/patches/series	2025-06-24 06:49:18.000000000 -0300
@@ -0,0 +1 @@
+add-user-read-permission-to-dummy-databa.patch
