[Pkg-pulseaudio-devel] Bug#576546: Feedback
Marcelo E. Magallon
mmagallo at debian.org
Mon Apr 5 23:35:35 UTC 2010
Hi,
I'm not sure how this ever worked. With the shipped
/usr/lib/libpulsecommon-0.9.21.so pa_make_secure_dir
consistenly fails.
As someone else pointed out the problem is here:
(st.st_uid != uid) ||
(st.st_gid != gid) ||
because at this point uid = -1 and gid = -1.
Looking at the build log:
https://buildd.debian.org/fetch.cgi?&pkg=pulseaudio&ver=0.9.21-1.1&arch=amd64&stamp=1270339860&file=log
it looks like fstat and fchown were correctly detected,
presumably defining HAVE_FSTAT and HAVE_FCHOWN:
#ifdef HAVE_FSTAT
...
#ifdef HAVE_FCHOWN
if (uid == (uid_t)-1)
uid = getuid();
if (gid == (gid_t)-1)
gid = getgid();
(void) fchown(fd, uid, gid);
#endif
...
#endif
I rebuilt the package locally and it's working (in my working
environment, not a chroot), so it looks like there's a missing
build-dependency, my guess is autotools *and* a call to
autoconf.
Examining this more closely, doing a clean build of the source
package as uploaded results in a binary with this bug. When
doing debian/rules clean, I see autoconf being called, which
modifies the source and on the second build the package works
correctly. So something in CDBS is failing to call autoconf
even if configure.ac is being patched.
Two bugs were reported about the same issue, one on amd64 and
one on i386. Looking at the autobuilt set, it seems like the
original NMU was built on i386, so I don't think this problem is
specific to the autobuilt versions.
Also, I think the patch breaks pulseaudio somewhere, because it
hides this code:
if (uid == (uid_t)-1)
uid = getuid();
if (gid == (gid_t)-1)
gid = getgid();
inside the two HAVE_FCHOWN and HAVE_FSTAT conditionals. The
original code had it hidden inside a single conditional on
HAVE_CHOWN. My point is I don't think the patched code is doing
the same wrt the uid/gid variables.
Looking at the structure of the code, I think those lines should
be outside the conditional, to support the use case where the
caller of pa_make_secure_dir passes -1 as uid/gid, but there's
no support for fstat/fchown/chown, or else the check further
down the code fails consistently there.
So, there are two problems: for whatever reason HAVE_FSTAT
and/or HAVE_FCHOWN weren't defined; and the patch is breaking
pulseaudio somewhere (likely not Linux).
Marcelo
More information about the Pkg-pulseaudio-devel
mailing list