[request-tracker-maintainers] Bug#734728: request-tracker4: upgrade code broken by change in www-data's shell
Colin Watson
cjwatson at debian.org
Thu Jan 9 12:29:41 UTC 2014
Package: request-tracker4
Version: 4.0.18-1
Severity: normal
Tags: patch
User: base-passwd at packages.debian.org
Usertags: shell-fallout
In base-passwd 3.5.30, I changed www-data's shell to /usr/sbin/nologin
(a change that I really should have made about ten years ago). This has
unfortunately had a bit of collateral damage: some upgrade code in
request-tracker4's postinst will behave improperly. Here's a fix.
* Pass "-s /bin/sh" to "su www-data" to cope with the change of www-data's
shell in base-passwd 3.5.30.
diff -Nru request-tracker4-4.0.18/debian/postinst request-tracker4-4.0.18/debian/postinst
--- request-tracker4-4.0.18/debian/postinst 2013-10-26 13:09:50.000000000 +0100
+++ request-tracker4-4.0.18/debian/postinst 2014-01-09 12:28:24.000000000 +0000
@@ -143,7 +143,7 @@
if [ "$1" = "configure" ] && [ -n "$2" ] && \
dpkg --compare-versions "$2" lt 4.0.5-3
then
- if su -c "RTHOME=/usr/share/request-tracker4 /usr/share/request-tracker4/etc/upgrade/vulnerable-passwords --fix" www-data; then
+ if su -s /bin/sh -c "RTHOME=/usr/share/request-tracker4 /usr/share/request-tracker4/etc/upgrade/vulnerable-passwords --fix" www-data; then
echo "rt-vulnerable-passwords-4 invoked successfully on upgrade"
else
echo "rt-vulnerable-passwords-4 exited with an error but the"
Sorry,
--
Colin Watson [cjwatson at debian.org]
More information about the pkg-request-tracker-maintainers
mailing list