Bug#276419: [Pkg-shadow-devel] Bug#276419: Is the famous "su appends the positional args to the command line" bug still here?

Wed Oct 12 04:59:18 UTC 2005

Rumble....Please answer to the bug address, not the list
address....Otherwise discussions can't be followed in the BTS when
coming back later on bugs.

This is why I entirely quote your message.

Quoting Nicolas François (nicolas.francois at centraliens.net):
> Hi,
> 
> On Tue, Oct 11, 2005 at 07:03:44PM +0200, bubulle at debian.org wrote:
> > This bug is tagged "fixed-upstream".
> > 
> > That means that it should no more be here in 4.0.12. Is that right?
> > 
> > The problem here becomes: such change has to go upstream. I can't
> > imagine we diverge from upstream on that matter...so we first need to
> > decide whether the bug is still here or not.
> > 
> > The first example given by Helmut in the bug report works as Helmut
> > expects...but it also works with 4.0.3-39...:-)
> > 
> > The 'su -- - "$LOGNAME" -x' example does not work with either 4.0.3 or
> > 4.0.12.
> > 
> > So, it the bug still here (it seems to be)?
> > 
> > If it isn't anymore, just close the bug...:-)
> > 
> > If it is, then try convincing Tomasz he should adopt the patch(es) proposed
> > 
> > Then build the transition plan with Debian maintainers....
> 
> This bug should not be fixed currently.
> 
> It is fixed upstream because the submitter thinks upstream behavior is
> correct, whereas Debian's su is not correct.
> 
> We tried to fix it, but this broke pbuilder (remember Junichi blogs?;)
> 
> The plan was to make a summary of the situation to debian-devel, and chose
> whether 423_su_pass_args_without_concatenation should be applied or not.
> This may also mean a transition.
> 
> I have no real opinion:
>  * I prefer upstream behavior
>  * upstream's behavior is also used in other distrib / *nix
>  * upstream behavior breaks some important packages that currently depend
>    on Debian's su behavior.
> 

I was wondering "If the bug is fixed upstream, then by which miracle
is Debian's su behaviour different ? :-)"

We now use upstream.

Then I discovered the two 423 patches....

 enforces the "old" behaviour and is applied

So, now, we enforce the "old" behaviour with
423_su_arguments_are_concatenated to our su while we should actually
just use upstream's behaviour by dropping this patch. Right ?

 423_su_pass_args_without_concatenation was meant for 4.0.3 but should
 actually be useless. Going to the new behaviour is just dropping the
 423_su_arguments_are_concatenated patch. OK?

Helmut wrote a long and detailed HOWTO to help users, admins and
maintainers to adapt their use of su. Fine.

However, putting myself in the skin of a quite clueless maintainer,
the first thought that comes would be "hey, I use "su" in my
package...am I concerned by what these guys are changing"?

So, we need a VERY SHORT, NON TECHNICAL document explaining this.

I think it needs to have something like this structure, with no more
than 3 lines per part:

Introduction
------------
Briefly explain the change and the rationale, pointing at the bug
number

Short details
-------------
Explain, with examples, the new su use cases that need to be adapted.

Needed adaptations
------------------
Point people affected by this changes to the HOWTO (which will be
released along with shadow ASAP, possibly with 4.0.13).

Transition plan
---------------
Explain when the new behaviour will be implemented, giving maintainers
a deadline.