[Pkg-utopia-maintainers] Bug#773107: dbus-daemon-launch-helper permissions temporarily wrong during upgrades
Simon McVittie
smcv at debian.org
Sun Dec 14 12:51:39 UTC 2014
Package: dbus
Version: 1.8.12-1
Severity: important
dbus-daemon-launch-helper is expected to be setuid root and executable
by group messagebus, i.e. "root messagebus 4754" in dpkg-statoverride syntax.
However, because messagebus is a dynamically-allocated system group,
the file in the .deb is actually "root root 0755", with ownership
and permissions fixed up during installation.
At the moment we just do a trivial chown/chmod in the postinst:
if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then
chown root:"$MESSAGEUSER" "$LAUNCHER"
chmod 4754 "$LAUNCHER"
fi
However, this is not as robust as it could be. When a new dbus has been
unpacked but not yet configured, dbus-daemon-launch-helper is
temporarily "root root 0755", breaking system service activation.
While upgrading a wheezy laptop to jessie, I hit one of the current dpkg
bugs with trigger cycles (man-db -> man-db) which stopped the upgrade
while dbus was in this state. An error message from PackageKit notification
demonstrated the bug:
dpkg: cycle found while processing triggers:
chain of packages whose triggers are or may be responsible:
man-db -> man-db
...
Error: GDBus.Error:org.freedesktop.DBus.Error.Spawn.PermissionsInvalid: The permission of the setuid helper is not correct
E: Sub-process /usr/bin/dpkg returned an error code (1)
I think we could make dbus more robust by following the pattern
suggested in Policy §10.9:
# postinst
if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then
dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER"
fi
# postrm, $1 = purge
if dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1 ; then
dpkg-statoverride --remove "$LAUNCHER"
fi
This would not immediately help upgrades from current dbus versions to the
first version with this bug fixed, but all subsequent upgrades
(e.g. jessie -> stretch) would avoid the broken transitional state.
We could optionally also do something like this in preinst:
# preinst
if getent group "$MESSAGEUSER" >/dev/null && \
-x "$LAUNCHER" && \
! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then
dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER"
fi
to improve the robustness of upgrades from current dbus versions to the
fixed version.
Regards,
S
More information about the Pkg-utopia-maintainers
mailing list