Bug#656208: asterisk: postinst script doesn't quote directories for chown

Pocos System Administrator servicedesk at pocos.nl
Tue Jan 17 12:27:43 UTC 2012 

Package: asterisk
Version: 1:1.6.2.9-2+squeeze4
Severity: grave
Tags: patch
Justification: renders package unusable


When asterisk is upgraded, and some of the directories it chowns
contain spaces, the package remains unconfigured.


-- System Information:
Debian Release: 6.0.3
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-5-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages asterisk depends on:
ii  adduser            3.112+nmu2            add and remove users and groups
ii  asterisk-config-cu 1.1.3                 Asterisk configuration by POCOS
ii  asterisk-sounds-ma 1:1.6.2.9-2+squeeze4  Core Sound files for Asterisk (Eng
ii  dahdi              1:2.2.1.1-1           utilities for using the DAHDI kern
ii  libasound2         1.0.23-2.1            shared library for ALSA applicatio
ii  libc-client2007e   8:2007e~dfsg-3.1      c-client library for mail protocol
ii  libc6              2.11.2-10             Embedded GNU C Library: Shared lib
ii  libcap2            1:2.19-3              support for getting/setting POSIX.
ii  libcurl3           7.21.0-2              Multi-protocol file transfer libra
ii  libgcc1            1:4.4.5-8             GCC support library
ii  libglib2.0-0       2.24.2-1              The GLib library of C routines
ii  libgmime-2.0-2a    2.2.25-2              MIME library
ii  libgsm1            1.0.13-3              Shared libraries for GSM speech co
ii  libiksemel3        1.2-4                 C library for the Jabber IM platfo
ii  libjack-jackd2-0 [ 1.9.6~dfsg.1-2        JACK Audio Connection Kit (librari
ii  libldap-2.4-2      2.4.23-7.2            OpenLDAP libraries
ii  liblua5.1-0        5.1.4-5               Simple, extensible, embeddable pro
ii  libncurses5        5.7+20100313-5        shared libraries for terminal hand
ii  libnewt0.52        0.52.11-1             Not Erik's Windowing Toolkit - tex
ii  libogg0            1.2.0~dfsg-1          Ogg bitstream library
ii  libopenais3        1.1.2-2               Standards-based cluster framework 
ii  libopenr2-3        1.3.0-2               MFC/R2 (telephony) call setup libr
ii  libpopt0           1.16-1                lib for parsing cmdline parameters
ii  libpq5             8.4.9-0squeeze1+b1    PostgreSQL C client library
ii  libpri1.4          1.4.11.3-1            Primary Rate ISDN specification li
ii  libradiusclient-ng 0.5.6-1.1             Enhanced RADIUS client library
ii  libresample1       0.1.3-3               real-time audio resampling library
ii  libsdl1.2debian    1.2.14-6.1            Simple DirectMedia Layer
ii  libsnmp15          5.4.3~dfsg-2          SNMP (Simple Network Management Pr
ii  libspandsp2        0.0.6~pre12-1         Telephony signal processing librar
ii  libspeex1          1.2~rc1-1             The Speex codec runtime library
ii  libspeexdsp1       1.2~rc1-1             The Speex extended runtime library
ii  libsqlite0         2.8.17-6              SQLite shared library
ii  libss7-1           1.0.2-1               Signalling System 7 (ss7) library
ii  libssl0.9.8        0.9.8o-4squeeze5      SSL shared libraries
ii  libstdc++6         4.4.5-8               The GNU Standard C++ Library v3
ii  libsybdb5          0.82-7                libraries for connecting to MS SQL
ii  libtiff4           3.9.4-5+squeeze3      Tag Image File Format (TIFF) libra
ii  libtonezone2.0     1:2.2.1.1-1           tonezone library (runtime)
ii  libvorbis0a        1.3.1-1               The Vorbis General Audio Compressi
ii  libvorbisenc2      1.3.1-1               The Vorbis General Audio Compressi
ii  libvpb0            4.2.52-2              Voicetronix telephony hardware use
ii  libx11-6           2:1.3.3-4             X11 client-side library
ii  libxml2            2.7.8.dfsg-2+squeeze1 GNOME XML library
ii  unixodbc           2.2.14p2-1            ODBC tools libraries
ii  zlib1g             1:1.2.3.4.dfsg-3      compression library - runtime

Versions of packages asterisk recommends:
ii  sox                          14.3.1-1+b1 Swiss army knife of sound processi

Versions of packages asterisk suggests:
pn  asterisk-dev                  <none>     (no description available)
pn  asterisk-doc                  <none>     (no description available)
pn  asterisk-h323                 <none>     (no description available)

-- no debconf information
-------------- next part --------------
--- asterisk.postinst.orig	2012-01-17 13:18:59.000000000 +0100
+++ asterisk.postinst	2012-01-17 13:19:28.000000000 +0100
@@ -37,7 +37,7 @@
 	     /var/lib/asterisk \
 	     -type d | while read dir; do
 		if ! dpkg-statoverride --list "$dir" > /dev/null ; then
-			chown asterisk: $dir
+			chown asterisk: "$dir"
 		fi
 	done 
 	
@@ -53,8 +53,8 @@
 	# spool holds some sensitive information (e.g. monitor, voicemail etc.)
 	find /var/spool/asterisk -type d | while read dir; do
 		if ! dpkg-statoverride --list "$dir" > /dev/null ; then
-			chown asterisk: $dir
-			chmod 750 $dir
+			chown asterisk: "$dir"
+			chmod 750 "$dir"
 		fi
 	done

More information about the Pkg-voip-maintainers mailing list