Bug#1037203: aide release notes to work around #1037171
Marc Haber wrote:
> I am really sorry for this. #1037171 is an embarrassing one, sadly too
> late for the release, but I'll try to do a fix via spu.
I gather from the version data that when the bug submitter says buster
that's a typo for bookworm?
> Suggested wording for something along chapter 5.4:
It'll also need a section title and a summary of what the bug actually
is, which isn't completely clear to me. Does the bug mean that
bullseye systems where aide was already working will break on
dist-upgrade to bookworm, or is it only a bug for systems where aide
is installed subsequently? I'm guessing:
<section id="aide-user-creation-bug">
<title>Bug in <literal>aide</literal> user creation</title>
<para>
The version of <systemitem role="package">aide</systemitem> in the
initial 12.0 release of bookworm has a bug
(<ulink url="https://bugs.debian.org/1037171">#1037171</ulink>) in
its package scripts which results in the <literal>_aide</literal>
user not being created, preventing <command>aideinit</command>
from creating a new database.
</para>
> Before upgrading your aide packages, create
So this needs to be done before the dist-upgrade?
> /usr/lib/sysusers.d/aide-common.conf with the following contents:
Isn't this the sort of thing that's usually overridable via files with
names like /etc/sysusers.d/aide-common.conf? I'll assume for now that
this needs to live in /usr/lib (because we *want* it trampled when the
point release version installs its own copy).
> #Type Name ID GECOS Home directory Shell↲
> u _aide - "Advanced Intrusion Detection Environment" /var/lib/aide /usr/sbin/nologin↲
(I'm assuming "↲" just means "newline"...)
> and call systemd-sysusers to work around Bug #1037171.
(...and that this is a plain root-privileged invocation of bullseye
"systemd-sysusers". So:)
<para>
The bug can be avoided by creating the user before the dist-upgrade.
Create a file <filename>/usr/lib/sysusers.d/aide-common.conf</filename>
containing:
<screen>
#Type Name ID GECOS Home directory Shell
u _aide - "Advanced Intrusion Detection Environment" /var/lib/aide /usr/sbin/nologin
</screen>
and then run <command>systemd-sysusers</command>.
</para>
</section>
--
JBR with qualifications in linguistics, experience as a Debian
sysadmin, and probably no clue about this particular package
Reply to: