[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#767999: debootstrap/base-passwd: #767999 and #766459 should really be fixed in base-passwd

[ BCC'ing Santiago, Holger, Adam, Cyril ]

Hi all,

I'm refraining from quoting the preceding mails as most of you will have those
in their inbox, and I'd rather summarise the situation right here:

At least Santiago's and my opinion diverge on whether base-passwd is presently
in line with policy on 3.8 Essential packages. Therefore the route from here
appears to hinge on interpreting policy in one of two ways: my point is that
base-passwd, at present, is not providing its functionality after just being
unpacked - it does require postinst having been run. Santiago claims, if I
interpret this correctly, that every package has to be configured at least once
before being useful at all (irrespective of whether it is essential or not).

The steps from here are such:

1. Determine whether base-passwd is in line with policy on providing its
functionality as an "essential" package.
  A) If it is, then debootstrap is buggy.
  B) If base-passwd violates policy, then base-passwd is buggy.

2. If debootstrap is buggy, then the most effective way of updating as many
debootstrap installations as possible must be found.

3. If base-passwd violates policy, policy could be amended to acknowledge
base-passwd's special case. Then again we are in situation 2.

4. If base-passwd violates policy and policy would not be amended, then
base-passwd will need to be changed. Again, as you aren't base-passwd's
maintainer, you are not to be tasked with this.

My point of view is that base-passwd should be changed, and thanks to
suggestions from Tollef last night the attached patch should actually achieve
this. The idea simply is to sort out creating /etc/passwd and /etc/group in
preinst already, so that these files will be present once the package reaches
the state "unpacked."

Using a version of base-passwd modified in this way makes wheezy's debootstrap
work for me.

I am thus CC'ing Colin as base-passwd's maintainer to gather his input - I'm not
really up for any bug-reassigning game, so I'd rather not do this myself without
consent by any of the involved package maintainers (I'm just a debootstrap


diff -Nru base-passwd-3.5.36/debian/other base-passwd-3.5.36/debian/other
--- base-passwd-3.5.36/debian/other	1970-01-01 01:00:00.000000000 +0100
+++ base-passwd-3.5.36/debian/other	2014-11-06 11:18:54.000000000 +0000
@@ -0,0 +1,10 @@
+	dh_auto_clean
+	$(RM) debian/preinst
+	cp debian/preinst.in debian/preinst
+	sed -e '/@PASSWD@/ {' -e 'r passwd.master' -e 'd' -e '}' -i debian/preinst
+	sed -e '/@GROUP@/ {' -e 'r group.master' -e 'd' -e '}' -i debian/preinst
diff -Nru base-passwd-3.5.36/debian/preinst.in base-passwd-3.5.36/debian/preinst.in
--- base-passwd-3.5.36/debian/preinst.in	1970-01-01 01:00:00.000000000 +0100
+++ base-passwd-3.5.36/debian/preinst.in	2014-11-06 10:47:29.000000000 +0000
@@ -0,0 +1,23 @@
+#! /bin/sh
+set -e
+if [ ! "$1" = "install" ] ; then
+    exit 0
+if [ ! -e /etc/passwd ] ; then
+	cat > /etc/passwd <<EOF
+if [ ! -e /etc/group ] ; then
+	cat > /etc/group <<EOF
+exit 0
diff -Nru base-passwd-3.5.36/debian/rules base-passwd-3.5.36/debian/rules
--- base-passwd-3.5.36/debian/rules	2014-08-31 18:04:51.000000000 +0100
+++ base-passwd-3.5.36/debian/rules	2014-11-06 11:25:54.000000000 +0000
@@ -5,6 +5,16 @@
 export DEB_BUILD_MAINT_OPTIONS := hardening=+all
+	dh_auto_clean
+	$(RM) debian/preinst
+	cp debian/preinst.in debian/preinst
+	sed -e '/@PASSWD@/ {' -e 'r passwd.master' -e 'd' -e '}' -i debian/preinst
+	sed -e '/@GROUP@/ {' -e 'r group.master' -e 'd' -e '}' -i debian/preinst
+	dh_auto_install
 	touch debian/base-passwd.substvars
 	mv debian/base-passwd.substvars debian/base-passwd.substvars.real

Attachment: pgphyvkL7pW3v.pgp
Description: PGP signature

Reply to: