Your message dated Thu, 14 Mar 2019 19:49:07 +0000 with message-id <E1h4WLj-000Fp8-KM@fasolo.debian.org> and subject line Bug#805028: fixed in autofs 5.1.5-1 has caused the Debian Bug report #805028, regarding autofs-ldap fails to start when /etc/autofs_ldap_auth.conf has wrong permissions to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 805028: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805028 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: autofs-ldap fails to start when /etc/autofs_ldap_auth.conf has wrong permissions
- From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
- Date: Fri, 13 Nov 2015 14:47:29 +0000
- Message-id: <20151113144729.Horde.QoZt1sODBpfb4uaGa9T1xlN@mail.das-netzwerkteam.de>
Package: autofs-ldap Severity: normal Version: 5.1.1-1 Tags: patchI just observed a pecularity... the lookup_ldap backup performs a file permission check on/etc/autofs_ldap_auth.conf The expected file permissions are root:root:0600.As this diverts from default file permissions (root:root:0644), I recommend providing some dpkg-statoverride magic in autofs-ldap.postinst and autofs-ldap.prerm.By coincidence the file permissions are correct when autofs-ldap is installed, but to be really sure, I'd highly recommend using dpkg-statoverride here.I have attached a potential autofs-ldap.postinst and an autofs-ldap.prerm script (untested as of now, please verify that they do what they should).Thanks+Greets, Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/mailxchange/kronolith/fb.php?u=m.gabriel%40das-netzwerkteam.de#!/bin/sh # postinst script for autofs-ldap # # see: dh_installdeb(1) set -e # summary of how this script can be called: # * <postinst> `configure' <most-recently-configured-version> # * <old-postinst> `abort-upgrade' <new version> # * <conflictor's-postinst> `abort-remove' `in-favour' <package> # <new-version> # * <postinst> `abort-remove' # * <deconfigured's-postinst> `abort-deconfigure' `in-favour' # <failed-install-package> <version> `removing' # <conflicting-package> <version> # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in configure) if ! dpkg-statoverride --list /etc/autofs_ldap_auth.conf 1>/dev/null 2>/dev/null; then dpkg-statoverride --add --update root root 0600 /etc/autofs_ldap_auth.conf fi ;; abort-upgrade|abort-remove|abort-deconfigure) ;; *) echo "postinst called with unknown argument \`$1'" >&2 exit 1 ;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0#! /bin/sh # prerm script for autofs-ldap set -e # see: dh_installdeb(1) # summary of how this script can be called: # * <prerm> `remove' # * <old-prerm> `upgrade' <new-version> # * <new-prerm> `failed-upgrade' <old-version> # * <conflictor's-prerm> `remove' `in-favour' <package> <new-version> # * <deconfigured's-prerm> `deconfigure' `in-favour' # <package-being-installed> <version> `removing' # <conflicting-package> <version> # for details, see http://www.debian.org/doc/debian-policy/ or # the debian-policy package case "$1" in remove) if dpkg-statoverride --list /etc/autofs_ldap_auth.conf 1>/dev/null; then dpkg-statoverride --remove /etc/autofs_ldap_auth.conf fi ;; deconfigure|upgrade|failed-upgrade) : ;; *) echo "$0: didn't understand being called with \`$1'" 1>&2 exit 1;; esac # dh_installdeb will replace this with shell code automatically # generated by other debhelper scripts. #DEBHELPER# exit 0Attachment: pgpLDjyw2TESu.pgp
Description: Digitale PGP-Signatur
--- End Message ---
--- Begin Message ---
- To: 805028-close@bugs.debian.org
- Subject: Bug#805028: fixed in autofs 5.1.5-1
- From: Mike Gabriel <sunweaver@debian.org>
- Date: Thu, 14 Mar 2019 19:49:07 +0000
- Message-id: <E1h4WLj-000Fp8-KM@fasolo.debian.org>
Source: autofs Source-Version: 5.1.5-1 We believe that the bug you reported is fixed in the latest version of autofs, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 805028@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel <sunweaver@debian.org> (supplier of updated autofs package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Thu, 14 Mar 2019 19:42:50 +0100 Source: autofs Binary: autofs autofs-ldap autofs-hesiod Architecture: source Version: 5.1.5-1 Distribution: experimental Urgency: medium Maintainer: Mike Gabriel <sunweaver@debian.org> Changed-By: Mike Gabriel <sunweaver@debian.org> Description: autofs - kernel-based automounter for Linux autofs-hesiod - Hesiod map support for autofs autofs-ldap - LDAP map support for autofs Closes: 709366 737679 757038 784301 787202 805028 842199 849148 864857 892374 901554 902565 910367 Changes: autofs (5.1.5-1) experimental; urgency=medium . [ Mike Gabriel ] * New upstream release. - Make browsable_dirs option functional. Configurable in autofs.conf. (Closes: #784301). - Fix FTBFS with clang. (Closes: #757038). - Fix specification of nfsvers=4.1 (with minor version numbers) in auto.master. (Closes: #892374). * debian/patches: + Rebase some patches. + Drop do-not-check-for-modprobe-procfs-or-load-module.patch, fix-autofs-manpage-whatis.patch, fix-autofsconf-manpage-section.patch. Fixes shipped by upstream. + Add mount-hidden-samba-shares.patch. Fix regression between 5.0.8 and 5.1.1 regarding the mounting of hidden samba shares. (Closes: #787202, #910367). + Add spelling-error-fixes.patch, fixing tons of spelling fixes. Thanks lintian. * debian/rules: + Add get-orig-source target. + Evoke install_samples upstream Makefile target explicitly during dh_auto_install. + Enable all hardening flags. * debian/control: + Bump to Standards-Version: 4.3.0. No changes needed. + Adopt autofs package. Thanks to Dmitry Smirnov and other contributors for all the previous work. (Closes: #849148). + Explicit B-D on pkg-config. + Update Vcs-*: fields. Packaging has moved to salsa.debian.org. (Closes: #902565). + Add B-D on dpkg-dev (>= 1.16.1.1~) for full hardening flag support. + Use secure URL in Homepage: field. * debian/source/options: + Drop custom compression for debian/ folder's tarball. * debian/autofs-ldap.<scripts>: + Ensure file permissions of /etc/autofs_ldap_auth.conf are set to root:root:0600 via dpkg-statoverride. (Closes: #805028). * debian/autofs.service: + Add nfs-client.target to Wants= key. Hopefully, this is sufficient to fix #842199, if not, please reopen the bug. (Closes: #842199). + PID file is in /run, not /var/run (which is a symlink to /run). + Add Documentation= key. * debian/copyright: + Drop outdated information from main header. Use https:// in URLs. . [ Stefan Potyra ] * debian/control: + Add libtirpc-dev to build-depends. * debian/rules: + Add option --with-libtirpc to configure. (Closes: #737679, #709366). . [ Andreas Hasenack ] * debian/tests: + Add nfs-mount and smb-mount tests. (Closes: #901554). . [ Vincent McIntyre ] * debian/patches: + Add hardening-flags.patch. Assure that automount is built with DAEMON_CFLAGS. (Closes: #864857). Checksums-Sha1: 1c0372579c5bf072a6c2abb26b97bac04ccc74df 2349 autofs_5.1.5-1.dsc f60ce7b1e4e3c380fbca8347b395f7fc07a141ec 313476 autofs_5.1.5.orig.tar.xz bba483059dcfa387b797352e09ad69efd9c8d193 21324 autofs_5.1.5-1.debian.tar.xz 6c690b31b9eb2eb60d51e718be25c103c8dfe88d 8601 autofs_5.1.5-1_source.buildinfo Checksums-Sha256: 2e531ec8b2e0a6146bde04714d692c937dcb84a4c5b074ffbdfe0f026096303c 2349 autofs_5.1.5-1.dsc 23afdad9e2fd6d41b1900be8cfecfd5aae0ad174c7708ff685ec27e280f9c0da 313476 autofs_5.1.5.orig.tar.xz fc99ac22684462967aa0784e11015b12c4a55feea9fe78595092c2056d946cd5 21324 autofs_5.1.5-1.debian.tar.xz 07e7bd1746acbf23df19514179b6f5bc61aa3162873212f74790f784bbe97878 8601 autofs_5.1.5-1_source.buildinfo Files: cbf70c28342819c075fab59139a887c2 2349 utils optional autofs_5.1.5-1.dsc 61d2cfbf51159c9c82b57e1ea9c34376 313476 utils optional autofs_5.1.5.orig.tar.xz a2fd3fcc0b2a4f06184d11f00ec0699e 21324 utils optional autofs_5.1.5-1.debian.tar.xz d45c04bb0fa89ecf956b2fa3b8dc5d1e 8601 utils optional autofs_5.1.5-1_source.buildinfo -----BEGIN PGP SIGNATURE----- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAlyKrEQVHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsx3lMP/ijb2YSEdTnH54qa383pwUUffbPT WwDm8bkRT5rOiTyTkvFniAjDnx8EH6CK71dtn2NxwIsiZTxqvE1G9iSd56Nt4Vd9 pLhbbiKfSGeq95GzhHgAUDOB/DxkWfxJiS8ORXKH8GaTZELBppZymAqkcQpSPJp+ juorlk9obp3wpJPPk4XqDkXBCK+Yd5zbNs+D2YNcx6qFIQfRP1yLbXi1DjknwwgE JK+vnz8zLjHvAUbK+5sT//EZQ2Xv8xgK03Dnts4A7ut3RPjsc/CMZh211WJWN1In VIupwX9352vsqZVtgHU3akOvfJlN+GVjTLU4Y81u9dJPK+crhJbEQdnQ4k/pXhF9 AboROIMeryCAyeY9Zsj6ZskHzK4YePBKzP1mCtprN3SEWg9NDxDrKOMdOwd4RKBJ F3mbyv5qhFwNPhoV6Y05SfgccCPGh2EI+oSP+Mb/kZuAPjQ904yR3Oxl5OpiQwst OGgawIJw+WSbrfTDqcO5XfyRFr5eVWOqjxDwOMgsCads4moS3+6zG2qBqXJY1Py9 MrXOa4eXjZJwsep9HODqi0pGuB7uoybnPmZCtkRYe4xgCxNDyZ+JDRBRlGJEDBIq rd/vcCLXGIzAdDzjJkXWnlJnRzPzumY+svgbhcxBdYMHa5dBckERuIw6nXBi0eBO YId5eYO8RlguQzAz =X1to -----END PGP SIGNATURE-----
--- End Message ---