Your message dated Fri, 05 Apr 2024 17:27:47 +0000 with message-id <[🔎] E1rsnLv-00Fr8g-I4@fasolo.debian.org> and subject line Bug#1068262: Removed package(s) from unstable has caused the Debian Bug report #725454, regarding libapache2-mod-auth-kerb: should read keytab before dropping privileges to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 725454: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725454 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: Debian Bug Tracking System <submit@bugs.debian.org>
- Subject: libapache2-mod-auth-kerb: should read keytab before dropping privileges
- From: "brian m. carlson" <sandals@crustytoothpaste.net>
- Date: Sun, 6 Oct 2013 00:18:21 +0000
- Message-id: <20131006001820.GA12990@vauxhall.crustytoothpaste.net>
Package: libapache2-mod-auth-kerb Version: 5.4-2.1 Severity: wishlist I am trying to use mpm_itk along with mod_auth_kerb to force authentication before running a CGI script as a user (in this case, the git smart HTTP server). However, mod_auth_kerb reads the keytab after it has dropped privileges, resulting in the problem that the user to which privileges have been dropped cannot read the keytab file. This is, of course, by design—ordinary users should not have access to the Apache keytab. Would it be possible to read the keytab on startup before dropping privileges so that this use case (and suexec, and so on) works? -- System Information: Debian Release: jessie/sid APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.11-trunk-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- brian m. carlson / brian with sandals: Houston, Texas, US +1 832 623 2791 | http://www.crustytoothpaste.net/~bmc | My opinion only OpenPGP: RSA v4 4096b: 88AC E9B2 9196 305B A994 7552 F1BA 225C 0223 B187Attachment: signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
- To: 457341-done@bugs.debian.org,494688-done@bugs.debian.org,550606-done@bugs.debian.org,552266-done@bugs.debian.org,722477-done@bugs.debian.org,725454-done@bugs.debian.org,766587-done@bugs.debian.org,780108-done@bugs.debian.org,799109-done@bugs.debian.org,976156-done@bugs.debian.org,1013955-done@bugs.debian.org,1036193-done@bugs.debian.org,
- Cc: libapache-mod-auth-kerb@packages.debian.org
- Subject: Bug#1068262: Removed package(s) from unstable
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Fri, 05 Apr 2024 17:27:47 +0000
- Message-id: <[🔎] E1rsnLv-00Fr8g-I4@fasolo.debian.org>
Version: 5.4-3+rm Dear submitter, as the package libapache-mod-auth-kerb has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/1068262 The version of this package that was in Debian prior to this removal can still be found using https://snapshot.debian.org/. Please note that the changes have been done on the master archive and will not propagate to any mirrors until the next dinstall run at the earliest. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org. Debian distribution maintenance software pp. Thorsten Alteholz (the ftpmaster behind the curtain)
--- End Message ---