Bug#24891: marked as done (running update unnecessarily restricted to root (PATCH))
Your message dated Thu, 25 Jan 2001 15:28:30 -0500
with message-id <E14Lt0Q-0002r3-00@auric.debian.org>
and subject line Bug#24891: fixed in update 2.11-3
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Darren Benham
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 22 Jul 1998 18:15:01 +0000
Received: (qmail 21332 invoked from network); 22 Jul 1998 18:15:01 -0000
Received: from pop.medialab.sonera.net (195.156.109.69)
by debian.novare.net with SMTP; 22 Jul 1998 18:15:01 -0000
Received: (from tom@localhost)
by pop.medialab.sonera.net (8.9.1/8.9.1/Debian/GNU) id VAA28197;
Wed, 22 Jul 1998 21:14:59 +0300
Date: Wed, 22 Jul 1998 21:14:59 +0300
Message-Id: <199807221814.VAA28197@pop.medialab.sonera.net>
From: Topi Miettinen <tom@medialab.sonera.net>
Subject: running update unnecessarily restricted to root (PATCH)
To: submit@bugs.debian.org
X-Mailer: bug 3.1.5
Package: update
Version: 1.3-2
Running /sbin/update as normal user fails. This is overly restrictive:
-it's not set[ug]id
-users can write their own update daemons (e.g. while true; do sync; done)
-some security-conscious sites may want to run update as non-root
This patch disables the check.
diff -ru update-1.3/update.c.orig update-1.3/update.c
--- update-1.3/update.c.orig Thu Feb 13 19:33:36 1997
+++ update-1.3/update.c Wed Jul 22 21:07:11 1998
@@ -130,6 +130,7 @@
if (optind < argc)
usage(argv[0]);
+#if 0 /* Useless. People can write their own update daemons. */
/*
* Prevent people from launching more update daemons.
* Might as well call sync().
@@ -139,6 +140,7 @@
fprintf(stderr, "%s: should only be run by root.\n", argv[0]);
exit(1);
}
+#endif
/*
* Ignore a few signals for good measure.
---------------------------------------
Received: (at 24891-close) by bugs.debian.org; 25 Jan 2001 20:40:04 +0000
>From troup@auric.debian.org Thu Jan 25 14:40:03 2001
Return-path: <troup@auric.debian.org>
Received: from auric.debian.org [::ffff:206.246.226.45]
by master.debian.org with esmtp (Exim 3.12 1 (Debian))
id 14LtBa-0003iZ-00; Thu, 25 Jan 2001 14:40:02 -0600
Received: from troup by auric.debian.org with local (Exim 3.12 1 (Debian))
id 14Lt0Q-0002r3-00; Thu, 25 Jan 2001 15:28:30 -0500
From: Chris Lawrence <lawrencc@debian.org>
To: 24891-close@bugs.debian.org
Subject: Bug#24891: fixed in update 2.11-3
Message-Id: <E14Lt0Q-0002r3-00@auric.debian.org>
Sender: James Troup <troup@auric.debian.org>
Date: Thu, 25 Jan 2001 15:28:30 -0500
Delivered-To: 24891-close@bugs.debian.org
We believe that the bug you reported is fixed in the latest version of
update, which has been installed in the Debian FTP archive:
update_2.11-3.diff.gz
to pool/main/u/update/update_2.11-3.diff.gz
update_2.11-3.dsc
to pool/main/u/update/update_2.11-3.dsc
update_2.11-3_i386.deb
to pool/main/u/update/update_2.11-3_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 24891@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Chris Lawrence <lawrencc@debian.org> (supplier of updated update package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 25 Jan 2001 11:46:42 -0600
Source: update
Binary: update
Architecture: source i386
Version: 2.11-3
Distribution: unstable
Urgency: low
Maintainer: Chris Lawrence <lawrencc@debian.org>
Changed-By: Chris Lawrence <lawrencc@debian.org>
Description:
update - daemon to periodically flush filesystem buffers.
Closes: 24891 45504 68985 80170 80774
Changes:
update (2.11-3) unstable; urgency=low
.
* New maintainer. (Closes: #80170)
* #80774 (man pages in wrong directory) was fixed in 2.11-2. update is
FHS compliant. (Closes: #80774)
* Permit running update as non-root user. (Closes: #24891)
* Updated copyright file to reflect current version's upstream URL.
(Closes: #45504)
* update is no longer essential. This should not pose a problem as the
default kernel for woody will be 2.2.x or 2.4.x, and other packages
in woody (like modutils) will be incompatible with 2.0 series kernels.
(Closes: #68985)
Files:
605c9fb30ca76f593d9a94876e0db6e3 571 base required update_2.11-3.dsc
0a9ae00481796d7c47f39cc5e052aca8 2418 base required update_2.11-3.diff.gz
f1cbfecbd3c74091b14bf08068fd329e 6324 base required update_2.11-3_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.4 (GNU/Linux)
Comment: For info see http://www.gnupg.org
iEYEARECAAYFAjpwZ/4ACgkQ2wQKE6PXubxfGQCdF6cxPFgFK/yxwaZObvs3a2Ki
1GQAoKMun7EfGjrNUH3jRAOTw5EZOF3A
=nw0W
-----END PGP SIGNATURE-----
Reply to: