Bug#1055036: bookworm-pu: package crmsh/4.4.1-1+deb12u1
On Mon, Feb 12, 2024 at 06:21:52PM +0000, Jonathan Wiltshire wrote:
> This will happen on every package update, no? What if the local
> administrator has set other properties on the log file (e.g. to allow other
> users to read it)?
Thanks, I have updated the postinst to only make the changes if
the logs don't exist. Updated debdiff attached below...
--
Valentin
diff -Nru crmsh-4.4.1/debian/changelog crmsh-4.4.1/debian/changelog
--- crmsh-4.4.1/debian/changelog 2023-03-03 22:48:41.000000000 +0100
+++ crmsh-4.4.1/debian/changelog 2023-10-29 20:46:13.000000000 +0100
@@ -1,3 +1,10 @@
+crmsh (4.4.1-1+deb12u1) bookworm; urgency=medium
+
+ * d/postinst: create a logging directory (Closes: #1042448)
+ * d/patches: add patch for log file error
+
+ -- Valentin Vidic <vvidic@debian.org> Sun, 29 Oct 2023 20:46:13 +0100
+
crmsh (4.4.1-1) unstable; urgency=medium
[ Bas Couwenberg ]
diff -Nru crmsh-4.4.1/debian/control crmsh-4.4.1/debian/control
--- crmsh-4.4.1/debian/control 2023-03-03 22:46:48.000000000 +0100
+++ crmsh-4.4.1/debian/control 2023-10-29 20:46:13.000000000 +0100
@@ -43,6 +43,7 @@
Breaks: pacemaker (<< 1.1.12)
Suggests:
bash-completion,
+ cluster-glue,
csync2,
dmidecode,
fdisk | util-linux (<< 2.29.2-3~),
diff -Nru crmsh-4.4.1/debian/crmsh.postinst crmsh-4.4.1/debian/crmsh.postinst
--- crmsh-4.4.1/debian/crmsh.postinst 1970-01-01 01:00:00.000000000 +0100
+++ crmsh-4.4.1/debian/crmsh.postinst 2023-10-29 20:46:13.000000000 +0100
@@ -0,0 +1,50 @@
+#!/bin/sh
+# postinst script for crmsh
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postinst> `configure' <most-recently-configured-version>
+# * <old-postinst> `abort-upgrade' <new version>
+# * <conflictor's-postinst> `abort-remove' `in-favour' <package>
+# <new-version>
+# * <deconfigured's-postinst> `abort-deconfigure' `in-favour'
+# <failed-install-package> <version> `removing'
+# <conflicting-package> <version>
+# for details, see http://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+#
+
+case "$1" in
+ configure)
+ if [ ! -e /var/log/crmsh ]; then
+ mkdir /var/log/crmsh
+ chown hacluster:haclient /var/log/crmsh
+ chmod 0775 /var/log/crmsh
+ fi
+
+ if [ ! -e /var/log/crmsh/crmsh.log ]; then
+ touch /var/log/crmsh/crmsh.log
+ chown hacluster:haclient /var/log/crmsh/crmsh.log
+ chmod 0664 /var/log/crmsh/crmsh.log
+ fi
+ ;;
+
+ abort-upgrade|abort-remove|abort-deconfigure)
+
+ ;;
+
+ *)
+ echo "postinst called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff -Nru crmsh-4.4.1/debian/crmsh.postrm crmsh-4.4.1/debian/crmsh.postrm
--- crmsh-4.4.1/debian/crmsh.postrm 1970-01-01 01:00:00.000000000 +0100
+++ crmsh-4.4.1/debian/crmsh.postrm 2023-10-29 20:46:13.000000000 +0100
@@ -0,0 +1,41 @@
+#!/bin/sh
+# postrm script for crmsh
+#
+# see: dh_installdeb(1)
+
+set -e
+
+# summary of how this script can be called:
+# * <postrm> `remove'
+# * <postrm> `purge'
+# * <old-postrm> `upgrade' <new-version>
+# * <new-postrm> `failed-upgrade' <old-version>
+# * <new-postrm> `abort-install'
+# * <new-postrm> `abort-install' <old-version>
+# * <new-postrm> `abort-upgrade' <old-version>
+# * <disappearer's-postrm> `disappear' <overwriter>
+# <overwriter-version>
+# for details, see https://www.debian.org/doc/debian-policy/ or
+# the debian-policy package
+
+
+case "$1" in
+ purge)
+ rm -rf /var/log/crmsh
+ ;;
+
+ remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
+ ;;
+
+ *)
+ echo "postrm called with unknown argument \`$1'" >&2
+ exit 1
+ ;;
+esac
+
+# dh_installdeb will replace this with shell code automatically
+# generated by other debhelper scripts.
+
+#DEBHELPER#
+
+exit 0
diff -Nru crmsh-4.4.1/debian/patches/0019-Fix-log-file-error.patch crmsh-4.4.1/debian/patches/0019-Fix-log-file-error.patch
--- crmsh-4.4.1/debian/patches/0019-Fix-log-file-error.patch 1970-01-01 01:00:00.000000000 +0100
+++ crmsh-4.4.1/debian/patches/0019-Fix-log-file-error.patch 2023-10-29 20:46:13.000000000 +0100
@@ -0,0 +1,52 @@
+From b4abe21d2fd55ced0f56baff5c4892a4826aa0f7 Mon Sep 17 00:00:00 2001
+From: nicholasyang <nicholas.yang@suse.com>
+Date: Tue, 25 Oct 2022 13:28:40 +0800
+Subject: [PATCH] fix: log: fail to open log file even if user is in haclient
+ group (bsc#1204670)
+
+The file had been created with umask 0022 in usual so that it was not
+group-writable.
+
+Call chown and chmod explicitly to fix it.
+---
+ crmsh/log.py | 21 ++++++++++-----------
+ 1 file changed, 10 insertions(+), 11 deletions(-)
+
+--- a/crmsh/log.py
++++ b/crmsh/log.py
+@@ -423,14 +423,6 @@
+ self.logger.info("offending xml: %s", xml)
+
+
+-def setup_directory_for_logfile():
+- """
+- Create log file's parent directory
+- """
+- _dir = os.path.dirname(CRMSH_LOG_FILE)
+- os.makedirs(_dir, exist_ok=True)
+-
+-
+ def setup_logging(only_help=False):
+ """
+ Setup log directory and loadding logging config dict
+@@ -439,10 +431,17 @@
+ if only_help:
+ LOGGING_CFG["handlers"]["file"] = {'class': 'logging.NullHandler'}
+ else:
+- setup_directory_for_logfile()
++ # dirname(CRMSH_LOG_FILE) should be created by package manager during installation
++ with open(CRMSH_LOG_FILE, 'a') as f:
++ try:
++ shutil.chown(CRMSH_LOG_FILE, group=constants.HA_GROUP)
++ os.fchmod(f.fileno(), 0o664)
++ shutil.chown(CRMSH_LOG_FILE, user=constants.HA_USER)
++ except PermissionError:
++ # The file has been open with O_APPEND, oo logging can write to it.
++ # Failing to change owner or mode is not a fatal error.
++ pass
+ logging.config.dictConfig(LOGGING_CFG)
+- if os.path.exists(CRMSH_LOG_FILE):
+- shutil.chown(CRMSH_LOG_FILE, constants.HA_USER, constants.HA_GROUP)
+
+
+ def setup_logger(name):
diff -Nru crmsh-4.4.1/debian/patches/series crmsh-4.4.1/debian/patches/series
--- crmsh-4.4.1/debian/patches/series 2023-03-03 22:48:18.000000000 +0100
+++ crmsh-4.4.1/debian/patches/series 2023-10-29 20:46:13.000000000 +0100
@@ -14,3 +14,4 @@
0018-Fix-python3-install.patch
getargspec.patch
spelling-errors.patch
+0019-Fix-log-file-error.patch
Reply to: