--- Begin Message ---
Package: release.debian.org
Severity: normal
X-Debbugs-Cc: procps@packages.debian.org, csmall@debian.org
Control: affects -1 + src:procps
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package procps
Apologies to package maintainer and the RT: I have framed this as an NMU
so I can produce a changelog and debdiff that represent a viable upload
for the purposes of this unblock request. I hope Craig has an
opportunity to take over this upload but want to initiate the unblock
request while still possible. That would mean the changelog and version
number potentially changing before upload.
[ Reason ]
To fix RC bug #1108549, of which there are two parts:
1. (severity: serious) w acts on the value of uninitialised memory if systemd
not present. On some systems this leads to a segfault.
2. (severity: important) w provides incomplete security audit information when
run on a system using elogind (falls back to reading utmp instead of yielding
the sessions recorded by elogind.)
The change in the new version replaces the decision tree for collecting session
information, fixing both the above bugs together, although the first bug can
also be fixed by a one-line change, which is included in a reworked version of
an existing patch.
[ Impact ]
Some users will experience confusing output that could in the worse case
mislead on security status, particularly as it partially works due to falling
back to reading utmp.
Some users may experience a segfault with a basic system tool, which reduces
user confidence.
[ Tests ]
I (original bug and patch submitter) conducted the following tests:
| scenario | systemd | elogind | none [1] |
| ----------- | ------- | ------- | -------- |
| sessions | ✓ | ✓ | ✓ (utmp) |
| no sessions | ✓ [2] | ✓ [2] | ✓ [2] |
| error | | | N/A |
[1]: No session management simulated by renaming /run/systemd under elogind
[2]: 'No sessions' scenario exercised by scheduling at job
The case of error from sd_get_sessions() is untested; this seems low risk.
[ Risks ]
Risk of introducing a regression with undertested paths or other unintended
consequences.
The change is small enough that we can be fairly confident it is correct by
inspection and the key combinations in the matrix of use cases has been tested
manually.
[ Checklist ]
[x] all changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in testing
[ Other info ]
1. BTS bug with discussion:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1108549
2. changelog and version number could change before upload if package
maintainer has an opportunity to take over.
unblock procps/2:4.0.4-8.1
diff -Nru procps-4.0.4/debian/changelog procps-4.0.4/debian/changelog
--- procps-4.0.4/debian/changelog 2025-04-14 09:06:27.000000000 +0100
+++ procps-4.0.4/debian/changelog 2025-07-30 06:36:43.000000000 +0100
@@ -1,3 +1,16 @@
+procps (2:4.0.4-8.1) unstable; urgency=medium
+
+ * Non-maintainer upload.
+
+ [ Craig Small ]
+ * d/changelog: Fix number for skill bug
+
+ [ Andrew Bower ]
+ * Initialise sessions variable in w. (Closes: #1108549)
+ * d/patches: get sessions even if !sd_booted()
+
+ -- Andrew Bower <andrew@bower.uk> Wed, 30 Jul 2025 06:36:43 +0100
+
procps (2:4.0.4-8) unstable; urgency=medium
* Port 4.0.5 patches:
@@ -6,7 +19,7 @@
- library: Use clock_gettime for pids API Closes: #842879
- kill: Correctly parse negative pids
- sysctl: Don't read some keys Closes: #978688
- - skill: Fix lonesome : in help Closes: #1086441
+ - skill: Fix lonesome : in help Closes: #1086641
- sysctl.conf.5 Note changes with systemd Closes: #1077187
- vmstat.8: si/so are changed by --unit Closes: #1061944
- w: Don't crash with short option Closes: #1054345
diff -Nru procps-4.0.4/debian/patches/series procps-4.0.4/debian/patches/series
--- procps-4.0.4/debian/patches/series 2025-04-14 09:06:27.000000000 +0100
+++ procps-4.0.4/debian/patches/series 2025-07-30 06:36:43.000000000 +0100
@@ -21,3 +21,4 @@
library_lxc_leak
sysctl_conf5_update
library_use_clock_gettime
+w_sessions_without_sd
diff -Nru procps-4.0.4/debian/patches/w_sessions_without_sd procps-4.0.4/debian/patches/w_sessions_without_sd
--- procps-4.0.4/debian/patches/w_sessions_without_sd 1970-01-01 01:00:00.000000000 +0100
+++ procps-4.0.4/debian/patches/w_sessions_without_sd 2025-07-30 06:36:43.000000000 +0100
@@ -0,0 +1,66 @@
+From: Andrew Bower <andrew@bower.uk>
+Date: Sun, 27 Jul 2025 22:14:43 +0100
+Bug-Debian: https://bugs.debian.org/1108549
+Subject: w: Get sessions even if !sd_booted()
+
+Use sd_get_sessions() to determine whether systemd-style session recording is
+in use rather than checking for sd_booted(), but only fall back to reading utmp
+if !sd_booted(). This allows sessions to be listed that have been recorded by
+elogind.
+
+---
+ src/w.c | 18 +++++++-----------
+ 1 file changed, 7 insertions(+), 11 deletions(-)
+
+diff --git a/src/w.c b/src/w.c
+index 01652ac..26805ef 100644
+--- a/src/w.c
++++ b/src/w.c
+@@ -964,6 +964,8 @@ void print_user_terminals(
+ int main(int argc, char **argv)
+ {
+ char *match_user = NULL, *p;
++ char **sessions_list;
++ int sessions;
+ utmp_t *u;
+ struct winsize win;
+ int ch;
+@@ -1113,16 +1115,11 @@ int main(int argc, char **argv)
+
+ if (term_mode) {
+ print_user_terminals(longform, maxcmd, from, userlen, fromlen, ip_addresses, pids, info, pids_cache);
+- } else {
+ #if (defined(WITH_SYSTEMD) || defined(WITH_ELOGIND)) && defined(HAVE_SD_SESSION_GET_LEADER)
+- char **sessions_list;
+- int sessions = 0;
+- if (sd_booted() > 0)
+- sessions = sd_get_sessions (&sessions_list);
+- if (sessions < 0 && sessions != -ENOENT)
++ } else if ((sessions = sd_get_sessions (&sessions_list))
++ < 0 && sessions != -ENOENT) {
+ error(EXIT_FAILURE, -sessions, _("error getting sessions"));
+- if (sessions > 0) {
+- //int i;
++ } else if (sessions > 0) {
+ for (int i = 0; i < sessions; i++) {
+ char *class, *name;
+ int r;
+@@ -1146,6 +1143,8 @@ int main(int argc, char **argv)
+ free(sessions_list[i]);
+ }
+ free(sessions_list);
++ } else if (!sd_booted()) {
++#else
+ } else {
+ #endif
+ #ifdef HAVE_UTMPX_H
+@@ -1175,9 +1174,6 @@ int main(int argc, char **argv)
+ endutxent();
+ #else
+ endutent();
+-#endif
+-#if (defined(WITH_SYSTEMD) || defined(WITH_ELOGIND)) && defined(HAVE_SD_SESSION_GET_LEADER)
+- }
+ #endif
+ }
+
diff -Nru procps-4.0.4/debian/patches/w_terminal_mode procps-4.0.4/debian/patches/w_terminal_mode
--- procps-4.0.4/debian/patches/w_terminal_mode 2025-04-14 09:06:27.000000000 +0100
+++ procps-4.0.4/debian/patches/w_terminal_mode 2025-07-30 06:36:43.000000000 +0100
@@ -20,10 +20,13 @@
* From/IP won't work for utmp systems
.
This patch includes the upstreams original commit and the enhancement.
+ .
+ Updated 2025-07-23 to avoid acting on the value of uninitialized sessions
+ variable.
Author: Craig Small <csmall@dropbear.xyz>
Origin: upstream, https://gitlab.com/procps-ng/procps/-/commit/f53cc24d57085c87ebb1871b92c0069b72a60926
Applied-Upstream: 4.0.6
-Last-Update: 2025-04-14
+Last-Update: 2025-07-23
---
This patch header follows DEP-3: http://dep.debian.net/deps/dep3/
--- a/man/w.1
@@ -485,7 +488,7 @@
+ } else {
+#if (defined(WITH_SYSTEMD) || defined(WITH_ELOGIND)) && defined(HAVE_SD_SESSION_GET_LEADER)
+ char **sessions_list;
-+ int sessions;
++ int sessions = 0;
+ if (sd_booted() > 0)
sessions = sd_get_sessions (&sessions_list);
- if (sessions < 0 && sessions != -ENOENT)
--- End Message ---