Bug#1119142: marked as done (trixie-pu: package rust-virtiofsd/1.13.2-1+deb13u1)

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Subject: Bug#1119142: marked as done (trixie-pu: package rust-virtiofsd/1.13.2-1+deb13u1)
From: "Debian Bug Tracking System" <owner@bugs.debian.org>
Date: Sat, 15 Nov 2025 11:24:13 +0000
Message-id: <[🔎] handler.1119142.D1119142.17632057324150514.ackdone@bugs.debian.org>
Reply-to: 1119142@bugs.debian.org
References: <736c7150dc08501cc89945035c406eaf9688e144.camel@adam-barratt.org.uk> <176157611606.488580.17567658870774458914.reportbug@localhost>

Your message dated Sat, 15 Nov 2025 11:21:45 +0000
with message-id <736c7150dc08501cc89945035c406eaf9688e144.camel@adam-barratt.org.uk>
and subject line Closing requests for updates included in 13.2
has caused the Debian Bug report #1119142,
regarding trixie-pu: package rust-virtiofsd/1.13.2-1+deb13u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
1119142: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1119142
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems

--- Begin Message ---

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: trixie-pu: package rust-virtiofsd/1.13.2-1+deb13u1
From: Michael Tokarev <mjt@tls.msk.ru>
Date: Mon, 27 Oct 2025 17:41:56 +0300
Message-id: <176157611606.488580.17567658870774458914.reportbug@localhost>

Package: release.debian.org
Severity: normal
Tags: trixie
X-Debbugs-Cc: rust-virtiofsd@packages.debian.org
Control: affects -1 + src:rust-virtiofsd
User: release.debian.org@packages.debian.org
Usertags: pu

[ Reason ]
There's a dependency missing for virtiofsd package, -
which is bug #1109051.

The problem here is that virtiofsd does not run in its most
common and most secure configuration.  It is more, -- there's
no (visible) error messages anywhere, and the user faces a
void with cryptic error messages.  Even experienced debian
users are unable to figure out what's happening.

This update adds a new dependency for virtiofsd on uidmap package,
which provides the required functionality.

Arguable it can be added to Recommends instead, but I think
hard dependency is better in this case.

Speaking of the new dependency, - it is one of a few very basic
system packages which comes from shadow-utils source.  Yes, it
contains suid-root helpers, but overall it's a small self-contained
package for which there should be no issues to install.

[ Tests ]
It's basically not applicable.  Yes, with the installation of
uidmap package, the bug in question is fixed.

[ Risks ]
There's no change in the package itself besides adding a single
new entry to the Depends: line.  The only possible risk comes from
the uidmap package itself, - some might find it not good when there's
a new suid-root binary on their system.  We have `su' already, though.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable


Thanks,

/mjt


diff -Nru rust-virtiofsd-1.13.2/debian/changelog rust-virtiofsd-1.13.2/debian/changelog
--- rust-virtiofsd-1.13.2/debian/changelog	2025-07-10 20:02:47.000000000 +0300
+++ rust-virtiofsd-1.13.2/debian/changelog	2025-10-27 17:18:13.000000000 +0300
@@ -1,3 +1,12 @@
+rust-virtiofsd (1.13.2-1+deb13u1) trixie; urgency=medium
+
+  * add Depends: uidmap.  Closes: #1109051
+    virtiofsd uses uidmap when run in a user namespace,
+    and this is the most secure way to use it.
+    So uidmap package is basically required.
+
+ -- Michael Tokarev <mjt@tls.msk.ru>  Mon, 27 Oct 2025 17:18:13 +0300
+
 rust-virtiofsd (1.13.2-1) unstable; urgency=medium
 
   * Package virtiofsd 1.13.2 from crates.io using debcargo 2.7.8
diff -Nru rust-virtiofsd-1.13.2/debian/control rust-virtiofsd-1.13.2/debian/control
--- rust-virtiofsd-1.13.2/debian/control	2025-07-10 20:02:47.000000000 +0300
+++ rust-virtiofsd-1.13.2/debian/control	2025-10-27 17:18:13.000000000 +0300
@@ -101,7 +101,8 @@
 Depends:
  ${misc:Depends},
  ${shlibs:Depends},
- ${cargo:Depends}
+ ${cargo:Depends},
+ uidmap
 Recommends:
  ${cargo:Recommends}
 Suggests:
diff -Nru rust-virtiofsd-1.13.2/debian/debcargo.toml rust-virtiofsd-1.13.2/debian/debcargo.toml
--- rust-virtiofsd-1.13.2/debian/debcargo.toml	2025-07-10 20:02:47.000000000 +0300
+++ rust-virtiofsd-1.13.2/debian/debcargo.toml	2025-10-27 17:18:13.000000000 +0300
@@ -8,6 +8,7 @@
 
 [packages.bin]
 section = "otherosfs"
+depends = ["uidmap"]
 # we replace file in qemu-system-common:
 # /usr/share/qemu/vhost-user/50-qemu-virtiofsd.json
 extra_lines = [

--- End Message ---

--- Begin Message ---

To: 1110859-done@bugs.debian.org, 1111236-done@bugs.debian.org, 1111733-done@bugs.debian.org, 1111734-done@bugs.debian.org, 1111808-done@bugs.debian.org, 1111819-done@bugs.debian.org, 1112097-done@bugs.debian.org, 1112120-done@bugs.debian.org, 1112256-done@bugs.debian.org, 1112261-done@bugs.debian.org, 1112276-done@bugs.debian.org, 1112282-done@bugs.debian.org, 1112283-done@bugs.debian.org, 1112380-done@bugs.debian.org, 1112479-done@bugs.debian.org, 1112557-done@bugs.debian.org, 1112668-done@bugs.debian.org, 1112671-done@bugs.debian.org, 1113711-done@bugs.debian.org, 1113750-done@bugs.debian.org, 1113757-done@bugs.debian.org, 1113761-done@bugs.debian.org, 1113778-done@bugs.debian.org, 1113799-done@bugs.debian.org, 1113804-done@bugs.debian.org, 1113860-done@bugs.debian.org, 1113882-done@bugs.debian.org, 1113902-done@bugs.debian.org, 1113904-done@bugs.debian.org, 1113961-done@bugs.debian.org, 1113979-done@bugs.debian.org, 1114595-done@bugs.debian.org, 1114684-done@bugs.debian.org, 1114755-done@bugs.debian.org, 1114855-done@bugs.debian.org, 1114929-done@bugs.debian.org, 1114979-done@bugs.debian.org, 1115257-done@bugs.debian.org, 1115486-done@bugs.debian.org, 1115530-done@bugs.debian.org, 1115749-done@bugs.debian.org, 1115815-done@bugs.debian.org, 1115860-done@bugs.debian.org, 1115899-done@bugs.debian.org, 1115914-done@bugs.debian.org, 1116012-done@bugs.debian.org, 1116020-done@bugs.debian.org, 1116040-done@bugs.debian.org, 1116053-done@bugs.debian.org, 1116127-done@bugs.debian.org, 1116196-done@bugs.debian.org, 1116201-done@bugs.debian.org, 1116386-done@bugs.debian.org, 1116523-done@bugs.debian.org, 1116526-done@bugs.debian.org, 1116547-done@bugs.debian.org, 1116575-done@bugs.debian.org, 1116665-done@bugs.debian.org, 1116705-done@bugs.debian.org, 1116938-done@bugs.debian.org, 1116945-done@bugs.debian.org, 1116983-done@bugs.debian.org, 1117467-done@bugs.debian.org, 1117469-done@bugs.debian.org, 1117828-done@bugs.debian.org, 1117843-done@bugs.debian.org, 1117876-done@bugs.debian.org, 1117909-done@bugs.debian.org, 1118008-done@bugs.debian.org, 1118037-done@bugs.debian.org, 1118047-done@bugs.debian.org, 1118228-done@bugs.debian.org, 1118374-done@bugs.debian.org, 1118434-done@bugs.debian.org, 1118443-done@bugs.debian.org, 1118458-done@bugs.debian.org, 1118547-done@bugs.debian.org, 1118657-done@bugs.debian.org, 1118663-done@bugs.debian.org, 1118673-done@bugs.debian.org, 1118674-done@bugs.debian.org, 1118737-done@bugs.debian.org, 1119085-done@bugs.debian.org, 1119088-done@bugs.debian.org, 1119115-done@bugs.debian.org, 1119136-done@bugs.debian.org, 1119142-done@bugs.debian.org, 1119256-done@bugs.debian.org, 1119286-done@bugs.debian.org, 1119287-done@bugs.debian.org, 1119288-done@bugs.debian.org, 1119291-done@bugs.debian.org, 1119301-done@bugs.debian.org, 1119303-done@bugs.debian.org, 1119719-done@bugs.debian.org, 1119798-done@bugs.debian.org, 1119854-done@bugs.debian.org, 1119909-done@bugs.debian.org, 1120048-done@bugs.debian.org, 1120050-done@bugs.debian.org, 1120054-done@bugs.debian.org, 1120125-done@bugs.debian.org, 1120129-done@bugs.debian.org, 1120143-done@bugs.debian.org, 1120145-done@bugs.debian.org, 1120148-done@bugs.debian.org, 1120151-done@bugs.debian.org, 1120262-done@bugs.debian.org, 1120278-done@bugs.debian.org, 1120289-done@bugs.debian.org, 1120325-done@bugs.debian.org, 1120345-done@bugs.debian.org, 1120350-done@bugs.debian.org, 1120358-done@bugs.debian.org, 1120360-done@bugs.debian.org, 1120445-done@bugs.debian.org

Subject: Closing requests for updates included in 13.2

From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Date: Sat, 15 Nov 2025 11:21:45 +0000

Message-id: <736c7150dc08501cc89945035c406eaf9688e144.camel@adam-barratt.org.uk>
Package: release.debian.org
Version: 13.2

Hi,

The updates referenced in each of these bugs were included in today's
13.2 trixie point release.

Regards,

Adam
--- End Message ---

Reply to:

Prev by Date: Bug#1119085: marked as done (trixie-pu: package openvpn-auth-radius/2.1-9+deb13u1)
Next by Date: Bug#1119286: marked as done (trixie-pu: package fonts-noto-color-emoji/2.051-0+deb13u1)
Previous by thread: Bug#1119085: marked as done (trixie-pu: package openvpn-auth-radius/2.1-9+deb13u1)
Next by thread: Bug#1119286: marked as done (trixie-pu: package fonts-noto-color-emoji/2.051-0+deb13u1)
Index(es):
- Date
- Thread