Re: [pkern@debian.org: Re: Bug#807442: patch]

To: debian-s390@lists.debian.org
Cc: "Wolfgang Taphorn" <TAPHORN@de.ibm.com>, Hendrik Brueckner <brueckner@linux.vnet.ibm.com>, "Stefan Haberland1" <stefan.haberland@de.ibm.com>, "Michael Holzheu" <michael.holzheu@de.ibm.com>
Subject: Re: [pkern@debian.org: Re: Bug#807442: patch]
From: "Sa Liu" <SALIU@de.ibm.com>
Date: Tue, 22 Dec 2015 13:57:58 +0100
Message-id: <[🔎] 201512221258.tBMCw5DL015483@d06av05.portsmouth.uk.ibm.com>
In-reply-to: <OF3F742060.5929B498-ONC1257F1B.0038A213-C1257F1B.0038C997@LocalDomain>
References: <20151214082523.GB5162@linux.vnet.ibm.com> <OFDF86C793.AC961D2B-ONC1257F1B.002FD12F-C1257F1B.003006DE@LocalDomain> <OF3F742060.5929B498-ONC1257F1B.0038A213-C1257F1B.0038C997@LocalDomain>

Hi,

Thanks for the comments to dbginfo.sh.

We added the following patch to restrict access of collected data and to remind customer reviewing the result.

diff --git a/scripts/dbginfo.sh b/scripts/dbginfo.sh index d0e2289..b3938a7 100755 --- a/scripts/dbginfo.sh +++ b/scripts/dbginfo.sh @@ -857,7 +857,7 @@ environment_setup() echo "${DATETIME}" > "${LOCKFILE}" fi - if ! mkdir "${WORKPATH}" 2>/dev/null; then + if ! mkdir -m 0600 "${WORKPATH}" 2>/dev/null; then echo "${SCRIPTNAME}: Error: Target directory \"${WORKPATH}\" already exists or" echo " \"${WORKDIR_BASE}\" does not exist!" exit 1 @@ -879,12 +879,15 @@ create_package() pr_stdout " Please check the directory \"${WORKDIR_BASE}\"" pr_stdout " to provide enough free available space." else + chmod 0600 "${WORKARCHIVE}" pr_stdout " " pr_stdout "Collected data was saved to:" pr_stdout " >> ${WORKARCHIVE} <<" fi pr_stdout " " + pr_stdout "Review the collected data before sending to your service organization. " + pr_stdout " " }

> ----- Forwarded message from Philipp Kern <pkern@debian.org> ----- > > Date: Sun, 13 Dec 2015 15:50:01 +0100 > From: Philipp Kern <pkern@debian.org> > To: dann frazier <dannf@debian.org>, 807442@bugs.debian.org > Cc: Hendrik Brueckner <brueckner@linux.vnet.ibm.com> > Subject: Re: Bug#807442: patch > Message-ID: <[🔎] 20151213145001.GA5173@home.philkern.de> > X-Spam-Status: No, score=0 tagged_above=-9999 required=6.2 tests= > [none] autolearn=disabled > > On Tue, Dec 08, 2015 at 03:17:49PM -0700, dann frazier wrote: > > diff -Nru s390-tools-1.32.0/debian/changelog s390-tools-1.32.0/ > debian/changelog > > --- s390-tools-1.32.0/debian/changelog 2015-10-25 17:12:02.000000000 +0100 > > +++ s390-tools-1.32.0/debian/changelog 2015-12-08 23:14:52.000000000 +0100 > > @@ -1,3 +1,9 @@ > > +s390-tools (1.32.0-2) UNRELEASED; urgency=medium > > + > > + * Add dbginfo.sh. (Closes: #807442) > > + > > + -- dann frazier <dannf@debian.org> Tue, 08 Dec 2015 22:33:52 +0100 > > + > > s390-tools (1.32.0-1) unstable; urgency=medium > > > > * New upstream release > > diff -Nru s390-tools-1.32.0/debian/s390-tools.install s390- > tools-1.32.0/debian/s390-tools.install > > --- s390-tools-1.32.0/debian/s390-tools.install 2014-07-26 23: > 59:18.000000000 +0200 > > +++ s390-tools-1.32.0/debian/s390-tools.install 2015-12-08 23: > 08:30.000000000 +0100 > > @@ -10,6 +10,10 @@ > > /sbin/dasdview > > /usr/share/man/man8/dasdview.8 > > > > +# dbginfo.sh > > +/sbin/dbginfo.sh > > +/usr/share/man/man1/dbginfo.sh.1 > > + > > # fdasd > > /sbin/fdasd > > /usr/share/man/man8/fdasd.8 > > Three comments: > > * dbginfo.sh should tell the user that the information in the tarball > is sensitive. > * The resulting tarball should be 0600 by default. (The script needs > to run as root anyway, but placing the result world-readable in > /tmp does not seem smart.) > * Unless this is expected to be in /sbin, given that it's user > invoked and not usually scripted, should this be in /usr/sbin > instead? > > Kind regards and thanks > Philipp Kern > >

Reply to:

Prev by Date: Re: Bug#808041: s390-zfcp: Install Debian on FC-attached SCSI devices on s390
Next by Date: Please bootstrap uuagc
Previous by thread: Re: Bug#808041: s390-zfcp: Install Debian on FC-attached SCSI devices on s390
Next by thread: Please bootstrap uuagc
Index(es):
- Date
- Thread