Bug#849636: apt-daily: do not use pidof

To: David Kalnischkies <david@kalnischkies.de>, cgzones <cgzones@googlemail.com>, 849636@bugs.debian.org
Subject: Bug#849636: apt-daily: do not use pidof
From: cgzones <cgzones@googlemail.com>
Date: Fri, 24 Feb 2017 14:14:14 +0100
Message-id: <[🔎] CAJ2a_DfUrrw1rNqKAEnVcqMKoYJZCfNaNRgqP9bmWXKmPKb18Q@mail.gmail.com>
Reply-to: cgzones <cgzones@googlemail.com>, 849636@bugs.debian.org
In-reply-to: <CAJ2a_DfBd+DsNTk-k1udMJmNyapV8j9HMdfTqY0eUjo2B2Q7Gg@mail.gmail.com>
References: <CAJ2a_DdnKG6=G0gOLYjXev2+T8Ht=OGtCWtWiTA39xpkqQroxw@mail.gmail.com> <20161230204339.u77fjkfrdxnh6dpa@crossbow> <CAJ2a_DfBd+DsNTk-k1udMJmNyapV8j9HMdfTqY0eUjo2B2Q7Gg@mail.gmail.com>

Any news on this?
I currently use this patch:

--- apt.systemd.daily.backup    2017-02-13 16:32:21.288138322 +0100
+++ apt.systemd.daily   2017-02-13 16:32:51.717937100 +0100
@@ -1,5 +1,5 @@
#!/bin/sh
-#set -e
+set -e
#
# This file understands the following apt configuration variables:
# Values here are the default.
@@ -400,8 +400,8 @@
if check_stamp $UPDATE_STAMP $UpdateInterval; then
    if eval apt-get $XAPTOPT -y update $XSTDERR; then
       debug_echo "download updated metadata (success)."
-       if which dbus-send >/dev/null 2>&1 && pidof dbus-daemon
>/dev/null 2>&1; then
-           if dbus-send --system / app.apt.dbus.updated boolean:true ; then
+       if which dbus-send >/dev/null 2>&1; then
+           if dbus-send --system / app.apt.dbus.updated boolean:true
>/dev/null 2>&1; then
               debug_echo "send dbus signal (success)"
           else
               debug_echo "send dbus signal (error)"

One could also check for the existence of /run/dbus/system_bus_socket
via [ -S /run/dbus/system_bus_socket ]

2016-12-31 15:00 GMT+01:00 cgzones <cgzones@googlemail.com>:
> First I'd like to question if the dbus code is needed? A quick debian
> codesearch shows no other usages:
> https://codesearch.debian.net/search?q=app%5C.apt
>
> Do we need to check if dbus is running or is it sufficient to simply
> try silently via:
>
> if which dbus-send >/dev/null 2>&1; then
>     if dbus-send --system / app.apt.dbus.updated boolean:true >
> /dev/null 2>&1; then
>
> Kindly Regards,
>     Christian Göttsche
>
> 2016-12-30 21:43 GMT+01:00 David Kalnischkies <david@kalnischkies.de>:
>> Control: severity -1 wishlist
>>
>> On Thu, Dec 29, 2016 at 12:22:02PM +0100, cgzones wrote:
>>> The script '/usr/lib/apt/apt.systemd.daily' uses 'pidof dbus-daemon'
>>> to check whether dbus is running and whether to send a message.
>>> With SELinux enabled this causes avc denials like:
>> […]
>>> I do not like to grant apt these permissions but I also want apt to
>>> announce an update to dbus,
>>> so can you rework the dbus check?
>>
>> Perhaps. Given you are the first person in 8 years to complain about
>> this (#438803) perhaps you have also an idea how as I have neither
>> a SELinux setup nor know what you would deem acceptable.
>>
>> (truth be told, I don't even use that cron job, so I am not going to be
>> available for review above very trivial changes and even that…)
>>
>> I guess we could use (pseudo code) "if systemd; then systemctl is-active
>> dbus; else pidof dbus; fi" but that would really need someone to verify
>> that this has the intended result (and is available in your setup).
>>
>>
>> Best regards
>>
>> David Kalnischkies

Reply to:

Prev by Date: RFC: Modern digests for buster (BLAKE2?)
Next by Date: Bug#855937: marked as done (apt-get's error messages don't include its name.)
Previous by thread: RFC: Modern digests for buster (BLAKE2?)
Next by thread: Processed: tagging 855937, severity of 855937 is wishlist
Index(es):
- Date
- Thread