Bug#542924: marked as done (sudo: Please move init.d scripts from rcS.d/ to runlevels 0-6)

Mon, 31 Aug 2009 18:08:06 -0700 

Your message dated Tue, 01 Sep 2009 00:45:30 +0000
with message-id <[email protected]>
and subject line Bug#542924: fixed in sudo 1.7.2p1-1
has caused the Debian Bug report #542924,
regarding sudo: Please move init.d scripts from rcS.d/ to runlevels 0-6
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
542924: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=542924
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: sudo
Version: 1.6.9p15-1
Severity: wishlist

A long term goal for me with the boot system, is to be able to allow
those interested to create a runlevel where the network is not yet
enabled.  For that to happen, several scripts (everything depending on
$network and $remote_fs) need to move out of rcS.d and into the real
runlevel directories rc0.d - rc6.d.  The sudo script is one of them.

Would you be willing to move the init.d script from rcS.d/ to rc1.d/ -
rc5.d/?  The effect as seen from the sudo subsystem would be the same
(the script would run once during boot), but it would have some
interesting side effects.  First of all, it would reduce the number of
scripts running in rcS.d, and make it easier to migrate mountnfs.sh
out of rcS.d/ It would also increase the amount of scripts running in
parallel when enabling concurrent booting.

One question is if it is important to run the sudo init.d script
before entering single user (which is not the same as runlevel 1).  If
not, the script only need to be enabled for runlevels 2-5.

If the script is moved, I suspect it should have some reverse
dependencies, to make sure it run before other scripts allowing users
to log in.  I suspect the rmnologin script would be a good candidate.

This is a patch to implement the init.d script header change.

diff -ur sudo-1.7.2/debian/sudo-ldap.sudo.init 
sudo-1.7.2-pere/debian/sudo-ldap.sudo.init
--- sudo-1.7.2/debian/sudo-ldap.sudo.init       2009-08-22 11:23:24.000000000 
+0200
+++ sudo-1.7.2-pere/debian/sudo-ldap.sudo.init  2009-08-22 11:24:57.000000000 
+0200
@@ -1,10 +1,11 @@
 #! /bin/sh

 ### BEGIN INIT INFO
-# Provides:          sudo
+# Provides:          sudo-ldap
 # Required-Start:    $local_fs $remote_fs
 # Required-Stop:
-# Default-Start:     S
+# X-Start-Before:    rmnologin
+# Default-Start:     2 3 4 5
 # Default-Stop:
 ### END INIT INFO

diff -ur sudo-1.7.2/debian/sudo.sudo.init sudo-1.7.2-pere/debian/sudo.sudo.init
--- sudo-1.7.2/debian/sudo.sudo.init    2009-08-22 11:23:24.000000000 +0200
+++ sudo-1.7.2-pere/debian/sudo.sudo.init       2009-08-22 11:24:01.000000000 
+0200
@@ -4,7 +4,8 @@
 # Provides:          sudo
 # Required-Start:    $local_fs $remote_fs
 # Required-Stop:
-# Default-Start:     S
+# X-Start-Before:    rmnologin
+# Default-Start:     2 3 4 5
 # Default-Stop:
 ### END INIT INFO


In addition to this change, the update-rc.d call in the postinst need
to be changed to reflect the new runlevels and position, and some code
to migrate the script from rcS.d/ to the new settings need to be
added.  It could for example look like this:

 case "$1" in
    configure)
        ...
        if [ "$2" != "" ] && dpkg --compare-versions "$2" lt 1.7.2-3; then
            update-rc.d -f sudo remove >/dev/null
        fi
        update-rc.d sudo start 20 2 3 4 5 . >/dev/null
        ...
        ;;
  esac

Similar code is needed for sudo-ldap.

Happy hacking,
-- 
Petter Reinholdtsen

--- End Message ---
--- Begin Message --- 
Source: sudo
Source-Version: 1.7.2p1-1

We believe that the bug you reported is fixed in the latest version of
sudo, which is due to be installed in the Debian FTP archive:

sudo-ldap_1.7.2p1-1_i386.deb
  to pool/main/s/sudo/sudo-ldap_1.7.2p1-1_i386.deb
sudo_1.7.2p1-1.diff.gz
  to pool/main/s/sudo/sudo_1.7.2p1-1.diff.gz
sudo_1.7.2p1-1.dsc
  to pool/main/s/sudo/sudo_1.7.2p1-1.dsc
sudo_1.7.2p1-1_i386.deb
  to pool/main/s/sudo/sudo_1.7.2p1-1_i386.deb
sudo_1.7.2p1.orig.tar.gz
  to pool/main/s/sudo/sudo_1.7.2p1.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Bdale Garbee <[email protected]> (supplier of updated sudo package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 31 Aug 2009 14:09:32 -0600
Source: sudo
Binary: sudo sudo-ldap
Architecture: source i386
Version: 1.7.2p1-1
Distribution: unstable
Urgency: low
Maintainer: Bdale Garbee <[email protected]>
Changed-By: Bdale Garbee <[email protected]>
Description: 
 sudo       - Provide limited super user privileges to specific users
 sudo-ldap  - Provide limited super user privileges to specific users
Closes: 89743 271813 539994 542924
Changes: 
 sudo (1.7.2p1-1) unstable; urgency=low
 .
   * new upstream version
   * add support for /etc/sudoers.d using #includedir in default sudoers,
     which I think is also a good solution to the request for a crontab-like
     API requested in March of 2001, closes: #539994, #271813, #89743
   * move init.d script from using rcS.d to rc[0-6].d, closes: #542924
Checksums-Sha1: 
 c2c0dbd5b92bfedd3a877cdf1fa042ed264e6c46 1002 sudo_1.7.2p1-1.dsc
 2ef461d840110d2c9160db142336591775ede67a 771059 sudo_1.7.2p1.orig.tar.gz
 5724fe2204dd51aeb2f7fe6236aee000b0f4115c 20744 sudo_1.7.2p1-1.diff.gz
 ad2a63235e8d889b97ad7cee2cb21a1f03efa377 306252 sudo_1.7.2p1-1_i386.deb
 1a6f134272c9cc57157467ba81b349e9f00cc485 330498 sudo-ldap_1.7.2p1-1_i386.deb
Checksums-Sha256: 
 10223cd17c98ea1a89eb73e481d2b2517f14937ec1f311f23638f3fc360fff8d 1002 
sudo_1.7.2p1-1.dsc
 34d11a1dd8bace0885f55b4c8bddda1da29993ff8d7174099e25bd80db1eaf7f 771059 
sudo_1.7.2p1.orig.tar.gz
 33a9f0d5f2ef320a85b4247dfa16e918ab20e012ba40a9698610465cafa59d4b 20744 
sudo_1.7.2p1-1.diff.gz
 2e09dd9effdc90fee9aaa6d9b9775778fea876c0402c07a8f5cd8075df90cebc 306252 
sudo_1.7.2p1-1_i386.deb
 853b4675fb8766b16db2a86eb88de1fce9191a5e4194d5c51413755fce0ca54e 330498 
sudo-ldap_1.7.2p1-1_i386.deb
Files: 
 f77fd60f7b87a085e77fe8fc5220909f 1002 admin optional sudo_1.7.2p1-1.dsc
 4449d466a774f5ce401c9c0e3866c026 771059 admin optional sudo_1.7.2p1.orig.tar.gz
 7b26f00f8700c52c87923074e0d2a7d1 20744 admin optional sudo_1.7.2p1-1.diff.gz
 77452b0e6b1d9582dadc00c4b3a3ad17 306252 admin optional sudo_1.7.2p1-1_i386.deb
 a5f106e21158cf90798cdae14941dc95 330498 admin optional 
sudo-ldap_1.7.2p1-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFKnEU1ZKfAp/LPAagRAkQqAJ94ue8LEDqO7wL6CxcoQl2m3eEAqwCdFZhs
GrUTwLp4woUjhZaMujY9sKk=
=IiC4
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to