Bug#456454: marked as done (apt-listchanges: Runs browser as root; please offer option to run as $SUDO_USER or $APT_LISTCHANGES_USER)

Sun, 17 Apr 2016 15:22:29 -0700 

Your message dated Sun, 17 Apr 2016 22:19:49 +0000
with message-id <[email protected]>
and subject line Bug#456454: fixed in apt-listchanges 3.1
has caused the Debian Bug report #456454,
regarding apt-listchanges: Runs browser as root; please offer option to run as 
$SUDO_USER or $APT_LISTCHANGES_USER
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
456454: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=456454
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: apt-listchanges
Version: 2.79
Severity: normal

Because apt needs to run as root, apt-listchanges runs as root, and
runs the browser as root.  I'd like to run the browser as my user, so
that it picks up my normal settings, opens up a new tab in any
existing browser I have open, and does not clutter ~root with dotfiles
for programs that should not run as root.  Please consider launching
the browser as a designated user instead, such as $SUDO_USER
(available if using sudo), or $APT_LISTCHANGES_USER (which I could set
to `id -un` in ~/.bashrc).

Thanks,
Josh Triplett

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: i386 (i686)

Kernel: Linux 2.6.22-rc1 (PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages apt-listchanges depends on:
ii  apt                           0.7.9      Advanced front-end for dpkg
ii  debconf [debconf-2.0]         1.5.17     Debian configuration management sy
ii  debianutils                   2.28.2     Miscellaneous utilities specific t
ii  python                        2.4.4-6    An interactive high-level object-o
ii  python-apt                    0.7.4      Python interface to libapt-pkg
ii  python-support                0.7.5      automated rebuilding support for p
ii  ucf                           3.004      Update Configuration File: preserv

Versions of packages apt-listchanges recommends:
pn  exim4 | mail-transport-agent  <none>     (no description available)
ii  python-glade2                 2.12.0-2   GTK+ bindings: Glade support
ii  python-gtk2                   2.12.0-2   Python bindings for the GTK+ widge

-- debconf information:
* apt-listchanges/confirm: true
* apt-listchanges/which: both
* apt-listchanges/frontend: browser
* apt-listchanges/email-address:
* apt-listchanges/save-seen: true

--- End Message ---
--- Begin Message --- 
Source: apt-listchanges
Source-Version: 3.1

We believe that the bug you reported is fixed in the latest version of
apt-listchanges, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Robert Luberda <[email protected]> (supplier of updated apt-listchanges package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 17 Apr 2016 23:29:25 +0200
Source: apt-listchanges
Binary: apt-listchanges
Architecture: source all
Version: 3.1
Distribution: experimental
Urgency: medium
Maintainer: Robert Luberda <[email protected]>
Changed-By: Robert Luberda <[email protected]>
Description:
 apt-listchanges - package change history notification tool
Closes: 456454 658444 743366 772663 820732
Changes:
 apt-listchanges (3.1) experimental; urgency=medium
 .
   * Drop root privileges when running commands spawned by browser,
     xterm-browser, and xterm-pager frontends (closes: #456454):
     + a non-privileged user is selected by examining the APT_LISTCHANGES_USER,
       SUDO_USER, and USERNAME environment variables;
     + if temporary directory name ends with '/0', then it is modified to end
       with '/<uid-of-new-user>';
     + a few environment variables (HOME, SHELL, LOGNAME, TMPDIR, etc.)
       are updated;
     + os.spawnl() call was replaced with subprocess.Popen() with its env, and
       preexec_fn params set properly (BTW. this also mean that shell is no
       longer involved in running the commands).
     All the above steps are needed, because `su -c' cannot be used, because it
     detaches from the controlling terminal...
     The pager frontend still runs its command as root, so that it can be usable
     in case of any errors in the implementation of the above logic.
 .
   * Update man page for the above change. Apply some other minor fixes to it.
   * Close temporary files explicitly to have a chance to ignore an error when
     the file has been removed already (closes: #772663).
   * Exit with an error when invalid command line option is given.
   * Permit '+' character in e-mail address while converting output to html.
 .
   * Move the code responsible for handling the seen database to new ALSeenDb.py
     module and:
     + handle the fact that ndbm in python3 adds the '.db' extension by itself,
       and update the postinst script to rename the spurious '.db.db' file
       created by version 3.0  (closes: #820732);
     + increase reliability of saving database changes, and store the previous
       version of the database in 'listchanges-old.db', also update the postrm
       script for the new file;
     + add '--dump-seen' option to display the contents of the database to
       stdout, and mention NFS-sharing in README.Debian (closes: #658444).
 .
   * Mention `NEWS and/or changelog' in README.Debian (closes: #743366), and
     update the description of both the algorithm and recovery procedure.
   * Standards-Version: 3.9.8.
Checksums-Sha1:
 1b3af26d0700c4c022e96c818620115d9f265aba 1668 apt-listchanges_3.1.dsc
 ff3ed38d9be6fa9e07e1ddd8062a0187b3aae8b2 98800 apt-listchanges_3.1.tar.xz
 40cb118cc98dec3ab3f730018aa83995f1b3b0a1 101294 apt-listchanges_3.1_all.deb
Checksums-Sha256:
 2b0cd707f6d818a2da2fef16f234fb715427e1f5368773391605cb998d2c361a 1668 
apt-listchanges_3.1.dsc
 37dd8b417b89a1921c91a23127d2d9083a971823a2d34cd95214f71e5613d0cc 98800 
apt-listchanges_3.1.tar.xz
 e094352f1c7eb1559ba42c4c601ca957e5114f3fc96419d8e466f8977ec6cd1a 101294 
apt-listchanges_3.1_all.deb
Files:
 90f647b370cebb8212f6795e4e321afa 1668 utils standard apt-listchanges_3.1.dsc
 7f01d2a59d042304a94b3cb26382d7e4 98800 utils standard 
apt-listchanges_3.1.tar.xz
 1d7db7fd841cd035c8d994cae6e4ea1b 101294 utils standard 
apt-listchanges_3.1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2

iQIcBAEBCAAGBQJXFANSAAoJEGMd51U76K/U2f8P/3XpHvC7dlj+dTOcHkO423K9
Oj1oww2fh8DO4sZsvhU2Wq5xYMEXb0+fu3PgqicHev/8GrNSsAtjAAedK+7o3uuJ
lPu319eWiwfjFCTikgaN7YJaBmsYzsKit+p4Qj4azcyvC9D3nOLrDfw0IGbnCMb6
iCZLZAIALYk2wEOGkkQdVOVT6Otpt2ti9v14sdRKA79615OYb70cB8L0A8D83HLG
3omfpKME5s5yk/T8BX30Sj6mpM5sDsGCwXoWJfRAHaCYANl0/3974X4JyXCzHBkj
zAR6GGwiyMduYUv2kBXjzrSXwannwu/LIzoeZRkiRzSobYOpo3lNFaid+cqDfwLf
wUQd+y959CguGJthdlATKdlyDBGmqUd7qTkLqauT5FQt1hoToffteko5hYgLhg1T
IIki67vRPcnniiOMDBnaU2mS6nrQDinM1l71xSrZN+gEE3aXJu+Px2v0se0bCERh
aLd3SHqn9hieUBd7+qqWNQwggVf5qOKrgAyoWRnWU4C58hy82C58oUyLxBzGPH6Z
ms+p4bjAKNQMXsCW7IzHPqte9PpoRhFdGerhF2twj80XfxUOElr84kZSXoKZwAsq
9zdZH6WIKWA/kMUYdCsdRqoXvWFlt2cGgzBvdOAf3OVpAllC7V2M9fftahgToGAy
EWlX+PkhNPfV82yiyxOv
=kMlh
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to