Your message dated Mon, 19 Sep 2016 20:11:44 +0000
with message-id <e1bm4um-0006oh...@franck.debian.org>
and subject line Bug#835516: fixed in sed 4.2.2-4+deb8u1
has caused the Debian Bug report #835516,
regarding General: Incorrect permissions on /bin for Debian Jessie
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
835516: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=835516
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: general
Severity: important

Dear Debian developers,

I am currently testing ISPConfig with Debian Jessie and Jailkit.

Apparently the chrooted SSH users are not able to log on. I'm using
Debian GNU/Linux Jessie (8.5) with Jailkit 2.19. When reviewing
/var/log/auth.log at the time that the users try to connect via SSH, is
logged something as the following:

-------------------------------------------------------------------------
Jun 27 15:37:57 ispconfig jk_chrootsh[19240]: path 
/var/www/clients/client1/web7/bin/ is group writable
Jun 27 15:37:57 ispconfig jk_chrootsh[19240]: abort, 
/var/www/clients/client1/web7 is not a safe jail, check ownership and 
permissions.
-------------------------------------------------------------------------

Adding the following to
/usr/local/ispconfig/server/scripts/create_jailkit_chroot.sh solves the
problem:

chmod g-w $CHROOT_HOMEDIR/bin

I think that jailkit just copies the permissions that Debian has set as
default for /bin which are different now according to the jailkit shell.

There seems to be a difference in the permissions for stable compared to
oldstable:

-------------------------------------------------------------------------
root@pfc:~# cat /etc/debian_version
7.10
root@pfc:~# ls -ld /bin/
drwxr-xr-x 2 root root 4096 mar  6 16:14 /bin/
-------------------------------------------------------------------------

-------------------------------------------------------------------------
root@ispconfig:/var/www/clients/client1/web11# cat /etc/debian_version
8.5
root@ispconfig:/var/www/clients/client1/web11# ls -ld /bin/
drwxrwxr-x 2 root root 4096 Jun  9 16:20 /bin/
root@ispconfig:/var/www/clients/client1/web11# ls -ld ./bin/
drwxr-xr-x 2 root root 4096 Jun 28 15:37 ./bin/
-------------------------------------------------------------------------

Although I'm not sure why the Debian developers did this change or if it
is a bug.


Kind regards,
Daniel



-- System Information:
Debian Release: 8.5
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=es_AR.UTF-8, LC_CTYPE=es_AR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)


-- 
Ing. Daniel Bareiro

Opción Libre - Soberanía tecnológica para su empresa
WWW: http://www.opcion-libre.com.ar
Tel: +54 11 5235-3090
Correo-e: conta...@opcion-libre.com.ar

Attachment: signature.asc
Description: Digital signature


--- End Message ---
--- Begin Message ---
Source: sed
Source-Version: 4.2.2-4+deb8u1

We believe that the bug you reported is fixed in the latest version of
sed, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 835...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Clint Adams <cl...@debian.org> (supplier of updated sed package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Fri, 09 Sep 2016 18:07:57 -0400
Source: sed
Binary: sed
Architecture: source
Version: 4.2.2-4+deb8u1
Distribution: stable
Urgency: medium
Maintainer: Clint Adams <cl...@debian.org>
Changed-By: Clint Adams <cl...@debian.org>
Description:
 sed        - The GNU sed stream editor
Closes: 774347 835516
Changes:
 sed (4.2.2-4+deb8u1) stable; urgency=medium
 .
   [ Jérémy Bobbio ]
   * Ensure consistent permissions with different umasks.
     closes: #774347, #835516.
Checksums-Sha1:
 e121bfb594c17b358ca85d2d29adeecd71d2d52e 1495 sed_4.2.2-4+deb8u1.dsc
 3b856eead9f5b2d0b8f44b460a8b9e478b03e44d 57724 sed_4.2.2-4+deb8u1.debian.tar.xz
Checksums-Sha256:
 c8f47bac04e1b1d59fc433de2f977c6d08e40eefbdb10cabb7650297c0c12929 1495 
sed_4.2.2-4+deb8u1.dsc
 ba9b84ebb251edc7c78b3b4c715cfacc6fdd263997a92269a0282469d226557d 57724 
sed_4.2.2-4+deb8u1.debian.tar.xz
Files:
 48df6600fccb9ad57abf52842593f940 1495 utils required sed_4.2.2-4+deb8u1.dsc
 a4eb27c400c07c5d625f25832684269b 57724 utils required 
sed_4.2.2-4+deb8u1.debian.tar.xz

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBCAAGBQJX1rPrAAoJEEHOfwufG4syc/EH/3ofNrwIwNXahcwk+4H2WuAN
3YSWHh8KQptxyx1bNKunHfUwT/Ws4n1RzWuNfpZ6zeOF0axQjjAomJot8nMpz7uS
gmM2Qhr/8QRGevncM8JyLsozTmLbzsZiovR4FWxvM2KbuN0rMHO+j2o0D/fWO/WT
iFs/7cHQQ3BGbGfHzDtr/a5aFiWtij533dacQsTvT7Vi3kDJ9jt1YDuNfK4GjzCz
sX6RaTF0+mVAxLNGcF4+CER1rl/Vp22Ckr8LebfC56G4NElo3WMbZYmHt28zL6Sa
WWCyyw1gBtNF8lHnUwhVFR4GH1ThsH3Uql70lhr5BQvWTmJfw0r6FWVSBOj6ScM=
=PtF1
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to