Your message dated Sun, 02 Apr 2006 10:17:20 -0700 with message-id <[EMAIL PROTECTED]> and subject line Bug#276419: fixed in shadow 1:4.0.15-2 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: login Version: 20000902-12 Severity: important File: /bin/su The manual page su(1) says: NAME su - Change user ID or become super-user SYNOPSIS su [OPTS] [-] [username [ARGS]] Description of the bug: su appends the ARGS to the command line rather than simply passing them to execvp (see execvp(3)) as an argument vector (char *const argv[]) when executing the shell to be run. To expose the error, run the following command: $ su --shell=/bin/sh -c 'printf :%q:\\n ${1+"$@"}' "$USER" \ sh su concatenates the "shell's" positional parameters \ rather than passing them to execvp which produces the output (type in your password): Password: sh: -c: line 1: unexpected EOF while looking for matching `'' sh: -c: line 2: syntax error: unexpected end of file Quoting the manual page su(1), Any arguments supplied after the username will be passed to the invoked shell (shell must support the -c command line option in order for a command to be passed to it). the expected output would be: :su: :concatenates: :the: :shell\'s: :positional: :parameters: :rather: :than: :passing: :them: :to: :execvp: as can be seen when running the following command (which should be equivalent with respect to running the shell): $ /bin/sh -c 'printf :%q:\\n ${1+"$@"}' \ sh su concatenates the "shell's" positional parameters \ rather than passing them to execvp -- System Information Debian Release: 3.0 Architecture: i386 Kernel: Linux kugelfisch 2.4.18-bf2.4 #1 Son Apr 14 09:53:28 CEST 2002 i686 Locale: LANG=C, LC_CTYPE=de_DE Versions of packages login depends on: ii libc6 2.2.5-11.5 GNU C Library: Shared libraries an ii libpam-modules 0.72-35 Pluggable Authentication Modules f ii libpam0g 0.72-35 Pluggable Authentication Modules l -- Wenn Sie mir E-Mail schreiben, stellen | When writing me e-mail, please Sie bitte vor meine E-Mail-Adresse | precede my e-mail address with meinen Vor- und Nachnamen, etwa so: | my full name, like Helmut Waitzmann <[EMAIL PROTECTED]>, (Helmut Waitzmann) [EMAIL PROTECTED]
--- End Message ---
--- Begin Message ---Source: shadow Source-Version: 1:4.0.15-2 We believe that the bug you reported is fixed in the latest version of shadow, which is due to be installed in the Debian FTP archive: login_4.0.15-2_i386.deb to pool/main/s/shadow/login_4.0.15-2_i386.deb passwd_4.0.15-2_i386.deb to pool/main/s/shadow/passwd_4.0.15-2_i386.deb shadow_4.0.15-2.diff.gz to pool/main/s/shadow/shadow_4.0.15-2.diff.gz shadow_4.0.15-2.dsc to pool/main/s/shadow/shadow_4.0.15-2.dsc A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Christian Perrier <[EMAIL PROTECTED]> (supplier of updated shadow package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Sun, 2 Apr 2006 12:45:49 +0200 Source: shadow Binary: login passwd Architecture: source i386 Version: 1:4.0.15-2 Distribution: unstable Urgency: low Maintainer: Shadow package maintainers <[EMAIL PROTECTED]> Changed-By: Christian Perrier <[EMAIL PROTECTED]> Description: login - system login tools passwd - change and administer password and group data Closes: 276419 355070 359163 360179 360276 Changes: shadow (1:4.0.15-2) unstable; urgency=low . * The "Pavé d'Auge" release * Debian packaging fixes: - Only replace manpages-es << 1.55-4. Thanks to Rubén - Include chgpasswd in shipped files. Really Closes: #355070 - parse /etc/default/locale for locale environment variables in login and su default PAM configuration files. Thanks to Denis Barbier for the patch. Closes: #359163 - su: Do not concatenate the additional arguments, and support an environment variable to revert to the old Debian's su behavior. Closes: #276419 To avoid breaking packages using the old-style way to pass arguments, set Conflicts with "gnunet, amavisd-new, python-4suite, backupninja (<= 0.9.3-4), echolot (<< 2.1.8-4)" - 467_useradd_-r_LSB. Do not forgot to change the owner of the new home directory. Closes: #360179 * Upstream bugs or fixes not already fixed in upstream releases or CVS: - 486_chgpasswd.8: add a manpage for chgpasswd. * Upstream bugs or fixes fixed in upstream releases or CVS: - 492_correct_exit_status_for_run_commands: correct the exit status of su when the invoked command fails. Closes: #360276 Files: c53e405de5f3aff5b2f130603984a0a9 964 admin required shadow_4.0.15-2.dsc 1e02cbcc74f1254f0804032b7eb09ad1 164304 admin required shadow_4.0.15-2.diff.gz dd17b3c9717b4cfb8bf6c927b9c215bf 745490 admin required passwd_4.0.15-2_i386.deb 3df6ae24a264c434f5e280ebe1c43ff5 710842 admin required login_4.0.15-2_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) iD8DBQFEMASO1OXtrMAUPS0RApX2AJ9Dayd00oUFWMS19dMPh7V2YX/YVQCePtTj wlZNvWu2kl5dWgPh8nD8en0= =LoT/ -----END PGP SIGNATURE-----
--- End Message ---
