Your message dated Sun, 04 Nov 2018 17:15:24 +0000
with message-id <[email protected]>
and subject line Bug#911416: Removed package(s) from unstable
has caused the Debian Bug report #534976,
regarding consolekit: does not preserve state during daemon restarts
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
534976: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=534976
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: consolekit
Version: 0.3.0-2
Severity: important
Hi!
As explained in bug #527846 (see its complete log, for more context),
if a security update on one of the dependencies creates the *need*
to restart console-kit-daemon, I find myself with the following
dilemma:
(a) I kill the daemon and wait for D-Bus to start it again
(b) I stay with the insecure daemon running
(c) I reboot the entire system
Since there's apparently no way to restart the daemon while
preserving its state, if I choose (a), I loose all registered sessions
and could encounter awkward side-effects.
On the other hand, (b) is not a viable option, when security is
involved.
Finally, (c) is simply *unacceptable*, especially for a production
box where more than one user may be using the system, e.g. via SSH.
For instance, think of a scientific computation workstation where users
start long-running number crunching programs.
The *only* case where I can live with the need to reboot the whole
system is when the kernel is updated for security reasons.
I really think that a daemon that cannot be safely restarted without
unexpected consequences is badly designed.
There *must* be a safe way to restart the daemon without unintended
weird behaviors.
Hence the severity of this bug is at least "important" (if not higher).
I strongly recommend fixing this design flaw.
I don't know exactly how this could be done: maybe there should
be a signal (e.g.: SIGHUP, or even SIGTERM) that forces the daemon to
save its state somewhere on the filesystem (probably somewhere
under /var/lib , if I understand the FHS correctly), so that the state
can be restored as soon as the daemon is started again.
Another strategy could be that the daemon always keeps its state on the
filesystem, and only wipes it out when it has to. This way, stop/start
cycles for the daemon would not have a strong impact on the system
behavior.
There are probably better solutions...
Please fix this issue, and/or forward the bug report to upstream, as
appropriate.
Thanks in advance.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (800, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages consolekit depends on:
ii dbus 1.2.12-1 simple interprocess messaging syst
ii libc6 2.9-12 GNU C Library: Shared libraries
ii libck-connector0 0.3.0-2 ConsoleKit libraries
ii libdbus-1-3 1.2.12-1 simple interprocess messaging syst
ii libdbus-glib-1-2 0.80-4 simple interprocess messaging syst
ii libglib2.0-0 2.20.1-2 The GLib library of C routines
ii libx11-6 2:1.2.1-1 X11 client-side library
ii zlib1g 1:1.2.3.3.dfsg-13 compression library - runtime
Versions of packages consolekit recommends:
ii libpam-ck-connector 0.3.0-2 ConsoleKit PAM module
consolekit suggests no packages.
-- no debconf information
--- End Message ---
--- Begin Message ---
Version: 0.4.6-6.1+rm
Dear submitter,
as the package consolekit has just been removed from the Debian archive
unstable we hereby close the associated bug reports. We are sorry
that we couldn't deal with your issue properly.
For details on the removal, please see https://bugs.debian.org/911416
The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.
This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
[email protected].
Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)
--- End Message ---
