First of all, IMHO k3bsetup should remain part of the debian k3b package. It is a handy tool to change the permissions of the cdwriter devices and of the binaries - if needed. However, I do agree that it makes sense to set only the required permissions and if my cdwriter device is "rw-rw---- root cdrom" and I'm in group cdrom then there's no need to run anything set-uid root. So the best way to go would be: keep k3bsetup (especially for the users which are not so comfortable with the command line) but also keep the set-uid root stuff at a minimum.
Now for the actual problem that makes k3bsetup malfunction. I did a trace of
the system calls that
are executed during the update (and that lead to the observed problem). What I
see is:
2912 execve("/usr/sbin/dpkg-statoverride --quiet --remove ",
["/usr/sbin/dpkg-statoverride
--qu"..., "/usr/bin/cdrdao"]) = -1 ENOENT (No such file or directory)
2913 execve("/usr/sbin/dpkg-statoverride --quiet --update --add #0 #",
["/usr/sbin/dpkg-statoverride --qu"..., "", " 4710 ", "/usr/bin/cdrdao"]) = -1
ENOENT (No such
file or directory)
I'd say it's pretty clear what is going on: The code is putting part of the
whole command line
(including arguments and options) where only the name of the binary should be
and the system
interprets this as path to a single binary - which of course isn't there.
The reason for this error is the incorrect usage of the KProcess class in the
Debian specific K3b
patch, to be more specific, in the k3bsetup_statoverride_2006-05-16.patch
introduced in the fix
for Bug 367473. This code does stuff like:
proc << "/usr/sbin/dpkg-statoverride --quiet --update --add #0 #";
proc << g->gr_gid;
...
proc << " 4710 ";
while it should in fact do:
proc << "/usr/sbin/dpkg-statoverride" << "--quiet" << "--update" << "--add" <<
"#0";
proc << (const char *) g->gr_name;
...
proc << "4710";
Basically, all << operations on the proc and cleanupProc variables must be
checked & fixed. I'd be
happy to provide a complete patch
The documentation for the KProcess class and its << can be found e.g. at
http://developer.kde.org/documentation/library/3.0-api/classref/kdecore/KProcess.html#ref6
Note the replacement of gr_gid (integer type) with the group name string,
according to the
KProcess class definition only stings may be used with the << operator.
I have tried to create a patch (one with respect to the original k3b-0.12.16
k3bsetup2.cpp, one
with respect to the dbian patched one, but I'm not in a position to test it
because I don't have
all the development libraries installed that are necessary to compile the
stuff. I any case I'd
notify whoever submitted the patch in Bug 367473 because he should be aware of
the correct
KProcess class usage.
Best regards,
Dirk Porezag
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
statoverride-fix-deb.patch
Description: 1119448120-statoverride-fix-deb.patch
statoverride-fix-orig.patch
Description: 3473453333-statoverride-fix-orig.patch
