Package: dpkg
Version: 1.20.9
Severity: important
Tags: patch
X-Debbugs-Cc: maillist-d...@barfooze.de
the code in statdb_node_apply, unlike all other functions trying to chown
a file, ignores --force-not-root, which breaks usage in a non-root container.
see attached patch to fix the issue (it might be required to add a header
to get the definition of forcible_nonroot_error(); i haven't been able to
test compilation.
-- Package-specific info:
System tainted due to merged-usr-via-aliased-dirs.
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 5.4.36 (SMP w/16 CPU threads)
Locale: LANG=C, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: unable to detect
Versions of packages dpkg depends on:
ii libbz2-1.0 1.0.8-4
ii libc6 2.33-7
ii liblzma5 5.2.5-2
ii libselinux1 3.3-1+b1
ii tar 1.34+dfsg-1
ii zlib1g 1:1.2.11.dfsg-2
dpkg recommends no packages.
Versions of packages dpkg suggests:
ii apt 2.3.12
pn debsig-verify <none>
-- Configuration Files:
/etc/dpkg/dpkg.cfg changed:
no-debsig
log /var/log/dpkg.log
force-not-root
-- no debconf information
diff --git a/src/statoverride/main.c b/src/statoverride/main.c
index 1b3c998d4..89474d62a 100644
--- a/src/statoverride/main.c
+++ b/src/statoverride/main.c
@@ -185,9 +185,9 @@ statdb_node_remove(const char *filename)
static void
statdb_node_apply(const char *filename, struct file_stat *filestat)
{
- if (chown(filename, filestat->uid, filestat->gid) < 0)
+ if (forcible_nonroot_error(chown(filename, filestat->uid,
filestat->gid)))
ohshite(_("error setting ownership of '%.255s'"), filename);
- if (chmod(filename, filestat->mode & ~S_IFMT))
+ if (forcible_nonroot_error(chmod(filename, filestat->mode & ~S_IFMT)))
ohshite(_("error setting permissions of '%.255s'"), filename);
dpkg_selabel_load();
