Bug#580078: marked as done (lintian: false positive for "init.d-script-missing-dependency-on-remote_fs /etc/init.d/cryptdisks: required start/stop")

Tue, 04 May 2010 15:53:10 -0700 

Your message dated Wed, 5 May 2010 00:16:04 +0200
with message-id <[email protected]>
and subject line Re: Bug#580078: lintian: false positive for 
"init.d-script-missing-dependency-on-remote_fs /etc/init.d/cryptdisks: required 
start/stop"
has caused the Debian Bug report #580078,
regarding lintian: false positive for 
"init.d-script-missing-dependency-on-remote_fs /etc/init.d/cryptdisks: required 
start/stop"
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
580078: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=580078
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: lintian
Version: 2.4.1
Severity: normal

hey,

cryptdisks and cryptdisks-early initscripts both need to be started
before any (non-root) filesystem is mounted. still, i added a check for
/usr/bin/id in the initscripts in order to warn normal users that they
need root privileges when they execute the initscript. this causes four
false positives for the cryptsetup package.

the relevant code in the initscripts is:

if [ -x "/usr/bin/id" ] && [ "$(/usr/bin/id -u)"  != "0" ]; then
        log_warning_msg "$0 needs root privileges"
        exit 1
fi

greetings,
 jonas

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.32-2-amd64-resivo (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages lintian depends on:
ii  binutils               2.20.1-8          The GNU assembler, linker and bina
ii  diffstat               1.47-1            produces graph of changes introduc
ii  dpkg-dev               1.15.7.1          Debian package development tools
ii  file                   5.04-2            Determines file type using "magic"
ii  gettext                0.17-11           GNU Internationalization utilities
ii  intltool-debian        0.35.0+20060710.1 Help i18n of RFC822 compliant conf
ii  libapt-pkg-perl        0.1.24            Perl interface to libapt-pkg
ii  libclass-accessor-perl 0.34-1            Perl module that automatically gen
ii  libipc-run-perl        0.89-1            Perl module for running processes
ii  libparse-debianchangel 1.1.1-2           parse Debian changelogs and output
ii  libtimedate-perl       1.2000-1          collection of modules to manipulat
ii  liburi-perl            1.54-1            module to manipulate and access UR
ii  locales                2.10.2-7          Embedded GNU C Library: National L
ii  man-db                 2.5.7-3           on-line manual pager
ii  perl [libdigest-sha-pe 5.10.1-12         Larry Wall's Practical Extraction 

lintian recommends no packages.

Versions of packages lintian suggests:
pn  binutils-multiarch            <none>     (no description available)
ii  libtext-template-perl         1.45-1     Text::Template perl module
ii  man-db                        2.5.7-3    on-line manual pager

-- no debconf information

Attachment: signature.asc
Description: Digital signature


--- End Message ---
--- Begin Message --- 
Hey,

On 04/05/2010 Raphael Geissert wrote:
> Jonas Meurer wrote:
> > cryptdisks and cryptdisks-early initscripts both need to be started
> > before any (non-root) filesystem is mounted. still, i added a check for
> > /usr/bin/id in the initscripts in order to warn normal users that they
> > need root privileges when they execute the initscript.
> 
> First of all I'm curious as to why you are adding that check. Only a few, 
> rare, init scripts do that.
> 
> I'm actually surprised that policy doesn't say a word about this. I don't 
> think there's any reason to introduce such a technical blockage (that can be 
> bypassed until the point where the special privileges are actually needed.)
> 
> Russ, what do you think? (with your policy hat on :)
> 
> > this causes four
> > false positives for the cryptsetup package.
> > 
> > the relevant code in the initscripts is:
> > 
> > if [ -x "/usr/bin/id" ] && [ "$(/usr/bin/id -u)"  != "0" ]; then
> >         log_warning_msg "$0 needs root privileges"
> >         exit 1
> > fi
> > 
> 
> I would personally just drop that piece of code.

I agree with you that the check for UID = 0 isn't useful in initscripts,
they aren't meant to be invoked by normal system users (!= root) after
all. i removed the checks, and this mail will close the bugreport.

> The reason behind the check and the fact that it doesn't ignore such 
> conditional cases, is exactly that: there might be conditional, but desired, 
> cases that are not executed because the file system is not available because 
> of a mistake.
> 
> Consider a case where the init script does this:
> 
> # exit if removed but not purged:
> [ -x /usr/sbin/some_daemon ] || exit 0
> 
> 
> Now, if the script doesn't have the proper dependency on $remote_fs chances 
> are that it will never do anything because it is executed too early.

sounds reasonable, sorry for the noise.

the other bugreport against lintian because of a false positive in
cryptsetup (bug#580082) is valid in my eyes though.

greetings,
 jonas

Attachment: signature.asc
Description: Digital signature


--- End Message ---

Reply via email to