Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
On Fri, Jan 26, 2007 at 11:47:49AM +, Stephen Gran wrote: > Aha!. So it des set the gecos field. So, basically all of my analysis > was wrong. Thanks for investigating. I now think, although I could be > wrong, that the problem is that the pam chfn file is not yet set up, so > root doesn't have passwordless ability to set gecos fields. So, this is > not a password prompt for the user's password, it's a pam prompt for the > root password for permission to run chfn. That's correct. Cheers, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
This one time, at band camp, Lucas Nussbaum said: > On 26/01/07 at 00:59 +, Stephen Gran wrote: > > This one time, at band camp, Lucas Nussbaum said: > > > > > > Well, it's chfn that prompts for a password, actually. Configuring > > > adduser (i.e: letting it run its postinst) solves the problem. > > > > chfn is not called in the add system user code path, typically (unless > > your package also sets up gecos fields for the system account, which > > would be unusual but not impossible). I can not reproduce this bug > > report at all. > > See this ps output: > \_ apt-get install firebird2-common > \_ /usr/bin/dpkg --status-fd 10 --unpack > /var/cache/apt/archives/liblocale-gettext-perl_1.05-1_i386.deb [...] > \_ /bin/sh /var/lib/dpkg/tmp.ci/preinst install >\_ adduser >\_ /usr/bin/chfn -f Firebird Database Administator firebird Aha!. So it des set the gecos field. So, basically all of my analysis was wrong. Thanks for investigating. I now think, although I could be wrong, that the problem is that the pam chfn file is not yet set up, so root doesn't have passwordless ability to set gecos fields. So, this is not a password prompt for the user's password, it's a pam prompt for the root password for permission to run chfn. Equally annnoying and incorrect, but a bug that makes sense to me. Take care, all. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
On 26/01/07 at 00:59 +, Stephen Gran wrote: > This one time, at band camp, Lucas Nussbaum said: > > > > Well, it's chfn that prompts for a password, actually. Configuring > > adduser (i.e: letting it run its postinst) solves the problem. > > chfn is not called in the add system user code path, typically (unless > your package also sets up gecos fields for the system account, which > would be unusual but not impossible). I can not reproduce this bug > report at all. See this ps output: \_ apt-get install firebird2-common \_ /usr/bin/dpkg --status-fd 10 --unpack /var/cache/apt/archives/liblocale-gettext-perl_1.05-1_i386.deb [...] \_ /bin/sh /var/lib/dpkg/tmp.ci/preinst install \_ adduser \_ /usr/bin/chfn -f Firebird Database Administator firebird > Lucas: the output you showed really looks like the output for a non-system > user being added. Are you sure there is no mistake? Adduser's postinst > does nothing that could make any difference here (it creates a default > config file, but the values are already the same as the values defined > in the library - nothing changes). I investigated this issue further. The problem is actually not that adduser is not configured at that point, but that passwd (which is required but not essential) is not configured at that point. So a "simpler" solution would be to pre-depends on passwd. However, it seems to me that's it's more logical to actually pre-depend on adduser, since that's what we are really using in preinst here. Note: to reproduce the error, try: apt-get install debfoster ; debfoster -f -o MaxPriority=required apt ; apt-get install firebird2-common > > > Moving the adduser call to postinst is possible, but I am not > > > convinced it is worth the trouble. A couple of packages (all in the > > > same source package as firebird2-common - firebrid2) depend on > > > firebird2-common being done with the account creation and I prefer to > > > have a strong reason to fiddle with them just before the release. > > If the other packages only do things with the account in their postinst, > a regular Depends will do. Changing this might be a bit risky so close from the release. > Dependencies ensure that firebird-common's > postinst will run before any of the firebird-* postinsts. I am not > familiar with the packages, though, so I will not press it. > > > chfn misbehaves if adduser is not configured? How nice :) > > Extremely unlikely, given that they don't interoperate. see above > > >> Can you give me a recipe for > > >> reproducing it? > > > > > > In a chroot (preferably): > > > apt-get remove --purge adduser ; apt-get install firebird2-common > > > > Didn't work (i.e, package installs ok with no problems. Very strange). > > I wouldn't expect it to. see above -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | signature.asc Description: Digital signature
Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
This one time, at band camp, Lucas Nussbaum said: > > Well, it's chfn that prompts for a password, actually. Configuring > adduser (i.e: letting it run its postinst) solves the problem. chfn is not called in the add system user code path, typically (unless your package also sets up gecos fields for the system account, which would be unusual but not impossible). I can not reproduce this bug report at all. Lucas: the output you showed really looks like the output for a non-system user being added. Are you sure there is no mistake? Adduser's postinst does nothing that could make any difference here (it creates a default config file, but the values are already the same as the values defined in the library - nothing changes). > > Moving the adduser call to postinst is possible, but I am not > > convinced it is worth the trouble. A couple of packages (all in the > > same source package as firebird2-common - firebrid2) depend on > > firebird2-common being done with the account creation and I prefer to > > have a strong reason to fiddle with them just before the release. If the other packages only do things with the account in their postinst, a regular Depends will do. Dependencies ensure that firebird-common's postinst will run before any of the firebird-* postinsts. I am not familiar with the packages, though, so I will not press it. > chfn misbehaves if adduser is not configured? How nice :) Extremely unlikely, given that they don't interoperate. > >> Can you give me a recipe for > >> reproducing it? > > > > In a chroot (preferably): > > apt-get remove --purge adduser ; apt-get install firebird2-common > > Didn't work (i.e, package installs ok with no problems. Very strange). I wouldn't expect it to. -- - | ,''`.Stephen Gran | | : :' :[EMAIL PROTECTED] | | `. `'Debian user, admin, and developer | |`- http://www.debian.org | - signature.asc Description: Digital signature
Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
On 25/01/07 at 13:59 +0200, Damyan Ivanov wrote: > -=| Lucas Nussbaum, 25.01.2007 12:21 |=- > > During a piuparts run over all the packages in etch, I ran into a > > problem with your package: > > Thank you for your efforts! > > Is this mail part of a mass-big filing that was already discussed? Can > you give me a pointer? Well, I don't have a specific pointer, but those efforts have been discussed on various occasions on the -qa and -release mailing lists. > > Selecting previously deselected package firebird2-common. > > Unpacking firebird2-common (from > > .../firebird2-common_1.5.3.4870-11_all.deb) ... > > adduser: `/etc/adduser.conf' does not exist. Using defaults. > > Adding system user `firebird' (UID 104) ... > > Adding new group `firebird' (GID 105) ... > > Adding new user `firebird' (UID 104) with group `firebird' ... > > Password: > > > > Since adduser is in Depends, not Pre-depends, it is not configured yet at > > this > > point. You should pre-depend on it, so it is configured at preinst time (or > > move your adduser call to postinst, if that's possible). > > Strange. Isn't adduser supposed *not* to ask for passwords for > --system users? I don't see any setting about this in > /etc/adduser.conf. How would configuring adduser make any difference? Well, it's chfn that prompts for a password, actually. Configuring adduser (i.e: letting it run its postinst) solves the problem. > Moreover, reading adduser's source, it indeed does not prompt for > password for --system users, it simply relies on `useradd', which in > turn does not prompt for password by design. > > Are you sure the log above is complete? From the start of package unpacking to the password, yes. > Can you give me a recipe for > reproducing it? In a chroot (preferably): apt-get remove --purge adduser ; apt-get install firebird2-common Or you can test firebird2-common using piuparts, but that's harder to setup. > Moving the adduser call to postinst is possible, but I am not > convinced it is worth the trouble. A couple of packages (all in the > same source package as firebird2-common - firebrid2) depend on > firebird2-common being done with the account creation and I prefer to > have a strong reason to fiddle with them just before the release. Yes, the simpler solution would be to add it to the pre-depends. Other packages are affected by this issue, you can have a look at #408360, #408364, #408362, #408363. -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | signature.asc Description: Digital signature
Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
On 25/01/07 at 22:50 +0200, Damyan Ivanov wrote: > -BEGIN PGP SIGNED MESSAGE- > Hash: SHA1 > > - -=| Lucas Nussbaum, 25.01.2007 20:08 |=- > > On 25/01/07 at 13:59 +0200, Damyan Ivanov wrote: > >>> Selecting previously deselected package firebird2-common. > >>> Unpacking firebird2-common (from > >>> .../firebird2-common_1.5.3.4870-11_all.deb) ... > >>> adduser: `/etc/adduser.conf' does not exist. Using defaults. > >>> Adding system user `firebird' (UID 104) ... > >>> Adding new group `firebird' (GID 105) ... > >>> Adding new user `firebird' (UID 104) with group `firebird' ... > >>> Password: > >>> > >>> Since adduser is in Depends, not Pre-depends, it is not configured yet at > >>> this > >>> point. You should pre-depend on it, so it is configured at preinst time > >>> (or > >>> move your adduser call to postinst, if that's possible). > >> Strange. Isn't adduser supposed *not* to ask for passwords for > >> --system users? I don't see any setting about this in > >> /etc/adduser.conf. How would configuring adduser make any difference? > > > > Well, it's chfn that prompts for a password, actually. Configuring > > adduser (i.e: letting it run its postinst) solves the problem. > > chfn misbehaves if adduser is not configured? How nice :) > > Anyway, It took me an hour to figure why this is my problem. See Policy > 7.2, "Pre-Depends are also required if the preinst script depends on the > named package." > > >> Can you give me a recipe for > >> reproducing it? > > > > In a chroot (preferably): > > apt-get remove --purge adduser ; apt-get install firebird2-common > > Didn't work (i.e, package installs ok with no problems. Very strange). > > > Yes, the simpler solution would be to add it to the pre-depends. > > This is what I'll do. Are you willing to sponsor the upload? That would be my first upload since I'm a DD, but yes :-) However, I will only upload tomorrow in the morning (as in UTC+1). -- | Lucas Nussbaum | [EMAIL PROTECTED] http://www.lucas-nussbaum.net/ | | jabber: [EMAIL PROTECTED] GPG: 1024D/023B3F4F | -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 tags 408361 pending thanks - -=| Lucas Nussbaum, 25.01.2007 22:53 |=- > On 25/01/07 at 22:50 +0200, Damyan Ivanov wrote: >>> Yes, the simpler solution would be to add it to the pre-depends. >> This is what I'll do. Are you willing to sponsor the upload? > > That would be my first upload since I'm a DD, but yes :-) However, I > will only upload tomorrow in the morning (as in UTC+1). Nice. I am waiting for a DAM to create my account :) Fetch the source with (wrapped): dget -x http://mentors.debian.net/debian/pool/main/f/firebird2/firebird2_1.5.3.4870-12.dsc Changelog: firebird2 (1.5.3.4870-12) unstable; urgency=medium * Urgency medium, fixes a serious bug. * firebird2-common: use Pre-Depends: adduser, instead of Depends, since adduser is used in the .preinst script. Closes: #408361. Reported by Lucas Nussbaum. Once you upload this (prepare for a half-an-hour build), I'll post to - -release for freeze exception. Thanks, dam - -- Damyan Ivanov Modular Software Systems [EMAIL PROTECTED] phone +359(2)928-2611, 929-3993 fax +359(2)920-0994 mobile +359(88)856-6067 [EMAIL PROTECTED]/Gaim -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFuSD0Hqjlqpcl9jsRAvVzAJ4w2snBdz8jDoovOnAbv8eeh4ddDwCeJPkP /dc8s9lxz2IDU6oU1eIUMCw= =gubD -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - -=| Lucas Nussbaum, 25.01.2007 20:08 |=- > On 25/01/07 at 13:59 +0200, Damyan Ivanov wrote: >>> Selecting previously deselected package firebird2-common. >>> Unpacking firebird2-common (from >>> .../firebird2-common_1.5.3.4870-11_all.deb) ... >>> adduser: `/etc/adduser.conf' does not exist. Using defaults. >>> Adding system user `firebird' (UID 104) ... >>> Adding new group `firebird' (GID 105) ... >>> Adding new user `firebird' (UID 104) with group `firebird' ... >>> Password: >>> >>> Since adduser is in Depends, not Pre-depends, it is not configured yet at >>> this >>> point. You should pre-depend on it, so it is configured at preinst time (or >>> move your adduser call to postinst, if that's possible). >> Strange. Isn't adduser supposed *not* to ask for passwords for >> --system users? I don't see any setting about this in >> /etc/adduser.conf. How would configuring adduser make any difference? > > Well, it's chfn that prompts for a password, actually. Configuring > adduser (i.e: letting it run its postinst) solves the problem. chfn misbehaves if adduser is not configured? How nice :) Anyway, It took me an hour to figure why this is my problem. See Policy 7.2, "Pre-Depends are also required if the preinst script depends on the named package." >> Can you give me a recipe for >> reproducing it? > > In a chroot (preferably): > apt-get remove --purge adduser ; apt-get install firebird2-common Didn't work (i.e, package installs ok with no problems. Very strange). > Yes, the simpler solution would be to add it to the pre-depends. This is what I'll do. Are you willing to sponsor the upload? dam - -- Damyan Ivanov Modular Software Systems [EMAIL PROTECTED] phone +359(2)928-2611, 929-3993 fax +359(2)920-0994 mobile +359(88)856-6067 [EMAIL PROTECTED]/Gaim -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFFuRgjHqjlqpcl9jsRAmptAKCum3MPVIrfEde1GKa+VpkzGyB8PgCfdzCq 619vrYAKjEXh7Bb9C4hd6Ic= =Nej6 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#408361: [pkg-firebird-general] Bug#408361: firebird2-common: must pre-depend on adduser, not depend on it
-=| Lucas Nussbaum, 25.01.2007 12:21 |=- > During a piuparts run over all the packages in etch, I ran into a > problem with your package: Thank you for your efforts! Is this mail part of a mass-big filing that was already discussed? Can you give me a pointer? > Selecting previously deselected package firebird2-common. > Unpacking firebird2-common (from .../firebird2-common_1.5.3.4870-11_all.deb) > ... > adduser: `/etc/adduser.conf' does not exist. Using defaults. > Adding system user `firebird' (UID 104) ... > Adding new group `firebird' (GID 105) ... > Adding new user `firebird' (UID 104) with group `firebird' ... > Password: > > Since adduser is in Depends, not Pre-depends, it is not configured yet at this > point. You should pre-depend on it, so it is configured at preinst time (or > move your adduser call to postinst, if that's possible). Strange. Isn't adduser supposed *not* to ask for passwords for --system users? I don't see any setting about this in /etc/adduser.conf. How would configuring adduser make any difference? Moreover, reading adduser's source, it indeed does not prompt for password for --system users, it simply relies on `useradd', which in turn does not prompt for password by design. Are you sure the log above is complete? Can you give me a recipe for reproducing it? Moving the adduser call to postinst is possible, but I am not convinced it is worth the trouble. A couple of packages (all in the same source package as firebird2-common - firebrid2) depend on firebird2-common being done with the account creation and I prefer to have a strong reason to fiddle with them just before the release. dam -- Damyan Ivanov Modular Software Systems [EMAIL PROTECTED] phone +359(2)928-2611, 929-3993 fax +359(2)920-0994 mobile +359(88)856-6067 [EMAIL PROTECTED]/Gaim signature.asc Description: OpenPGP digital signature