Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
Hi! Latest version of MariaDB in Debian unstable/testing/Bookworm is 10.11.2. You might want to consider testing it. If you want to contribute in the open source way to fix this or any other issue, see https://salsa.debian.org/mariadb-team/mariadb-server/-/wikis/Contributing-to-MariaDB-packaging-in-Debian on how to submit a Merge Request! If you have time to help, please consider these (in order of importance): 1. Review current open MRs at https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests 2. Review items highlighted by Debian QA systems (Lintian, builds etc) and submit a fix to improve the quality: https://tracker.debian.org/pkg/mariadb 3. Review what testing we have at https://salsa.debian.org/mariadb-team/mariadb-server/-/pipelines and think about potential gaps - CI is very important as it is the only way we can prevent regressions in a scalable way 4. Review/follow-up on existing bugs that currently need more information: https://bugs.debian.org/cgi-bin/pkgreport.cgi?repeatmerged=no&src=mariadb&src=mariadb-10.6&src=mariadb-10.5&src=mariadb-10.3&src=mariadb-10.1 MariaDB and C++ skills are useful, but not required. For example reviewing the NEWS for 10.11 requires no coding skills: https://salsa.debian.org/mariadb-team/mariadb-server/-/merge_requests/37 My request for help from debian-devel in https://lists.debian.org/debian-devel/2023/02/msg00272.html did not get many responses, so the future of this package depends on how active the users and people who previously reported bugs are in participating in the maintenance of the package. - Otto
Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
Op za 22 mei 2021 om 23:54 schreef Trevor Cordes : > So now mariadb should allow sane ^W settings now matter how it is > compiled: > - with readline: always worked > - with libedit that comes with maria-db: always worked > - with your system libedit: now works once you add settings to .editrc > and use this latest libedit verion (libedit-20210522-3.1 or > newer) It'd be nice if ^W worked by default. -- Olaf
Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
Upstream, Jess and I did work out a fix and I made a "real" patch that should fix the problem without a security hole. http://thrysoee.dk/editline/ As projects pull from this upstream (as Fedora does, not sure about Deb) they will get this fix. If you don't want to wait, download the source and compile/install or use your package manager build system with this new source. Restart your mysql client and the bug should be gone: libedit should read your editrc, and from there you can customize ^W to do the "sane" thing. So now mariadb should allow sane ^W settings now matter how it is compiled: - with readline: always worked - with libedit that comes with maria-db: always worked - with your system libedit: now works once you add settings to .editrc and use this latest libedit verion (libedit-20210522-3.1 or newer) And hopefully that will be the last we ever see of this bug, which has cropped up every few years since 2009, 2013, 2019, 2021? :-) Cheers.
Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
On 2021-05-22 Olaf van der Spek wrote: > Op za 22 mei 2021 om 04:27 schreef Trevor Cordes > : > > > > On Thu, 26 Nov 2020 12:50:26 -0500 The Wanderer > > wrote: > > Which means at one time this was fixed. That's why this used to > > work for us. But something must have regressed in the source, and > > the fix > > MariaDB 10.3 uses libreadline-gplv2 > MariaDB 10.5 uses libedit > I think this explains the changes in behavior. Sort of. I think earlier MariaDB/Mysql gave the option for either libreadline or libedit? In any event, I experienced these symptoms a few years ago with MariaDB, and at that time (going from memory) it was because Fedora changed from compiling with readline to libedit. And at that time the solution was to make an .editrc with the bindings you wanted. Since I made an .editrc, and that fixed the symptoms, that proves it was using libedit before this current fiasco. That's my theory, anyhow. It's not two states we're dealing with, it's three: 1. MariaDB uses libreadline 2. MariaDB uses a working libedit that reads .editrc 3. MariaDB uses a broken libedit that doesn't read .editrc We're in state 3 right now, not state 2. That explains why the "fix" of using the included-with-MaraiDB libedit solves the symptoms: because that's a non-broken libedit that reads editrc. But it's always better (IMHO) to use the system libraries, so it seems prudent to get libedit fixed upstream. For instance, if libedit fixes a CVE, does MariaDB remember to patch or update their in-tree version?? Upstream Jess Thrysoee has already gotten back to me with a better patch and we're testing now. So it seems like this won't be an issue soon enough, once distros take on the upstream changes.
Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
Op za 22 mei 2021 om 04:27 schreef Trevor Cordes : > > On Thu, 26 Nov 2020 12:50:26 -0500 The Wanderer > wrote: > Which means at one time this was fixed. That's why this used to work > for us. But something must have regressed in the source, and the fix MariaDB 10.3 uses libreadline-gplv2 MariaDB 10.5 uses libedit I think this explains the changes in behavior. -- Olaf
Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
I confirmed I was correct by making a small patch to libedit and recompiling libedit and installing the custom rpm. It indeed fixes this bug, without any changes to mysql. The bug is for sure in libedit. The bug is for sure the issetugid-related code. My patch to libedit-20210419-3.1.tar.gz is attached. Note: this patch is almost certainly a security hole as I don't address the reason that setuid stuff is in there in the first place. Consider it a PoC and not something you should use unless you know what you are doing. I would expect the upstream to come up with a real fix shortly. tecpatchlibedit Description: Binary data
Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
On Thu, 26 Nov 2020 12:50:26 -0500 The Wanderer wrote: > On 2020-11-26 at 09:43, The Wanderer wrote: > > > Package: mariadb-client > > Version: 1:10.5.8-3 > > Severity: normal > > > > Prior to the upgrade, in an interactive session within the 'mysql' > > terminal-based client, Ctrl+W would kill everything to the left of > > the cursor up to the first word boundary (which in practice > > appeared to mean "whitespace"), but nothing to the left of that > > point. > > > > This is apparently not the default, but I have it configured in > > ~/.editrc. The contents of that file are as follows: > > Either way, the fact that ~/.editrc does not seem to be being > respected is still an issue, which may or may not reside in > mariadb-client. This additional discovery may simply mean that it was > being ignored previously as well, I just hadn't noticed. Hi, this is also bugging me on Fedora 32. Digging deep into the library chain and source code, it almost certainly is a libedit issue. Linux doesn't have issetugid(), and in src/el.c in libedit (2019-something thru 20210419 versions) it clearly only reads editrc if issetugid is available. The upstream here is http://thrysoee.dk/editline/, and it has this changelog: 2013-07-10 Jess Thrysoee * version-info: 0:46:0 * configure.ac, src/el.c: ~/.editrc was never sourced on Linux. On Linux issetugid is not available. When unable to determine if the current process is tainted, we did not trust the HOME environment variable and therefore could not load ~/.editrc. Now instead use secure_getenv or a issetugid based implementation of secure_getenv. Patch by Paolo Tosco. Which means at one time this was fixed. That's why this used to work for us. But something must have regressed in the source, and the fix code which I think is the stuff dealing with HAVE_SECURE_GETENV defines near the top of el.c doesn't actually help at all anymore. A quick fix would be to fudge the source having to do with issetugid to just not check the ifdef nor call the function. Of course, that could be a security hole if somehow it gets run in a setuid/gid context. I have contacted the thrysoee.dk maintainer about getting this fixed in his version, which will automatically trickle down to fix this for us in deb & fedora.
Bug#975911: [debian-mysql] Bug#975911: Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
This issue has not seen any progress. If you want to help improve MariaDB in Debian in the open source way, you could for example: - submit your suggestion for a fix as a Merge Request at https://salsa.debian.org/mariadb-team/mariadb-10.5 - help with documentation/testing to improve our understanding on what exactly the bug is about - triage the other bugs filed against MariaDB in Debian so there is time freed up to work on this bug Thanks! On Thu, 26 Nov 2020 at 12:03, Otto Kekäläinen wrote: > > Thanks for reporting and debugging this. There are no libedit related > customizations in the Debian packaging, so I suggest you report this upstream > at jira.mariadb.org, where upstream devs might have some input into this. > > Otto > ___ > pkg-mysql-maint mailing list > pkg-mysql-ma...@alioth-lists.debian.net > https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-mysql-maint -- - Otto
Bug#975911: [debian-mysql] Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
Hi, > There are no libedit related customizations in the Debian packaging, so I > suggest you report this upstream at jira.mariadb.org, where upstream devs might have some input into this. Could this be related to: > Installation of all MariaDB packages on Debian Sid is currently broken, as > libreadline5 was 2 days ago removed -- Olaf
Bug#975911: [debian-mysql] Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
Thanks for reporting and debugging this. There are no libedit related customizations in the Debian packaging, so I suggest you report this upstream at jira.mariadb.org, where upstream devs might have some input into this. Otto
Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
On 2020-11-26 at 09:43, The Wanderer wrote: > Package: mariadb-client > Version: 1:10.5.8-3 > Severity: normal > > Dear Maintainer, > > I have just upgraded mariadb-client (and -server) from version 10.3.x to > version 10.5.8-3. As far as I can tell, no versions between those made > it into testing. If I'm not mistaken, the last version I was running > pre-upgrade was 10.3.24-2. > > Prior to the upgrade, in an interactive session within the 'mysql' > terminal-based client, Ctrl+W would kill everything to the left of the > cursor up to the first word boundary (which in practice appeared to mean > "whitespace"), but nothing to the left of that point. > > This is apparently not the default, but I have it configured in > ~/.editrc. The contents of that file are as follows: > > ---8<--- > bind "^U" vi-kill-line-prev > bind "^W" ed-delete-prev-word > ---8<--- > > Following the upgrade and a restart of the client, in such an > interactive session, Ctrl+W now kills everything to the left of the > cursor, all the way to the beginning of the line. This appears to be the > default behavior, used when no alternate configuration has been applied. > > It thus appears as if the settings I have in place in ~/.editrc are > simply being ignored. The environment variable EDITRC is not set. > Launching with it explicitly set does not appear to change anything. On further investigation, this might not be the full explanation after all. According to 'man editline', the ed-delete-prev-word function is bound by default to Ctrl+Meta+H. When I execute that key combination, it kills not up the preceding whitespace (as Ctrl+W used to do), but to the preceding word boundary (using what seems to be the same criteria as would be used by '\b' in a regular expression). https://certif.com/cplot_print/libedit.html and https://www.certif.com/spec_print/editline.html document the "kill until previous whitespace" functionality as being provided by em_kill_region. 'man editline' refers to em-kill-region, but states that it kills everything between the cursor and "the mark"; since the mark must be explicitly placed and omitting it means invoking this function is an error, that doesn't seem to be equivalent to "kill until previous whitespace". The latter of those pages documents the readline equivalent of ed-delete-prev-word as being backward-kill-word, and the one for "kill until previous whitspace" as being unix-word-rubout. I haven't found a way to readily test the behavior of these on my system yet, so I don't know for sure which if any of them provide the behavior I expected. I'm coming to suspect that there may be no way to regain access to the previous behavior without either severely patching libedit (either locally or upstream) or reverting to have mariadb-client use readline again instead. Either of those things would be drastic, but for this regression to be permanent would be quite unfortunate. Either way, the fact that ~/.editrc does not seem to be being respected is still an issue, which may or may not reside in mariadb-client. This additional discovery may simply mean that it was being ignored previously as well, I just hadn't noticed. I filed this as a bug report on account of regression, but it's starting to look like it might belong more in more general discussion channels for the time being, until the actual root nature of the regression can be figured out... -- The Wanderer The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw signature.asc Description: OpenPGP digital signature
Bug#975911: mariadb-client: appears to ignore ~/.editrc keybind settings
Package: mariadb-client Version: 1:10.5.8-3 Severity: normal Dear Maintainer, I have just upgraded mariadb-client (and -server) from version 10.3.x to version 10.5.8-3. As far as I can tell, no versions between those made it into testing. If I'm not mistaken, the last version I was running pre-upgrade was 10.3.24-2. Prior to the upgrade, in an interactive session within the 'mysql' terminal-based client, Ctrl+W would kill everything to the left of the cursor up to the first word boundary (which in practice appeared to mean "whitespace"), but nothing to the left of that point. This is apparently not the default, but I have it configured in ~/.editrc. The contents of that file are as follows: ---8<--- bind "^U" vi-kill-line-prev bind "^W" ed-delete-prev-word ---8<--- Following the upgrade and a restart of the client, in such an interactive session, Ctrl+W now kills everything to the left of the cursor, all the way to the beginning of the line. This appears to be the default behavior, used when no alternate configuration has been applied. It thus appears as if the settings I have in place in ~/.editrc are simply being ignored. The environment variable EDITRC is not set. Launching with it explicitly set does not appear to change anything. I've found this behavior mentioned in a few places online. Nearly all of them seem to advise resolving it by adding that Ctrl+W bind in ~/.editrc. The only one I've found thus far which indicates that doing so does not change the behavior is https://bugs.mysql.com/bug.php?id=95287 in which the solution found is to build with the internal libedit rather than the system copy, which is obviously not suitable for Debian. The only mentions of 'edit' in the relevant changelogs that I've found are in those for mariadb-client-core-10.5. Version 1:10.4.12-1~exp2 has an entry for "Link with libedit instead of readline5", and version 1:10.5.5-2 has one for "Add native dependencies on gnutls, libedit and ncurses" (in relation to cross-compiling). I'd guess that the former is the more relevant of the two, but I don't know for sure. The installed version of libedit2 is 3.1-20191231-1. Based on the date, I doubt that it was recently upgraded from an earlier version, but I cannot testify to that for certain. The only mention of ~/.editrc being ignored that I've managed to find yet is a question on superuser.com from 2010, regarding ghci, which got no answer. I'm not sure whether the bug here is in mariadb-client or in libedit, or even somewhere else, but this is clearly a behavior regression. If the existing configuration through this file is supposed to continue to be respected after the upgrade, please make appropriate adjustments so that that happens. If it is not, please explain and document what the correct method is for applying such configuration. If there is anything I can do to help track this down and get it working, please let me know. I've tried strace, but failed to find anything relevant thus far in the result; in particular, I find no mention of the string 'editrc', although libedit.so.2 is apparently read. -- System Information: Debian Release: bullseye/sid APT prefers testing APT policy: (900, 'testing'), (800, 'stable'), (500, 'testing-debug') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.9.0-2-amd64 (SMP w/12 CPU threads) Kernel taint flags: TAINT_WARN Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) LSM: AppArmor: enabled Versions of packages mariadb-client depends on: ii mariadb-client-10.5 1:10.5.8-3 mariadb-client recommends no packages. mariadb-client suggests no packages. -- no debconf information
