Re: WARNING: Re: debhelper /usr/bin/passwd

1999-02-01 Thread Steve Dunham
Wichert Akkerman [EMAIL PROTECTED] writes: [1 text/plain; us-ascii (quoted-printable)] Previously Remco Blaakmeer wrote: Is there any way of changing that default behaviour (e.g. some config file) apart from recompiling dpkg? I'd like to leave it disabled at all times no matter what the

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Brian May
In article [EMAIL PROTECTED] you write: Joey Hess wrote: I'd say installing debhelper 1.2.28 with --force-conflicts is a _very_ bad idea. Unfortunatly, it looks like the current version of dpkg has --force-overwrite (which is what I meant to say above) enabled by default. And so anyone who ran

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Stephen Zander
Brian == Brian May [EMAIL PROTECTED] writes: Brian My versions of dpkg claim that --force-overwrite isn't on Brian be default (otherwise it should have [*] after it): As does mine: and it lies! I've been testing package upgrades dpkg itself is very definately using --force-overwite

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Brian May
Stephen Zander wrote: Brian == Brian May [EMAIL PROTECTED] writes: Brian My versions of dpkg claim that --force-overwrite isn't on Brian be default (otherwise it should have [*] after it): As does mine: and it lies! I've been testing package upgrades dpkg itself is very definately

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Joey Hess
Brian May wrote: Unfortunatly, it looks like the current version of dpkg has --force-overwrite (which is what I meant to say above) enabled by default. And so anyone who ran dselect in the past 24 hours and upgraded from unstable has probably beeen bitten by this bad package. Can you be

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Craig Sanders
On Sat, Jan 30, 1999 at 10:06:30PM -0800, Stephen Zander wrote: Brian == Brian May [EMAIL PROTECTED] writes: Brian My versions of dpkg claim that --force-overwrite isn't on Brian be default (otherwise it should have [*] after it): As does mine: and it lies! I've been testing

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Brian May
Craig Sanders wrote: As does mine: and it lies! I've been testing package upgrades dpkg itself is very definately using --force-overwite which is a damn good thing. please, nobody suggest changing the default behaviour until dpkg has a config file in /etc allowing each system admin to choose

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Wichert Akkerman
Previously Stephen Zander wrote: As does mine: and it lies! I've been testing package upgrades dpkg itself is very definately using --force-overwite The [*] marks are hardcoded in dpkg, and Daniel Jacobowitz forgot to change that when he made NMU 1.4.0.31 which turned --force-overwrite on by

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Wichert Akkerman
Previously Remco Blaakmeer wrote: Is there any way of changing that default behaviour (e.g. some config file) apart from recompiling dpkg? I'd like to leave it disabled at all times no matter what the default is in the current dpkg package. No. Are there other things that would be useful in a

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-31 Thread Alexander N. Benner
hi Ship's Log, Lt. Brian May, Stardate 310199.1320: I have noticed this behaviour, too. However, at the time, I assumed the apt-get forced the file to be overwritten because the package I was installing was required/base (ldso from memory, but this problem has already been fixed). Now I am

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-30 Thread Remco Blaakmeer
On Mon, 25 Jan 1999, Joey Hess wrote: Joey Hess wrote: I'd say installing debhelper 1.2.28 with --force-conflicts is a _very_ bad idea. Unfortunatly, it looks like the current version of dpkg has --force-overwrite (which is what I meant to say above) enabled by default. And so anyone

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-27 Thread Frozen Rose
In article [EMAIL PROTECTED], Joey Hess [EMAIL PROTECTED] wrote: Yesterday I fixed a bug in dh_link, bug #23255. That bug concerns a different package that diverts /usr/bin/{passwd,chsh,chfn}, and needed to set up some symlinks from sysdb-wrapper to them using dh_link. Talk about

debhelper /usr/bin/passwd

1999-01-26 Thread Ossama Othman
Hi guys, I just updated my potato system. The only two packages that were being updated were debhelper and egcs-docs. I got a warning from dpkg that debhelper (it seemed) was trying to overwrite /usr/bin/passwd. Due to all of the trojan rumours flying around, I got a little scared. Also, I

Re: debhelper /usr/bin/passwd

1999-01-26 Thread Mitch Blevins
In foo.debian-devel, you wrote: Hi guys, I just updated my potato system. The only two packages that were being updated were debhelper and egcs-docs. I got a warning from dpkg that debhelper (it seemed) was trying to overwrite /usr/bin/passwd. Due to all of the trojan rumours flying

Re: debhelper /usr/bin/passwd

1999-01-26 Thread Ossama Othman
Hi Mitch, Could you please post the version(s) you have and which mirror you got it from? Sure! chsh and chfn were also in debhelper! I got debhelper using dselect/apt. Here is all the info you requested: % cat /etc/apt/sources.list deb http://http.us.debian.org/debian unstable main

Re: debhelper /usr/bin/passwd

1999-01-26 Thread J. S. Connell
The $1E6 question is now (a) why debhelper has symlinks pointing passwd/ chfn/chsh to sysdb-wrapper, and (b) where sysdb-wrapper comes from. --Jeff

Re: debhelper /usr/bin/passwd

1999-01-26 Thread Mitch Blevins
Ossama Othman wrote: Hi Mitch, Could you please post the version(s) you have and which mirror you got it from? Sure! chsh and chfn were also in debhelper! I got debhelper using dselect/apt. Here is all the info you requested: % cat /etc/apt/sources.list deb

WARNING: Re: debhelper /usr/bin/passwd

1999-01-26 Thread Joey Hess
Good greif. I'm sorry about this snafu. You weren't hit by an exploit attempt, just by a debhelper package I managed to leave some junk in. This is fixed in version 1.2.29, and it only affected version 1.2.28. Background: Yesterday I fixed a bug in dh_link, bug #23255. That bug concerns

Re: debhelper /usr/bin/passwd

1999-01-26 Thread Ossama Othman
Hi Mitch, It doesn't look like a trojan (this weeks hot topic) because his pgp sig matches the md5sum of the tarfile, and the tarfile reproduces the symlinks in the resulting deb. Great! That's good to know. So, I would just treat it as a bug. Please file a critical bug report against

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-26 Thread Ossama Othman
Hi Joey, Thanks! I won't file that bug report now. :) -Ossama __ Ossama Othman [EMAIL PROTECTED] 58 60 1A E8 7A 66 F4 44 74 9F 3C D4 EF BF 35 88 1024/8A04D15D 1998/08/26

Re: debhelper /usr/bin/passwd

1999-01-26 Thread Mitch Blevins
In foo.debian-devel, I wrote: Well, I got the deb and source and dsc from the mirror you pointed out, and it _does_ have these files as symlinks in them pointing to sysdb-wrapper. It doesn't look like a trojan (this weeks hot topic) because his pgp sig matches the md5sum of the tarfile, and

Re: WARNING: Re: debhelper /usr/bin/passwd

1999-01-26 Thread Joey Hess
Joey Hess wrote: I'd say installing debhelper 1.2.28 with --force-conflicts is a _very_ bad idea. Unfortunatly, it looks like the current version of dpkg has --force-overwrite (which is what I meant to say above) enabled by default. And so anyone who ran dselect in the past 24 hours and