Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2020-06-16 Thread Adam D. Barratt 
On Tue, 2020-06-16 at 10:06 +0200, Carsten Leonhardt wrote:
> Julien Cristau  writes:
> 
> > Control: tag -1 confirmed
> > Sorry for the delay, please go ahead.
> 
> For information, I've uploaded the package some time ago and it's
> waiting in the NEW queue for FTP master review.

Thanks for the update.

I've asked on IRC if an ftpmaster can have a look (it needs a master
rather than an assistant, in order to get the package to appear in our
review queue afterwards).

Regards,

Adam

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2020-06-16 Thread Carsten Leonhardt 
Julien Cristau  writes:

> Control: tag -1 confirmed

> Sorry for the delay, please go ahead.

For information, I've uploaded the package some time ago and it's
waiting in the NEW queue for FTP master review.

Regards,

Carsten

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2020-04-26 Thread Julien Cristau 
Control: tag -1 confirmed

On Sun, Mar 04, 2018 at 11:08:00AM +0100, Carsten Leonhardt wrote:
> Control: tags -1 - moreinfo
> 
> "Adam D. Barratt"  writes:
> 
> > -   --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
> > +   --oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG
> >
> > The first of those "-g" is presumably supposed to be "-u". I realise
> > this may seem a small point, but it does make me wonder how it wasn't
> > caught in testing.
> 
> Thank you for your work and for catching this. A new version of the
> patch is attached.
> 
Sorry for the delay, please go ahead.

Cheers,
Julien

Processed: Re: Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2020-04-26 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 confirmed
Bug #881871 [release.debian.org] stretch-pu: package bacula/7.4.4+dfsg-6
Added tag(s) confirmed.

-- 
881871: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881871
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-11-28 Thread Carsten Leonhardt 
Hi,

is there a chance the fixed package will be accepted?

Maybe you would prefer separate fixes for the two problems?

Regards,

Carsten

Bug#881871: [pkg-bacula-devel] Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-03-30 Thread Sven Hartge 
On 30.03.2018 18:03, Julien Cristau wrote:
> On Sun, Mar  4, 2018 at 11:08:00 +0100, Carsten Leonhardt wrote:
> 
>> Control: tags -1 - moreinfo
>>
>> "Adam D. Barratt"  writes:
>>
>>> -   --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
>>> +   --oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG
>>>
>>> The first of those "-g" is presumably supposed to be "-u". I realise
>>> this may seem a small point, but it does make me wonder how it wasn't
>>> caught in testing.
>>
>> Thank you for your work and for catching this. A new version of the
>> patch is attached.
>>
> This leaves open the question of how much was this tested.  Can you
> describe what has or hasn't been done there?

I tested the proposed packages in a SysV-Init-based Debian Stretch VM. I
can confirm every daemon runs as the user and group it is supposed to
run as.

root@debian-stretch:~# ps auwwx | grep [b]acula
root  5101  0.0  0.2  66988  5512 ?Ssl  21:16   0:00
/usr/sbin/bacula-fd -u root -g root -c /etc/bacula/bacula-fd.conf
bacula5175  0.0  0.2 130420  5384 ?Ssl  21:16   0:00
/usr/sbin/bacula-sd -u bacula -g tape -c /etc/bacula/bacula-sd.conf
bacula5403  0.0  0.3  74728  6628 ?Ssl  21:20   0:00
/usr/sbin/bacula-dir -u bacula -g bacula -c /etc/bacula/bacula-dir.conf

root@debian-stretch:~# ps -eo pid,comm,euser,supgrp | grep [b]acula
 5101 bacula-fd   root root
 5175 bacula-sd   bacula   tape
 5403 bacula-dir  bacula   tape,bacula

I also checked why I did not notice the problem Adam spotted in the
first place. I can only guess this happened because bacula-dir fell back
to running as "root" when no "-u bacula" was specified, which made all
my tests work as they should (because root has obviously no restrictions).

The reason for this fallback is the Debian package does not specify a
runtime user at build time. This was done in the past so that the
runtime user can be chosen by the admin of the system.

But since then we changed the packaging and got rid of this ability
because in reality nobody was doing this anyway and it complicated the
packaging.

If the runtime user were set during package build, this problem would
not have occurred because the parameters -u and -g wouldn't be needed in
the first place.

Grüße,
Sven.




signature.asc
Description: OpenPGP digital signature

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-03-30 Thread Julien Cristau 
On Sun, Mar  4, 2018 at 11:08:00 +0100, Carsten Leonhardt wrote:

> Control: tags -1 - moreinfo
> 
> "Adam D. Barratt"  writes:
> 
> > -   --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
> > +   --oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG
> >
> > The first of those "-g" is presumably supposed to be "-u". I realise
> > this may seem a small point, but it does make me wonder how it wasn't
> > caught in testing.
> 
> Thank you for your work and for catching this. A new version of the
> patch is attached.
> 
This leaves open the question of how much was this tested.  Can you
describe what has or hasn't been done there?

Cheers,
Julien

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-03-04 Thread Carsten Leonhardt 
Control: tags -1 - moreinfo

"Adam D. Barratt"  writes:

> - --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
> + --oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG
>
> The first of those "-g" is presumably supposed to be "-u". I realise
> this may seem a small point, but it does make me wonder how it wasn't
> caught in testing.

Thank you for your work and for catching this. A new version of the
patch is attached.

Regards,

Carsten

diff --git a/debian/bacula-common.preinst b/debian/bacula-common.preinst
index 056c2944..d0b323fa 100644
--- a/debian/bacula-common.preinst
+++ b/debian/bacula-common.preinst
@@ -12,6 +12,14 @@ case "$1" in
 			echo "Ok."
 		fi
 	;;
+	install|upgrade)
+		# purging bacula-director-common can mistakenly delete bacula-dir.conf
+		# neutralize the offending line in its postrm; see bug #880529 for details
+		if dpkg-query -l bacula-director-common > /dev/null 2>&1 && \
+		   [ -e /var/lib/dpkg/info/bacula-director-common.postrm ]; then
+			sed -i 's/rm -f $CONFFILE $CONFFILE.dist/#disabled: bug #880529# rm -f $CONFFILE $CONFFILE.dist/' /var/lib/dpkg/info/bacula-director-common.postrm
+		fi
+	;;
 esac
 
 # dh_installdeb will replace this with shell code automatically
diff --git a/debian/bacula-director.init b/debian/bacula-director.init
index 8ac7c36a..89cfbe65 100644
--- a/debian/bacula-director.init
+++ b/debian/bacula-director.init
@@ -67,7 +67,7 @@ do_start()
 {
 	if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff --git a/debian/bacula-fd.init b/debian/bacula-fd.init
index 649b9cc1..698e4ea3 100644
--- a/debian/bacula-fd.init
+++ b/debian/bacula-fd.init
@@ -54,7 +54,7 @@ do_start()
 {
 	if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff --git a/debian/bacula-sd.init b/debian/bacula-sd.init
index 47c3d07d..8559f335 100644
--- a/debian/bacula-sd.init
+++ b/debian/bacula-sd.init
@@ -51,9 +51,9 @@ PIDFILE=/run/bacula/$NAME.$PORT.pid
 
 do_start()
 {
-	if $DAEMON -g $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
+	if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff --git a/debian/changelog b/debian/changelog
index d0a4ac54..81b0627a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,21 @@
+bacula (7.4.4+dfsg-6+deb9u1) stretch; urgency=medium
+
+  [Sven Hartge]
+  * Let PID files be owned by root. Mitigates a minor security problem
+similar to CVE 2017-14610. Note that this change disables automatic
+tracebacks.
+
+  [Carsten Leonhardt]
+  * Added transitional package bacula-director-common, the old leftover
+package can't be safely purged otherwise (it deletes
+/etc/bacula/bacula-dir.conf in postrm which now belongs to the
+bacula-director package). For the case when the package
+bacula-director-common is deinstalled but not purged, we neutralize
+the offending postrm script when upgrading bacula-common. (Closes:
+#880529)
+
+ -- Carsten Leonhardt   Wed, 15 Nov 2017 22:55:15 +0100
+
 bacula (7.4.4+dfsg-6) unstable; urgency=medium
 
   [Sven Hartge]
diff --git a/debian/control b/debian/control
index 19418610..7c310185 100644
--- a/debian/control
+++ b/debian/control
@@ -357,3 +357,13 @@ Description: network backup service - Bacula Administration Tool
  .
  This GUI interface has been designed to ease restore operations as much as
  possible as compared to the basic text console.
+
+Package: bacula-director-common
+Section: oldlibs
+Architecture: any
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ bacula-common (= ${binary:Version}),
+ ${misc:Depends}
+Description: transitional package
+ This is a transitional package. It can safely be removed.
diff --git a/debian/patches/non-forking-systemd-units.patch b/debian/patches/non-forking-systemd-units.patch
index 636c9153..03cdabd7 100644
--- a/debian/patches/non-forking-systemd-units.patch
+++ b/debian/patches/non-forking-systemd-units.patch
@@ -20,13 +20,13 @@ Author: Sven Hartge 
 -PIDFile=@piddir@/bacula-dir.@dir_port@.pid
 -ExecReload=@sbindir@/bacula-dir -t -c @sysconfdir@/bacula-dir.conf
 +Type=simple
-+User=bacula
-+Group=bacula
++User=root
++Group=root

Processed: Re: Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-03-04 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 - moreinfo
Bug #881871 [release.debian.org] stretch-pu: package bacula/7.4.4+dfsg-6
Removed tag(s) moreinfo.

-- 
881871: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881871
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#881871: [pkg-bacula-devel] Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-03-03 Thread Sven Hartge 
On 03.03.2018 14:34, Adam D. Barratt wrote:
> On Mon, 2018-02-26 at 13:14 +0100, Carsten Leonhardt wrote:

>> here is a new version of the patch. I now additionally let
>> bacula-common.preinst check for the existence of
>> bacula-director-common.postrm and comment out the offending line if
>> found (first chunk in the diff). I chose to use bacula-common because
>> it
>> is depended upon by all other bacula packages.
>>
>> I've also amended the text in the changelog, otherwise the rest of
>> the
>> patch is the same as the previous version.
> 
> - --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
> + --oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG
> 
> The first of those "-g" is presumably supposed to be "-u". I realise
> this may seem a small point, but it does make me wonder how it wasn't
> caught in testing.

This is embarrassing. You are of course right. I am sorry. Must have
been a copy'n'waste error on my part.

I'll prepare a fix for Sid and Stretch at once.

As why this has not been caught during testing I need to investigate. I
have a suspicion but I need to confirm it first.

Grüße,
Sven.



signature.asc
Description: OpenPGP digital signature

Bug#881871: [pkg-bacula-devel] Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-03-03 Thread Sven Hartge 
On 03.03.2018 15:17, Sven Hartge wrote:
> On 03.03.2018 14:34, Adam D. Barratt wrote:

>> The first of those "-g" is presumably supposed to be "-u". I realise
>> this may seem a small point, but it does make me wonder how it wasn't
>> caught in testing.
> 
> This is embarrassing. You are of course right. I am sorry. Must have
> been a copy'n'waste error on my part.
> 
> I'll prepare a fix for Sid and Stretch at once.

I have pushed a fix to the master and stretch branches.

> As why this has not been caught during testing I need to investigate. I
> have a suspicion but I need to confirm it first.

My suspicion was not true, but it shows an error in my testing
procedure. It seems I only tested the systemd path and not the SysV-init
one.

Grüße,
Sven.



signature.asc
Description: OpenPGP digital signature

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-03-03 Thread Adam D. Barratt 
Control: tags -1 + moreinfo

On Mon, 2018-02-26 at 13:14 +0100, Carsten Leonhardt wrote:
> here is a new version of the patch. I now additionally let
> bacula-common.preinst check for the existence of
> bacula-director-common.postrm and comment out the offending line if
> found (first chunk in the diff). I chose to use bacula-common because
> it
> is depended upon by all other bacula packages.
> 
> I've also amended the text in the changelog, otherwise the rest of
> the
> patch is the same as the previous version.

-   --oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+   --oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG

The first of those "-g" is presumably supposed to be "-u". I realise
this may seem a small point, but it does make me wonder how it wasn't
caught in testing.

Regards,

Adam

Processed: Re: Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-03-03 Thread Debian Bug Tracking System 
Processing control commands:

> tags -1 + moreinfo
Bug #881871 [release.debian.org] stretch-pu: package bacula/7.4.4+dfsg-6
Added tag(s) moreinfo.

-- 
881871: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881871
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-02-26 Thread Carsten Leonhardt 
Hi,

here is a new version of the patch. I now additionally let
bacula-common.preinst check for the existence of
bacula-director-common.postrm and comment out the offending line if
found (first chunk in the diff). I chose to use bacula-common because it
is depended upon by all other bacula packages.

I've also amended the text in the changelog, otherwise the rest of the
patch is the same as the previous version.

The patch is also viewable at 
https://salsa.debian.org/bacula-team/bacula/compare/debian%2F7.4.4+dfsg-6...stretch
 

Thanks,

Carsten

diff --git a/debian/bacula-common.preinst b/debian/bacula-common.preinst
index 056c2944..d0b323fa 100644
--- a/debian/bacula-common.preinst
+++ b/debian/bacula-common.preinst
@@ -12,6 +12,14 @@ case "$1" in
 			echo "Ok."
 		fi
 	;;
+	install|upgrade)
+		# purging bacula-director-common can mistakenly delete bacula-dir.conf
+		# neutralize the offending line in its postrm; see bug #880529 for details
+		if dpkg-query -l bacula-director-common > /dev/null 2>&1 && \
+		   [ -e /var/lib/dpkg/info/bacula-director-common.postrm ]; then
+			sed -i 's/rm -f $CONFFILE $CONFFILE.dist/#disabled: bug #880529# rm -f $CONFFILE $CONFFILE.dist/' /var/lib/dpkg/info/bacula-director-common.postrm
+		fi
+	;;
 esac
 
 # dh_installdeb will replace this with shell code automatically
diff --git a/debian/bacula-director.init b/debian/bacula-director.init
index 8ac7c36a..89cfbe65 100644
--- a/debian/bacula-director.init
+++ b/debian/bacula-director.init
@@ -67,7 +67,7 @@ do_start()
 {
 	if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff --git a/debian/bacula-fd.init b/debian/bacula-fd.init
index 649b9cc1..698e4ea3 100644
--- a/debian/bacula-fd.init
+++ b/debian/bacula-fd.init
@@ -54,7 +54,7 @@ do_start()
 {
 	if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff --git a/debian/bacula-sd.init b/debian/bacula-sd.init
index 47c3d07d..e3863840 100644
--- a/debian/bacula-sd.init
+++ b/debian/bacula-sd.init
@@ -53,7 +53,7 @@ do_start()
 {
 	if $DAEMON -g $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff --git a/debian/changelog b/debian/changelog
index d0a4ac54..81b0627a 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,21 @@
+bacula (7.4.4+dfsg-6+deb9u1) stretch; urgency=medium
+
+  [Sven Hartge]
+  * Let PID files be owned by root. Mitigates a minor security problem
+similar to CVE 2017-14610. Note that this change disables automatic
+tracebacks.
+
+  [Carsten Leonhardt]
+  * Added transitional package bacula-director-common, the old leftover
+package can't be safely purged otherwise (it deletes
+/etc/bacula/bacula-dir.conf in postrm which now belongs to the
+bacula-director package). For the case when the package
+bacula-director-common is deinstalled but not purged, we neutralize
+the offending postrm script when upgrading bacula-common. (Closes:
+#880529)
+
+ -- Carsten Leonhardt   Wed, 15 Nov 2017 22:55:15 +0100
+
 bacula (7.4.4+dfsg-6) unstable; urgency=medium
 
   [Sven Hartge]
diff --git a/debian/control b/debian/control
index 19418610..7c310185 100644
--- a/debian/control
+++ b/debian/control
@@ -357,3 +357,13 @@ Description: network backup service - Bacula Administration Tool
  .
  This GUI interface has been designed to ease restore operations as much as
  possible as compared to the basic text console.
+
+Package: bacula-director-common
+Section: oldlibs
+Architecture: any
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ bacula-common (= ${binary:Version}),
+ ${misc:Depends}
+Description: transitional package
+ This is a transitional package. It can safely be removed.
diff --git a/debian/patches/non-forking-systemd-units.patch b/debian/patches/non-forking-systemd-units.patch
index 636c9153..03cdabd7 100644
--- a/debian/patches/non-forking-systemd-units.patch
+++ b/debian/patches/non-forking-systemd-units.patch
@@ -20,13 +20,13 @@ Author: Sven Hartge 
 -PIDFile=@piddir@/bacula-dir.@dir_port@.pid
 -ExecReload=@sbindir@/bacula-dir -t -c @sysconfdir@/bacula-dir.conf
 +Type=simple
-+User=bacula
-+Group=bacula
++User=root
++Group=root
 +Environment="CONFIG=/etc/bacula/bacula-dir.conf"
 +EnvironmentFile=-/etc/default/bacula-dir

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-01-15 Thread Carsten Leonhardt 
Julien Cristau  writes:

> On 01/15/2018 08:32 AM, Carsten Leonhardt wrote:
>> Julien Cristau  writes:
>> 
>>> Control: tag -1 moreinfo
>>>
>>> On Thu, Nov 16, 2017 at 00:02:29 +0100, Carsten Leonhardt wrote:
>>>
 2) Bug #880529: When updating from jessie to stretch, the package
 "bacula-director-common" will be removed, but the postrm will stay
 around. Upon purging this package, postrm unconditionally removes the
 main bacula configuration file /etc/bacula/bacula-dir.conf, leaving
 bacula unusable. We fix this by introducing a transitional package that
 can then be safely removed.

>>> It sounds like this won't solve the issue for anyone who has already
>>> upgraded but hasn't yet purged bacula-director-common.  Couldn't
>>> bacula-director's postinst neuter the old postrm instead?
>> 
>> Are you sure? I'd say that these people will get the upgrade to the
>> transitional package and this will remove the old postrm.
>> 
> How would they get an update to a removed package?  (Yes, I'm pretty sure.)

I see your point now. My proposed solution only helps people that still
have the package installed.

I'll work on a better solution.

Regards,

Carsten

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-01-15 Thread Julien Cristau 
On 01/15/2018 08:32 AM, Carsten Leonhardt wrote:
> Julien Cristau  writes:
> 
>> Control: tag -1 moreinfo
>>
>> On Thu, Nov 16, 2017 at 00:02:29 +0100, Carsten Leonhardt wrote:
>>
>>> 2) Bug #880529: When updating from jessie to stretch, the package
>>> "bacula-director-common" will be removed, but the postrm will stay
>>> around. Upon purging this package, postrm unconditionally removes the
>>> main bacula configuration file /etc/bacula/bacula-dir.conf, leaving
>>> bacula unusable. We fix this by introducing a transitional package that
>>> can then be safely removed.
>>>
>> It sounds like this won't solve the issue for anyone who has already
>> upgraded but hasn't yet purged bacula-director-common.  Couldn't
>> bacula-director's postinst neuter the old postrm instead?
> 
> Are you sure? I'd say that these people will get the upgrade to the
> transitional package and this will remove the old postrm.
> 
How would they get an update to a removed package?  (Yes, I'm pretty sure.)

Cheers,
Julien

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-01-14 Thread Carsten Leonhardt 
Julien Cristau  writes:

> Control: tag -1 moreinfo
>
> On Thu, Nov 16, 2017 at 00:02:29 +0100, Carsten Leonhardt wrote:
>
>> 2) Bug #880529: When updating from jessie to stretch, the package
>> "bacula-director-common" will be removed, but the postrm will stay
>> around. Upon purging this package, postrm unconditionally removes the
>> main bacula configuration file /etc/bacula/bacula-dir.conf, leaving
>> bacula unusable. We fix this by introducing a transitional package that
>> can then be safely removed.
>> 
> It sounds like this won't solve the issue for anyone who has already
> upgraded but hasn't yet purged bacula-director-common.  Couldn't
> bacula-director's postinst neuter the old postrm instead?

Are you sure? I'd say that these people will get the upgrade to the
transitional package and this will remove the old postrm.

Regards,

Carsten

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-01-13 Thread Julien Cristau 
Control: tag -1 moreinfo

On Thu, Nov 16, 2017 at 00:02:29 +0100, Carsten Leonhardt wrote:

> 2) Bug #880529: When updating from jessie to stretch, the package
> "bacula-director-common" will be removed, but the postrm will stay
> around. Upon purging this package, postrm unconditionally removes the
> main bacula configuration file /etc/bacula/bacula-dir.conf, leaving
> bacula unusable. We fix this by introducing a transitional package that
> can then be safely removed.
> 
It sounds like this won't solve the issue for anyone who has already
upgraded but hasn't yet purged bacula-director-common.  Couldn't
bacula-director's postinst neuter the old postrm instead?

Cheers,
Julien

Processed: Re: Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2018-01-13 Thread Debian Bug Tracking System 
Processing control commands:

> tag -1 moreinfo
Bug #881871 [release.debian.org] stretch-pu: package bacula/7.4.4+dfsg-6
Added tag(s) moreinfo.

-- 
881871: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=881871
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2017-12-01 Thread Carsten Leonhardt 
Hi,

is there anything else I can do to help this into the next stable
update?

Or at least only one of the changes?

Regards,

Carsten

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2017-11-18 Thread Carsten Leonhardt 
Hi,

> 2) Bug #880529: When updating from jessie to stretch, the package
> "bacula-director-common" will be removed, but the postrm will stay
> around. Upon purging this package, postrm unconditionally removes the
> main bacula configuration file /etc/bacula/bacula-dir.conf, leaving
> bacula unusable. We fix this by introducing a transitional package that
> can then be safely removed.

I just noticed that I left out a detail that might help understand the
problem: the configuration file used to be owned by the package
"bacula-director-common", but ownership moved to the new package
"bacula-director".

Regards,

Carsten

Bug#881871: stretch-pu: package bacula/7.4.4+dfsg-6

2017-11-15 Thread Carsten Leonhardt 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Hi,

we would like to fix the following two problems in stable:

1 ) The bacula packages are vulnerable to a security problem similar to
CVE 2017-14610 (PID files not owned by root). On the downside this
change disables a bacula feature that permits automatic tracebacks on a
crash. I've mailed the security team about this, they recommended a
stable update.

2) Bug #880529: When updating from jessie to stretch, the package
"bacula-director-common" will be removed, but the postrm will stay
around. Upon purging this package, postrm unconditionally removes the
main bacula configuration file /etc/bacula/bacula-dir.conf, leaving
bacula unusable. We fix this by introducing a transitional package that
can then be safely removed.

Regards,

Carsten

-- System Information:
Debian Release: 9.2
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'oldstable-updates'), (500, 
'oldoldstable'), (500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8), 
LANGUAGE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

diff -Nru bacula-7.4.4+dfsg/debian/bacula-director.init bacula-7.4.4+dfsg/debian/bacula-director.init
--- bacula-7.4.4+dfsg/debian/bacula-director.init	2017-02-26 13:39:25.0 +0100
+++ bacula-7.4.4+dfsg/debian/bacula-director.init	2017-11-15 22:55:15.0 +0100
@@ -67,7 +67,7 @@
 {
 	if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff -Nru bacula-7.4.4+dfsg/debian/bacula-fd.init bacula-7.4.4+dfsg/debian/bacula-fd.init
--- bacula-7.4.4+dfsg/debian/bacula-fd.init	2017-02-26 13:39:25.0 +0100
+++ bacula-7.4.4+dfsg/debian/bacula-fd.init	2017-11-15 22:55:15.0 +0100
@@ -54,7 +54,7 @@
 {
 	if $DAEMON -u $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -u $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff -Nru bacula-7.4.4+dfsg/debian/bacula-sd.init bacula-7.4.4+dfsg/debian/bacula-sd.init
--- bacula-7.4.4+dfsg/debian/bacula-sd.init	2017-02-26 13:39:25.0 +0100
+++ bacula-7.4.4+dfsg/debian/bacula-sd.init	2017-11-15 22:55:15.0 +0100
@@ -53,7 +53,7 @@
 {
 	if $DAEMON -g $BUSER -g $BGROUP -t -c $CONFIG > /dev/null 2>&1; then
 		start-stop-daemon --start --quiet --pidfile $PIDFILE \
-		--oknodo --exec $DAEMON --chuid $BUSER:$BGROUP -- -c $CONFIG
+		--oknodo --exec $DAEMON -- -g $BUSER -g $BGROUP -c $CONFIG
 		return 0
 	else
 		log_progress_msg "- the configtest"
diff -Nru bacula-7.4.4+dfsg/debian/changelog bacula-7.4.4+dfsg/debian/changelog
--- bacula-7.4.4+dfsg/debian/changelog	2017-02-26 13:39:25.0 +0100
+++ bacula-7.4.4+dfsg/debian/changelog	2017-11-15 22:55:15.0 +0100
@@ -1,3 +1,17 @@
+bacula (7.4.4+dfsg-6+deb9u1) stretch; urgency=medium
+
+  [Sven Hartge]
+  * Let PID files be owned by root. Mitigates a minor security problem
+similar to CVE 2017-14610. Note that this change disables automatic
+tracebacks.
+
+  [ Carsten Leonhardt ]
+  * Added transitional package bacula-director-common, the old leftover
+package can't be safely purged otherwise (it deletes
+/etc/bacula/bacula-dir.conf in postrm) (Closes: #880529)
+
+ -- Carsten Leonhardt   Wed, 15 Nov 2017 22:55:15 +0100
+
 bacula (7.4.4+dfsg-6) unstable; urgency=medium
 
   [Sven Hartge]
diff -Nru bacula-7.4.4+dfsg/debian/control bacula-7.4.4+dfsg/debian/control
--- bacula-7.4.4+dfsg/debian/control	2017-02-26 13:39:25.0 +0100
+++ bacula-7.4.4+dfsg/debian/control	2017-11-15 22:55:15.0 +0100
@@ -357,3 +357,13 @@
  .
  This GUI interface has been designed to ease restore operations as much as
  possible as compared to the basic text console.
+
+Package: bacula-director-common
+Section: oldlibs
+Architecture: any
+Pre-Depends: ${misc:Pre-Depends}
+Depends:
+ bacula-common (= ${binary:Version}),
+ ${misc:Depends}
+Description: transitional package
+ This is a transitional package. It can safely be removed.
diff -Nru bacula-7.4.4+dfsg/debian/patches/non-forking-systemd-units.patch bacula-7.4.4+dfsg/debian/patches/non-forking-systemd-units.patch
--- bacula-7.4.4+dfsg/debian/patches/non-forking-systemd-units.patch	2017-02-26 13:39:25.0 +0100
+++ bacula-7.4.4+dfsg/debian/patches/non-forking-systemd-units.patch	2017-11-15 22:55:15.0 +0100
@@ -20,13 +20,13 @@
 -PIDFile=@piddir@/bacula-dir.@dir_port@.pid