Public bug reported:
The following ansible configuration
--- BEGIN ---
- name: Allow users in group 'wireshark' to capture packets
ansible.builtin.debconf:
name: wireshark-common
question: wireshark-common/install-setuid
value: 'true'
vtype: boolean
--- END ---
sets the value correctly, however no group 'wireshark' is created, as it
is the case using 'dpkg-reconfigure wireshark-common' to accomplish the
same. The group creation code appears in 'postinst' of wireshark-common:
--- BEGIN file postinst ---
#!/bin/sh
set -e
. /usr/share/debconf/confmodule
PROGRAM=$(dpkg-divert --truename /usr/bin/dumpcap)
GROUP=wireshark
if ! dpkg-statoverride --list $PROGRAM > /dev/null; then
db_get wireshark-common/install-setuid
if [ -e "$PROGRAM" ]; then
if [ "$RET" = "false" ] ; then
chown root:root $PROGRAM
chmod u=rwx,go=rx $PROGRAM
else
if ! addgroup --quiet --system $GROUP; then
if ! getent group wireshark > /dev/null; then
db_input high wireshark-common/addgroup-failed || true
db_go
exit 1
else
db_input high wireshark-common/group-is-user-group || true
db_go
fi
fi
chown root:$GROUP $PROGRAM
if which setcap > /dev/null ; then
chmod u=rwx,g=rx,o=r $PROGRAM
if ! setcap cap_net_raw,cap_net_admin=eip $PROGRAM; then
db_input high wireshark-common/setcap-failed || true
db_go
chmod u=rwxs,g=rx,o=r $PROGRAM
fi
else
chmod u=rwxs,g=rx,o=r $PROGRAM
fi
fi
fi
else
dpkg-statoverride --list $PROGRAM
fi
--- END file postinst ---
Not sure whether this is a bug or simply a missing feature.
** Affects: ansible (Ubuntu)
Importance: Undecided
Status: New
** Description changed:
- The following configuration
+ The following ansible configuration
- > - name: Allow users in group 'wireshark' to capture packets
- > ansible.builtin.debconf:
- > name: wireshark-common
- > question: wireshark-common/install-setuid
- > value: 'true'
- > vtype: boolean
+ --- BEGIN ---
+
+ - name: Allow users in group 'wireshark' to capture packets
+ ansible.builtin.debconf:
+ name: wireshark-common
+ question: wireshark-common/install-setuid
+ value: 'true'
+ vtype: boolean
+
+ --- END ---
sets the value correctly, however no group 'wireshark' is created, as it
is the case using 'dpkg-reconfigure wireshark-common' to accomplish the
same. The group creation code appears in 'postinst' of wireshark-common:
- <pre>
- #!/bin/sh
+ --- BEGIN file postinst ---
+
+ #!/bin/sh
set -e
. /usr/share/debconf/confmodule
PROGRAM=$(dpkg-divert --truename /usr/bin/dumpcap)
GROUP=wireshark
if ! dpkg-statoverride --list $PROGRAM > /dev/null; then
- db_get wireshark-common/install-setuid
- if [ -e "$PROGRAM" ]; then
- if [ "$RET" = "false" ] ; then
- chown root:root $PROGRAM
- chmod u=rwx,go=rx $PROGRAM
- else
- if ! addgroup --quiet --system $GROUP; then
- if ! getent group wireshark > /dev/null; then
- db_input high wireshark-common/addgroup-failed || true
- db_go
- exit 1
- else
- db_input high wireshark-common/group-is-user-group || true
- db_go
- fi
- fi
- chown root:$GROUP $PROGRAM
- if which setcap > /dev/null ; then
- chmod u=rwx,g=rx,o=r $PROGRAM
- if ! setcap cap_net_raw,cap_net_admin=eip $PROGRAM; then
- db_input high wireshark-common/setcap-failed || true
- db_go
- chmod u=rwxs,g=rx,o=r $PROGRAM
- fi
- else
- chmod u=rwxs,g=rx,o=r $PROGRAM
- fi
- fi
- fi
+ db_get wireshark-common/install-setuid
+ if [ -e "$PROGRAM" ]; then
+ if [ "$RET" = "false" ] ; then
+ chown root:root $PROGRAM
+ chmod u=rwx,go=rx $PROGRAM
+ else
+ if ! addgroup --quiet --system $GROUP; then
+ if ! getent group wireshark > /dev/null; then
+ db_input high wireshark-common/addgroup-failed || true
+ db_go
+ exit 1
+ else
+ db_input high wireshark-common/group-is-user-group || true
+ db_go
+ fi
+ fi
+ chown root:$GROUP $PROGRAM
+ if which setcap > /dev/null ; then
+ chmod u=rwx,g=rx,o=r $PROGRAM
+ if ! setcap cap_net_raw,cap_net_admin=eip $PROGRAM; then
+ db_input high wireshark-common/setcap-failed || true
+ db_go
+ chmod u=rwxs,g=rx,o=r $PROGRAM
+ fi
+ else
+ chmod u=rwxs,g=rx,o=r $PROGRAM
+ fi
+ fi
+ fi
else
- dpkg-statoverride --list $PROGRAM
+ dpkg-statoverride --list $PROGRAM
fi
- </pre>
- (Not sure whether this is a bug or simply a missing feature.)
+ --- END file postinst ---
+
+ Not sure whether this is a bug or simply a missing feature.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1919379
Title:
debconf module: does not execute postinst
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ansible/+bug/1919379/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
