Commit c3963adc authored by Simon McVittie's avatar Simon McVittie

Make dbus-daemon-launch-helper permissions more robust (Closes: #773107)

* postinst: use dpkg-statoverride to set the permissions for
  dbus-daemon-launch-helper (expected to be 04754 root:messagebus)
  as suggested in Policy §10.9. This avoids a temporarily broken state
  when an upgraded dbus is unpacked but not yet configured (Closes: #773107)
* preinst: opportunistically set up the same dpkg-statoverride entry
  if the group already exists, to avoid the same broken state during
  upgrades from older versions without needing Pre-Depends: adduser
* postrm: delete the dpkg-statoverride entry on purge
parent 86f93c87
dbus (1.8.12-2) unstable; urgency=medium
* postinst: use dpkg-statoverride to set the permissions for
dbus-daemon-launch-helper (expected to be 04754 root:messagebus)
as suggested in Policy §10.9. This avoids a temporarily broken state
when an upgraded dbus is unpacked but not yet configured (Closes: #773107)
* preinst: opportunistically set up the same dpkg-statoverride entry
if the group already exists, to avoid the same broken state during
upgrades from older versions without needing Pre-Depends: adduser
* postrm: delete the dpkg-statoverride entry on purge
-- Simon McVittie <smcv@debian.org> Sun, 21 Dec 2014 15:02:22 +0000
dbus (1.8.12-1) unstable; urgency=medium
* New upstream release 1.8.12
......
......@@ -31,9 +31,10 @@ if [ "$1" = configure ]; then
--disabled-password \
--group "$MESSAGEUSER"
# The preinst might have done this already, or a sysadmin might have
# set up their own dpkg-statoverride. Keep this in sync with the preinst.
if ! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then
chown root:"$MESSAGEUSER" "$LAUNCHER"
chmod 4754 "$LAUNCHER"
dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER"
fi
# This is idempotent, so it's OK to do every time. The system bus' init
......
......@@ -7,6 +7,12 @@ if [ "$1" = "purge" ] ; then
rm -f /var/lib/dbus/machine-id
rmdir /var/lib/dbus || true
LAUNCHER=/usr/lib/dbus-1.0/dbus-daemon-launch-helper
if dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1 ; then
dpkg-statoverride --remove "$LAUNCHER"
fi
fi
#DEBHELPER#
......
#!/bin/sh
set -e
MESSAGEUSER=messagebus
LAUNCHER=/usr/lib/dbus-1.0/dbus-daemon-launch-helper
# Avoid having the new $LAUNCHER temporarily go back to
# its permissions and ownership from the .deb (0755 root:root).
# We do this opportunistically - only if $MESSAGEUSER already exists
# (i.e. dbus is installed or has been installed in the past) - to avoid having
# to pre-depend on adduser, and we don't do it if the postinst or
# the sysadmin has already set up a dpkg-statoverride.
# Keep this in sync with the postinst.
if getent group "$MESSAGEUSER" >/dev/null && \
! dpkg-statoverride --list "$LAUNCHER" >/dev/null 2>&1; then
dpkg-statoverride --update --add root "$MESSAGEUSER" 4754 "$LAUNCHER"
fi
#DEBHELPER#
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment