[Apt-listbugs-commits] [SCM] apt-listbugs development tree branch, master, updated. apt-listbugs/0.1.6-6-g4e77151

Francesco Poli (wintermute) invernomuto at paranoici.org
Sat May 5 16:58:48 UTC 2012 

The following commit has been merged in the master branch:
commit 4e77151495e67094b17bf2b11ebc4d2337c691ea
Author: Francesco Poli (wintermute) <invernomuto at paranoici.org>
Date:   Sat May 5 18:42:26 2012 +0200

    work around the crash in su -c (Closes: #662983)
    
    Until a more radical fix can be implemented (probably by having
    apt-get, aptitude and other compatible package managers to change
    the way hook information is sent to invoked commands), this
    bug is worked around by preventing apt-listbugs from crashing, when
    it cannot open /dev/tty: it now detects this situation, warns the
    user, and switches to non-interactive failure mode.
    
    The reason why is explained in an appropriate README.Debian section.

diff --git a/apt-listbugs b/apt-listbugs
index 58d67cb..f48e878 100755
--- a/apt-listbugs
+++ b/apt-listbugs
@@ -4,7 +4,7 @@
 #
 # Copyright (C) 2002       Masato Taruishi <taru at debian.org>
 # Copyright (C) 2006-2008  Junichi Uekawa <dancer at debian.org>
-# Copyright (C) 2008-2011  Francesco Poli <invernomuto at paranoici.org>
+# Copyright (C) 2008-2012  Francesco Poli <invernomuto at paranoici.org>
 # Copyright (C) 2009       Ryan Niebur <ryan at debian.org>
 #
 #  This program is free software; you can redistribute it and/or modify
@@ -99,7 +99,7 @@ apt-listbugs [-h] [-v] [-s <severities>] [-T <tags>] [-S <stats>] [-B <bug#>] [-
 * -q | --quiet
 
   Don't display progress bar. This option is assumed if stdout is not a 
-  terminal.
+  terminal or if /dev/tty cannot be opened.
 
 * -C <apt.conf> | --aptconf <apt.conf>
 
@@ -112,7 +112,7 @@ apt-listbugs [-h] [-v] [-s <severities>] [-T <tags>] [-S <stats>] [-B <bug#>] [-
 * -n | --force-no
 
   Assumes that you select no for all questions.  This option is
-  assumed if stdout is not a terminal.
+  assumed if stdout is not a terminal or if /dev/tty cannot be opened.
 
 * -d | --debug
 
diff --git a/debian/README.Debian b/debian/README.Debian
index 01156d1..62eb955 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -39,9 +39,6 @@ Notes
 This version of 'apt-listbugs' uses the Debian BTS SOAP interface for
 bug retrieval.
 
-'apt-listbugs' requires a console for user interaction. It will
-default to non-interactive failure mode, if tty is not available.
-
 'apt-listbugs' has a simple built-in interactive viewer. It uses
 querybts program as a back-end. To enable this feature, you need to
 install the 'reportbug' package. In addition, you can select broken
@@ -56,6 +53,41 @@ If you install www-browser, you can view bug lists in HTML.
 sensible-browser from the 'sensible-utils' package is also available.
 
 
+Need for a controlling terminal (/dev/tty)
+==========================================
+
+'apt-listbugs' requires a controlling terminal for user interaction.
+It will default to non-interactive failure mode, if its standard output
+is not a tty.
+
+It will also switch to non-interactive failure mode, if it cannot open
+/dev/tty .
+This may happen when 'apt-listbugs' is (directly or indirectly) invoked
+inside an  su -c "command" : commands invoked this way will have no
+controlling terminal, because of a security fix applied to package
+login from version 1:4.1.5-1 on (see bug #628843). Hence, if you want
+to use 'apt-listbugs' interactively, please do *not* invoke it (or the
+package manager that will invoke it) through the  su -c "command"
+mechanism. 
+
+Also, please note that some package managers (such as aptitude, wajig,
+and possibly other ones), when run as a regular user, tend to gain root
+privileges through the  su -c "command"  mechanism, for the actions that
+need these privileges.
+Hence, if you want to use 'apt-listbugs' interactively, please become root
+*before* invoking the package manager, as in:
+
+    $ su -
+    Password:
+    # aptitude
+
+rather than:
+
+    $ aptitude
+
+See bug #662983 for more details on this issue.
+
+
 Current Design Limitation
 =========================
 
diff --git a/debian/changelog b/debian/changelog
index 2ba5735..d33bf2e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -14,8 +14,11 @@ apt-listbugs (0.1.7) UNRELEASED; urgency=low
   * worked around "'W: Failed to invoke browser.' when run under sudo":
     when invoking a browser, do not switch to another user, not even
     when apt-listbugs is run under sudo (Closes: #662865)
+  * worked around "When called by aptitude, apt-listbugs crash and precludes
+    the package upgrade": switch to non-interactive failure mode, if /dev/tty
+    cannot be opened; explain why in README.Debian (Closes: #662983)
 
- -- Francesco Poli (wintermute) <invernomuto at paranoici.org>  Mon, 09 Apr 2012 18:03:33 +0200
+ -- Francesco Poli (wintermute) <invernomuto at paranoici.org>  Tue, 01 May 2012 23:46:09 +0200
 
 apt-listbugs (0.1.6) unstable; urgency=low
 
diff --git a/lib/apt-listbugs/logic.rb b/lib/apt-listbugs/logic.rb
index 4dd0e9a..d77b8c8 100644
--- a/lib/apt-listbugs/logic.rb
+++ b/lib/apt-listbugs/logic.rb
@@ -174,6 +174,15 @@ class AppConfig
       @yes = false if @yes.nil?
     end
 
+    begin
+      test_tty = File.open("/dev/tty")
+      test_tty.close if test_tty
+    rescue
+      $stderr.puts _("W: cannot open /dev/tty: running inside su -c \"command\"? switching to non-interactive mode, please see README.Debian.")
+      @quiet = true
+      @yes = false if @yes.nil?
+    end
+
     @title = "Debian Bugs (#{@severity.join(', ')})" if ! @title
 
     # http_proxy sanity check

-- 
apt-listbugs development tree

More information about the Apt-listbugs-commits mailing list