[Pkg-samba-maint] r3272 - trunk/samba/debian

bubulle at alioth.debian.org bubulle at alioth.debian.org
Sat Feb 6 15:56:19 UTC 2010


tags 567554 pending
thanks

Author: bubulle
Date: 2010-02-06 15:56:15 +0000 (Sat, 06 Feb 2010)
New Revision: 3272

Added:
   trunk/samba/debian/smbfs.NEWS
Removed:
   trunk/samba/debian/smbfs.TODO
   trunk/samba/debian/smbfs.lintian
Modified:
   trunk/samba/debian/changelog
   trunk/samba/debian/rules
Log:
No longer maker (u)mount.cifs setuid root


Modified: trunk/samba/debian/changelog
===================================================================
--- trunk/samba/debian/changelog	2010-02-06 11:32:30 UTC (rev 3271)
+++ trunk/samba/debian/changelog	2010-02-06 15:56:15 UTC (rev 3272)
@@ -1,9 +1,15 @@
 samba (2:3.4.5~dfsg-2) UNRELEASED; urgency=low
 
+  [ Steve langasek ]
   * Revert the "bashisms" fix from version 2:3.3.0~rc2-4; "local foo=bar"
     is explicitly allowed by Policy now, and this change introduced a
     syntax error.  Closes: #566946.
 
+  [ Christian Perrier ]
+  * No longer maker (u)mount.cifs setuid root. Add a notice
+    about this in the package's NEWS.Debian file
+    Closes: #567554 
+
  -- Steve Langasek <vorlon at debian.org>  Mon, 25 Jan 2010 20:28:24 -0800
 
 samba (2:3.4.5~dfsg-1) unstable; urgency=low

Modified: trunk/samba/debian/rules
===================================================================
--- trunk/samba/debian/rules	2010-02-06 11:32:30 UTC (rev 3271)
+++ trunk/samba/debian/rules	2010-02-06 15:56:15 UTC (rev 3272)
@@ -229,7 +229,7 @@
 	DH_OPTIONS= dh_installinit -psamba -- "defaults 20 19"
 	DH_OPTIONS= dh_installinit -pwinbind
 	dh_installcron 
-	for pkg in samba samba-common smbfs winbind; do \
+	for pkg in samba samba-common winbind; do \
 	  install -m 0644 -D debian/$$pkg.lintian debian/$$pkg/usr/share/lintian/overrides/$$pkg || exit; \
 	done
 	dh_installchangelogs -Nlibpam-smbpass
@@ -244,11 +244,6 @@
 	# it becomes executable
 	chmod a-x debian/libsmbclient-dev/usr/include/libsmbclient.h
 
-ifeq ($(mount_cifs),yes)
-	chmod u+s debian/smbfs/sbin/mount.cifs
-	chmod u+s debian/smbfs/sbin/umount.cifs
-endif
-
 	# Set some reasonable default perms for the samba logdir.
 	chmod 0750 debian/samba-common/var/log/samba/
 	chown root:adm debian/samba-common/var/log/samba/

Added: trunk/samba/debian/smbfs.NEWS
===================================================================
--- trunk/samba/debian/smbfs.NEWS	                        (rev 0)
+++ trunk/samba/debian/smbfs.NEWS	2010-02-06 15:56:15 UTC (rev 3272)
@@ -0,0 +1,10 @@
+smbfs (2:3.4.5~dfsg-2) unstable; urgency=low
+
+  * As of this version, the mount.cifs binary is no longer setuid.
+    Upstream has always been increasingly unsupportive of this
+    configuration over time. For instance, in bugs like
+    https://bugzilla.samba.org/show_bug.cgi?id=6853, it is clearly
+    mentioned that having it setuid root is discouraged.
+    
+ -- Christian Perrier <bubulle at debian.org>  Sat, 06 Feb 2010 15:09:00 +0100
+    
\ No newline at end of file

Deleted: trunk/samba/debian/smbfs.TODO
===================================================================
--- trunk/samba/debian/smbfs.TODO	2010-02-06 11:32:30 UTC (rev 3271)
+++ trunk/samba/debian/smbfs.TODO	2010-02-06 15:56:15 UTC (rev 3272)
@@ -1,7 +0,0 @@
-- There is concern about the setuid status of binaries in this package.
-  The audit status of the concerned binaries is unclear.  We should
-  figure out whether it is reasonable to provide the flexible user mount
-  capabilities or whether a more restricted setup is better, at least by
-  default.
-
-Last change: 2006-01-25

Deleted: trunk/samba/debian/smbfs.lintian
===================================================================
--- trunk/samba/debian/smbfs.lintian	2010-02-06 11:32:30 UTC (rev 3271)
+++ trunk/samba/debian/smbfs.lintian	2010-02-06 15:56:15 UTC (rev 3272)
@@ -1,2 +0,0 @@
-smbfs: setuid-binary sbin/mount.cifs 4755 root/root
-smbfs: setuid-binary sbin/umount.cifs 4755 root/root




More information about the Pkg-samba-maint mailing list