[Apt-listbugs-commits] [apt-listbugs] 01/04: read hook info through a fd (Closes: #671728)
Francesco Poli
frx-guest at alioth.debian.org
Fri Aug 30 17:41:55 UTC 2013
This is an automated email from the git hooks/post-receive script.
frx-guest pushed a commit to branch master
in repository apt-listbugs.
commit 9afccf95262a7d8a8ddc0a42e4f74e5b625999cb
Author: Francesco Poli (wintermute) <invernomuto at paranoici.org>
Date: Mon Aug 26 22:28:31 2013 +0200
read hook info through a fd (Closes: #671728)
Package actions (Pre-Install-Pkgs hook information, provided by apt or
other compatible package manager) is now read from a file descriptor
(specified in the APT_HOOK_INFO_FD environment variable).
This way, apt-listbugs no longer needs to explicitly re-open /dev/tty
and works properly inside su -c "command": this is a better fix for
bug #662983.
---
10apt-listbugs | 1 +
apt-listbugs | 32 ++++++++++++++++++++++++++++----
debian/README.Debian | 35 ++---------------------------------
debian/changelog | 4 ++++
debian/control | 3 ++-
debian/copyright | 1 +
lib/apt-listbugs/logic.rb | 33 ++++++---------------------------
7 files changed, 44 insertions(+), 65 deletions(-)
diff --git a/10apt-listbugs b/10apt-listbugs
index c4ac26b..1652874 100644
--- a/10apt-listbugs
+++ b/10apt-listbugs
@@ -3,4 +3,5 @@
DPkg::Pre-Install-Pkgs {"/usr/sbin/apt-listbugs apt";};
DPkg::Tools::Options::/usr/sbin/apt-listbugs "";
DPkg::Tools::Options::/usr/sbin/apt-listbugs::Version "2";
+DPkg::Tools::Options::/usr/sbin/apt-listbugs::InfoFD "20";
// AptListbugs::IgnoreRegexp "FTBFS";
diff --git a/apt-listbugs b/apt-listbugs
index 251b5dd..2f234b9 100755
--- a/apt-listbugs
+++ b/apt-listbugs
@@ -7,6 +7,7 @@
# Copyright (C) 2008-2013 Francesco Poli <invernomuto at paranoici.org>
# Copyright (C) 2009 Ryan Niebur <ryan at debian.org>
# Copyright (C) 2012 Justin B Rye <jbr at edlug.org.uk>
+# Copyright (C) 2013 Google Inc
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
@@ -119,7 +120,7 @@ apt-listbugs [-h] [-v] [-s <severities>] [-T <tags>] [-S <states>] [-B <bug#>] [
* -q, --quiet
Don't display progress bar. This option is assumed if stdout is not a
- terminal or if /dev/tty cannot be opened.
+ terminal.
* -C <apt.conf>, --aptconf <apt.conf>
@@ -132,7 +133,7 @@ apt-listbugs [-h] [-v] [-s <severities>] [-T <tags>] [-S <states>] [-B <bug#>] [
* -n, --force-no
Assumes that you select no for all questions. This option is
- assumed if stdout is not a terminal or if /dev/tty cannot be opened.
+ assumed if stdout is not a terminal.
* -d, --debug
@@ -143,7 +144,8 @@ apt-listbugs [-h] [-v] [-s <severities>] [-T <tags>] [-S <states>] [-B <bug#>] [
: apt
- Reads package actions from standard input (typically provided by apt
+ Reads package actions from a file descriptor specified in the
+ APT_HOOK_INFO_FD environment variable (typically provided by apt
or other compatible package manager; Pre-Install-Pkgs hook info
protocol version 2 is expected - see apt.conf(5) for more details).
@@ -171,6 +173,11 @@ apt-listbugs [-h] [-v] [-s <severities>] [-T <tags>] [-S <states>] [-B <bug#>] [
If http_proxy is set, the value is used for HTTP Proxy, unless
proxy settings are found in APT configuration (see below).
+: APT_HOOK_INFO_FD
+
+ File descriptor from which package actions will be read (apt or other
+ compatible package managers will write information to this file descriptor).
+
== CONFIGURATION FILE
apt-listbugs understands APT configuration file (see apt.conf). The
@@ -299,7 +306,23 @@ when "apt"
puts if $DEBUG
puts "Pre-Install-Pkgs hook info:" if $DEBUG
state=1
- STDIN.each { |pkg|
+ apt_hook_fd = ENV["APT_HOOK_INFO_FD"]
+ if apt_hook_fd.nil?
+ $stderr.print _("E: APT_HOOK_INFO_FD is undefined.\n")
+ exit 1
+ end
+ apt_hook_fd = apt_hook_fd.to_i
+ if apt_hook_fd == 0
+ $stderr.print _("E: APT_HOOK_INFO_FD is not correctly defined.\n")
+ exit 1
+ end
+ begin
+ apt_hook_stream = IO.open(apt_hook_fd, 'r')
+ rescue Errno::ENOENT
+ $stderr.puts sprintf(_("E: Cannot read from file descriptor %d"), apt_hook_fd)
+ exit 1
+ end
+ apt_hook_stream.each { |pkg|
pkg=pkg.rstrip
case state
when 1
@@ -363,6 +386,7 @@ when "apt"
end
end
}
+ apt_hook_stream.close
puts if $DEBUG
when "list", "rss"
ARGV.each { |pkg|
diff --git a/debian/README.Debian b/debian/README.Debian
index 1680496..0da5ceb 100644
--- a/debian/README.Debian
+++ b/debian/README.Debian
@@ -53,44 +53,13 @@ If you install www-browser, you can view bug lists in HTML.
sensible-browser from the sensible-utils package is also available.
-Need for a controlling terminal (/dev/tty)
-==========================================
+Need for a controlling terminal
+===============================
apt-listbugs requires a controlling terminal for user interaction.
It will default to non-interactive failure mode if its standard output
is not a tty.
-apt-listbugs will also default to non-interactive failure mode if it
-cannot open /dev/tty when running under an apt session.
-This may happen when apt-listbugs is (directly or indirectly) invoked
-inside su -c "command"; commands invoked this way will have no
-controlling terminal, because of a security fix applied to the package
-login from version 1:4.1.5-1 on (see bug #628843). Hence, if you want
-to use apt-listbugs interactively, please do *not* invoke it (or the
-package manager that will invoke it) through the su -c "command"
-mechanism.
-
-Also, please note that some package managers (such as aptitude, wajig,
-and possibly others), when run as a regular user, tend to gain root
-privileges through the su -c "command" mechanism, for the actions that
-need these privileges.
-Hence, if you want to use apt-listbugs interactively, please become root
-*before* invoking the package manager, as in:
-
- $ su -
- Password:
- # aptitude
-
-or
-
- $ sudo aptitude
-
-rather than:
-
- $ aptitude
-
-See bug #662983 for more details on this issue.
-
Current Design Limitation
=========================
diff --git a/debian/changelog b/debian/changelog
index 5881d2e..246d97f 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -18,6 +18,10 @@ apt-listbugs (0.1.10) UNRELEASED; urgency=low
dropping the ad-hoc HtmlTempfile
* improved 10apt-listbugs configuration file (enhanced English in a comment,
dropped redundant exit 10)
+ * fixed "should be able to read hook information through a named pipe"
+ (thanks to Serafeim Zanikolas for the initial patch!) and made
+ apt-listbugs no longer need to explicitly open /dev/tty, this being
+ a better fix for #662983 (Closes: #671728)
-- Francesco Poli (wintermute) <invernomuto at paranoici.org> Sat, 29 Jun 2013 17:18:26 +0200
diff --git a/debian/control b/debian/control
index 48bab5c..bdaffbf 100644
--- a/debian/control
+++ b/debian/control
@@ -11,8 +11,9 @@ Homepage: http://alioth.debian.org/projects/apt-listbugs/
Package: apt-listbugs
Architecture: all
-Depends: ${misc:Depends}, ruby1.8 (>= 1.8), libruby1.8 (>= 1.8.5), ruby-debian (>= 0.3.3), apt, ruby-gettext (>= 2.1.0), ruby-xmlparser, ruby-httpclient (>= 2.1.5.2-1)
+Depends: ${misc:Depends}, ruby1.8 (>= 1.8), libruby1.8 (>= 1.8.5), ruby-debian (>= 0.3.3), apt (>= 0.9.11), ruby-gettext (>= 2.1.0), ruby-xmlparser, ruby-httpclient (>= 2.1.5.2-1)
Suggests: reportbug, debianutils (>= 2.0) | www-browser | w3m
+Breaks: libapt-pkg4.12 (<< 0.9.11)
Description: tool which lists critical bugs before each apt installation
apt-listbugs is a tool which retrieves bug reports from the Debian Bug
Tracking System and lists them. Especially, it is intended to be invoked
diff --git a/debian/copyright b/debian/copyright
index 6b0f945..f33f158 100644
--- a/debian/copyright
+++ b/debian/copyright
@@ -10,6 +10,7 @@ Copyright (C) 2007 Jean Lepropre <jlepropre at gmail.com>
Copyright (C) 2008-2013 Francesco Poli <invernomuto at paranoici.org>
Copyright (C) 2009-2010 Ryan Niebur <ryan at debian.org>
Copyright (C) 2012 Justin B Rye <jbr at edlug.org.uk>
+Copyright (C) 2013 Google Inc
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
diff --git a/lib/apt-listbugs/logic.rb b/lib/apt-listbugs/logic.rb
index 66dec3c..251a2d6 100644
--- a/lib/apt-listbugs/logic.rb
+++ b/lib/apt-listbugs/logic.rb
@@ -239,19 +239,6 @@ class AppConfig
exit 1
end
- if @command == "apt"
- begin
- test_tty = File.open("/dev/tty")
- test_tty.close if test_tty
- rescue
- if @yes.nil?
- $stderr.puts _("W: cannot open /dev/tty - running inside su -c \"command\"? Switching to non-interactive failure mode (see /usr/share/doc/apt-listbugs/README.Debian.gz)")
- @yes = false
- end
- @quiet = true
- end
- end
-
@parser =
Debian::BTS::Parser::SoapIndex.new(@hostname, @port)
@@ -401,7 +388,7 @@ class Viewer
return false
when /^#?(\d+)$/
if @config.querybts != nil
- system("#{@config.querybts} -u text #{$1} < /dev/tty")
+ system("#{@config.querybts} -u text #{$1}")
else
@config.frontend.puts sprintf(_("You must install the reportbug package to be able to do this"))
end
@@ -665,7 +652,7 @@ class Viewer
tmp.close
puts "Invoking browser for #{tmp.path}" if $DEBUG
- browsercommandline = "#{@config.browser} #{tmp.path} < /dev/tty"
+ browsercommandline = "#{@config.browser} #{tmp.path}"
if system(browsercommandline)
puts "successfully invoked browser" if $DEBUG
else
@@ -677,20 +664,19 @@ class Viewer
private
def clear_stdin(parent = true)
- fd = @config.frontend.tty
- flags=fd.fcntl(Fcntl::F_GETFL)
+ flags=$stdin.fcntl(Fcntl::F_GETFL)
if parent
while clear_stdin(false)
nil
end
else
begin
- fd.read_nonblock(10000000)
+ $stdin.read_nonblock(10000000)
return true
rescue Errno::EAGAIN
return false
ensure
- fd.fcntl(Fcntl::F_SETFL, flags)
+ $stdin.fcntl(Fcntl::F_SETFL, flags)
end
end
end
@@ -1073,7 +1059,6 @@ end
class ConsoleFrontend
def initialize( config )
- @tty = nil
@old = ""
@config = config
end
@@ -1092,16 +1077,11 @@ class ConsoleFrontend
$stdout.puts msg
end
-
- def tty
- @tty ||= open("/dev/tty")
- end
-
def ask(msg)
$stdout.print "#{msg} "
$stdout.flush
line = nil
- line = self.tty.gets
+ line = $stdin.gets
if line != nil
line.chomp!
end
@@ -1129,7 +1109,6 @@ class ConsoleFrontend
end
def close
- @tty.close if @tty
end
end
--
Alioth's /usr/local/bin/git-commit-notice on /srv/git.debian.org/git/apt-listbugs/apt-listbugs.git
More information about the Apt-listbugs-commits
mailing list