[pkg-fetchmail-maint] Bug#321272: apt-get install fails: "chown:
`fetchmail:nogroup': invalid user"
Loic Minier
lool at dooz.org
Tue Oct 18 09:50:12 UTC 2005
reopen 321272
tags 321272 + patch
retitle 321272 Create fetchmail user correctly
thanks
Hi,
On Tue, Oct 18, 2005, Håvard Dahle wrote:
> >>>chown: `fetchmail:nogroup': invalid user
> >2) The adduser call fails on my system. Take a look at this (I extracted
> > the actual adduser call and ran it in the cli):
=> the fact you didn't see the failure is a bug in fetchmail [0]
> > rasha:~# adduser --system --ingroup nogroup --home /var/run/fetchmail \
> > --shell /bin/sh --disabled-password fetchmail
> > adduser: Warning: The home dir you specified already exists.
=> that's a bug in fetchmail, [1]
> > Adding system user `fetchmail'...
> > Adding new user `fetchmail' (107) with group `nogroup'.
> > chage: can't open shadow password fileadduser: `/usr/bin/chage -M 99999
=> that's a bug in adduser, [2]
> > fetchmail' returned error code 1. Aborting.
> > Cleaning up.
> > Removing user `fetchmail'.
> >Now, I have no clue what `chage' and `shadow password' really mean, but
> >hopefully someone who reads this report does.
> Ok, so I snooped a bit further, and looking at bug 316217 put me on the
> right track. Shadow passwords were in fact not enabled on my system.
I see a lot of problems here, comments below.
> So running
> > # dpkg-reconfigure -plow passwd
> and enabling shadow was all there was to it. Now the `fetchmail' package
> installs, uninstalls and installs cleanly on my system. Progress!
That shouldn't be necessary.
> May I suggest a thorough revision of the `postinst' script - it feels a
> bit hacky to me.
I agree.
> But as I said earlier: I really don't get all of what chage and shadow
> passwords are all about.
Chage is a setgid tool similar to "chsh", "chfn" or "passwd", to update
informations stored in the passwd and shadow databases, such as your
name, the expiry time of your password, your password, your shell etc.
Shadow is the database, usually in /etc/shadow, to store passwords
separately from user information, and to store password
meta-information such as expiry information.
[0] Fetchmail should not add "|| true" to the adduser line if it
expects the user to be created! It is also hiding the failure with
">/dev/null 2>&1". It should only create the user if it doesn't exist,
and hence should check with getent first; see attached patch.
[1] Fetchmail is manually creating the directory, and doesn't want
adduser to create it, it should use --no-create-home; see attached
patch.
[2] I think this might have been fixed in the last adduser package:
adduser (3.67.2) unstable; urgency=low
* duh. _really_ handle the changed chage exit code.
Thanks to Nicolas François. (mh)
-- Marc Haber <mh+debian-packages at zugschlus.de> Sat, 1 Oct 2005 11:11:07 +0000
adduser (3.67.1) unstable; urgency=low
* versioned depends on passwd >> 1:4.0.12 because of the changed
chage exit code (now, 15) in the "shadow passwod not enabled"
case. Earlier versions return 3 or even a normal 1 in that case.
-- Marc Haber <mh+debian-packages at zugschlus.de> Mon, 26 Sep 2005 08:45:00 +0000
Please test and include the attached patch (I did not test it).
Cheers,
--
Loïc Minier <lool at dooz.org>
-------------- next part --------------
diff -urN fetchmail-6.2.5.orig/debian/changelog fetchmail-6.2.5/debian/changelog
--- fetchmail-6.2.5.orig/debian/changelog 2005-10-18 11:27:49.000000000 +0200
+++ fetchmail-6.2.5/debian/changelog 2005-10-18 11:49:25.000000000 +0200
@@ -1,3 +1,13 @@
+fetchmail (6.2.5-19) unstable; urgency=low
+
+ * Fix adduser logic in postinst (Closes: #321272) to:
+ - check whether the fetchmail user already exist
+ - fail if we it can't be created
+ - not create /var/run/fetchmail via adduser
+ - respect the permissions of /var/run/fetchmail on upgrade
+
+ -- Loic Minier <lool at dooz.org> Tue, 18 Oct 2005 11:47:18 +0200
+
fetchmail (6.2.5-18) unstable; urgency=low
* Nico Golde:
diff -urN fetchmail-6.2.5.orig/debian/fetchmail.postinst fetchmail-6.2.5/debian/fetchmail.postinst
--- fetchmail-6.2.5.orig/debian/fetchmail.postinst 2005-10-18 11:27:49.000000000 +0200
+++ fetchmail-6.2.5/debian/fetchmail.postinst 2005-10-18 11:46:57.000000000 +0200
@@ -6,13 +6,14 @@
set -e
-# Create fetchmail user and its homedir if we may need it
-adduser --system --ingroup nogroup --home /var/run/fetchmail \
- --shell /bin/sh --disabled-password fetchmail >/dev/null 2>&1 || true
-# work around possible adduser bug, see #119366
-[ -d /var/run/fetchmail ] || mkdir -p /var/run/fetchmail
-chmod 700 /var/run/fetchmail
-chown -h -R fetchmail:nogroup /var/run/fetchmail
+if ! getent passwd fetchmail >/dev/null; then
+ adduser --quiet --system --no-create-home --home /var/run/fetchmail fetchmail
+fi
+if ! [ -d /var/run/fetchmail ]; then
+ mkdir -p /var/run/fetchmail
+ chmod 700 /var/run/fetchmail
+ chown -h -R fetchmail:nogroup /var/run/fetchmail
+fi
if [ -x /etc/init.d/fetchmail ]; then
update-rc.d fetchmail defaults 99 15 >/dev/null
More information about the pkg-fetchmail-maint
mailing list