February 2015 - openSUSE Bugs - openSUSE Mailing Lists

[Bug 518238] New: openSSH chroot security settings faulty
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

http://bugzilla.novell.com/show_bug.cgi?id=518238 Summary: openSSH chroot security settings faulty Classification: openSUSE Product: openSUSE 11.1 Version: Final Platform: x86 OS/Version: openSUSE 11.1 Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: marcus(a)swedcore.net QAContact: qa(a)suse.de Found By: --- User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.11) Gecko/2009060200 SUSE/3.0.11-0.1.1 Firefox/3.0.11 Whenever i tried to setup a chroot environment with OpenSSH the security settings for the user folder must be root or OpenSSH doesn't work, the only solution for now is to either create subfolders in the users chroot folder where the user can have write permissions or land them one step up in the hierarchy and thus making them see other chroot folder which is not good. I followed this Wiki page to the letter: http://en.opensuse.org/Openssh#SFTP_chroot_with_ChrootDirectory I have Swedish community users trying to set this up to with same result as me. This thread takes up the same issue: http://marc.info/?l=openssh-unix-dev&m=122640731518850&w=2 But the solution mentioned there is not acceptable because as it stats on the Wiki you make one folder the chroot folder and then mapping the users home folder relative to the chroot folder, in this scenario the users should get write permissions to his own folder, but that is not possible, thus breaking the functionality intended. So the question is, is this a bug or is it designed to act like this? Reproducible: Always Steps to Reproduce: Done accordingly to this wiki entry: http://en.opensuse.org/OpenSSH Actual Results: Gets a read only home folder root Expected Results: Getting a writable home folder, where they can create on folder and upload files directly to the root of their home folder. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 6

[Bug 788344] New: Improving go-doc package wanted
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=788344 https://bugzilla.novell.com/show_bug.cgi?id=788344#c0 Summary: Improving go-doc package wanted Classification: openSUSE Product: openSUSE 12.2 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Development AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: ke(a)suse.com QAContact: qa-bugs(a)suse.de CC: graham(a)andtech.eu, speilicke(a)suse.com Found By: Development Blocker: --- The go-doc package is rather bewildered. Many links do not work. Many files are included that do not make sense in a doc package (e.g., Makefile or the emacs mode (go-mode.el) that comes with a different package). Les is more. Please ship only those parts that are nicely interlinked via HTML cross-references. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 4

[Bug 735320] New: go: %{go_make_install} breaks Make.cmd builds
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=735320 https://bugzilla.novell.com/show_bug.cgi?id=735320#c0 Summary: go: %{go_make_install} breaks Make.cmd builds Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Development AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: dmacvicar(a)suse.com QAContact: qa(a)suse.de CC: graham(a)andtech.eu, speilicke(a)suse.com Found By: --- Blocker: --- If you build a go binary (not a package) you include Make.cmd instead of Make.pkg. Make.pkg installs in TARGDIR, which is set by the macro: %{go_make_install} to TARGDIR=%{buildroot}%{go_sitearch} This is right, as Make.pkg sets it as default to $(GOROOT)/pkg/$(GOOS)_$(GOARCH) But if you build a command, Make.cmd uses $GOBIN (/usr/bin), but it gets overriden by %{go_make_install} resulting in the binary to be installed in the package directory. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 2

[Bug 796918] New: obs-service-source_validator continues after failing to create TMPDIR
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=796918 https://bugzilla.novell.com/show_bug.cgi?id=796918#c0 Summary: obs-service-source_validator continues after failing to create TMPDIR Classification: openSUSE Product: openSUSE Factory Version: 12.3 Milestone 1 Platform: Other OS/Version: openSUSE 12.2 Status: NEW Severity: Critical Priority: P5 - None Component: Development AssignedTo: ro(a)suse.com ReportedBy: suse-beta(a)cboltz.de QAContact: qa-bugs(a)suse.de Found By: Beta-Customer Blocker: --- Created an attachment (id=519068) --> (http://bugzilla.novell.com/attachment.cgi?id=519068) patch for /usr/lib/obs/service/source_validators/20-files-present-and-referenced (copy&paste from a mail I'll send to opensuse-factory in a minute) Am Samstag, 5. Januar 2013 schrieb Jan Engelhardt: > First a full disk, now /tmp* is gone? :) It's still a full disk ;-) > ---------- Forwarded message ---------- > Subject: [obs submit-request 146816] openSUSE:Factory/canutils: > declined by factory-auto > > Comment: > Output of check script: > Source validator failed. Try "osc service localrun source_validator" > mktemp: failed to create directory via template > `/var/tmp/check_if_valid_source_dir-7SUGOd': No space left on device ^^^^^^^^^^^^^^^^^^^^^^^ mktemp failed because of a full disk. > /work/cd/lib/source_validators/20-files-present-and-referenced: line > 108: /tmp.spec: Permission denied Oh, how nice. The script continues with an empty $TMPDIR variable. Using mktemp -d ... || exit 1 would be a very good idea ;-) Please apply the attached patch ;-) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 7

[Bug 726712] New: x11-ssh-askpass is in /usr/lib regardless of architecture
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=726712 https://bugzilla.novell.com/show_bug.cgi?id=726712#c0 Summary: x11-ssh-askpass is in /usr/lib regardless of architecture Classification: openSUSE Product: openSUSE 12.1 Version: Factory Platform: Other OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: Basesystem AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: jeffm(a)suse.com QAContact: qa(a)suse.de Found By: Development Blocker: --- jeffm@jetfire:~> /usr/lib/ssh/ssh-askpass /usr/lib/ssh/ssh-askpass: line 36: /usr/lib64/ssh/x11-ssh-askpass: No such file or directory -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 13

[Bug 712683] New: disable ipv6 break ssh X11 tunnel
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=712683 https://bugzilla.novell.com/show_bug.cgi?id=712683#c0 Summary: disable ipv6 break ssh X11 tunnel Classification: openSUSE Product: openSUSE 12.1 Version: Milestone 3 Platform: All OS/Version: SuSE Other Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: diego.ercolani(a)gmail.com QAContact: qa(a)suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:5.0) Gecko/20100101 Firefox/5.0 When you disable ipv6 from the yast2 network, system correctly remove the assignation of ipv6 addresses from everywhere but there is an annoying bug in openssh that break the possibility to make X11 tunnels because it seems that ssh try to bind X11 tunnel to an ipv6 address even with ipv6 disabled causing this kind of message in /var/log/messages: Aug 17 16:47:28 franz2011 sshd[6300]: error: Failed to allocate internet-domain X11 display socket. this can avoided configuring correctly the file /etc/ssh/sshd_config with the parameter: AddressFamily inet and restarting sshd. This is done in according to this bug reported to debian bugsystem: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=422327#20 Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 5

[Bug 761977] New: Publishing:TeXLive: Can not build package texlive-specs
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=761977 https://bugzilla.novell.com/show_bug.cgi?id=761977#c0 Summary: Publishing:TeXLive: Can not build package texlive-specs Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other OS/Version: openSUSE 12.2 Status: NEW Severity: Major Priority: P5 - None Component: BuildService AssignedTo: werner(a)suse.com ReportedBy: werner(a)suse.com QAContact: adrian(a)suse.com Found By: Development Blocker: --- The last famous words from the virtual system is 6424 packages and 0 specfiles checked; 0 errors, 76 warnings. ... creating baselibs /.build/build: line 549: /usr/bin/chroot: Argument list too long [15324.871575] SysRq : Power Off Warning: clean shut down of the VM didn't work [15331.715541] Power down. How can I avoid this? Why the system is not able to copy back the 6424 packages build by the main spec file texlive-specs.spec? Do I've really create 2200 main packages for the 2200 spec files. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 7

[Bug 735288] New: go: make: /usr/lib/go/bin/8g: Command not found
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=735288 https://bugzilla.novell.com/show_bug.cgi?id=735288#c0 Summary: go: make: /usr/lib/go/bin/8g: Command not found Classification: openSUSE Product: openSUSE 12.1 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Development AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: dmacvicar(a)suse.com QAContact: qa(a)suse.de Found By: --- Blocker: --- go package installs binaries in %{_bindir} instead of $GOROOT/bin But if you use gomake, this looks for the compiler in GOBIN=$GOROOT/bin (as defined in Make.inc) resulting in a make: /usr/lib/go/bin/8g: Command not found -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 14

[Bug 891829] New: source_validator incorrectly parses conditionals in preamble
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=891829 https://bugzilla.novell.com/show_bug.cgi?id=891829#c0 Summary: source_validator incorrectly parses conditionals in preamble Classification: openSUSE Product: openSUSE.org Version: unspecified Platform: Other OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: BuildService AssignedTo: bnc-team-screening(a)forge.provo.novell.com ReportedBy: sbrabec(a)suse.com QAContact: adrian(a)suse.com CC: ro(a)suse.com Found By: --- Blocker: --- Created an attachment (id=602295) --> (http://bugzilla.novell.com/attachment.cgi?id=602295) util-linux.spec file passed to rpmbuild When processing new util-linux package, I got following error: error: Duplicate License entries in package: (main package) Aborting: service call failed: /usr/lib/obs/service/source_validator --outdir /tmp/tmpUOqaab However rpmbuild -ba util-linux.spec does not see any problems of this spec file. This statement is apparently incorrect. Looking at the spec file, I see: One License tag inside "%if %build_util_linux" - this one should be active. Second License tag inside "%if %build_python_libmount" and inside %else of "%if %build_util_linux" - this should be inactive. Third License tag inside "%if %build_util_linux_systemd" and inside %else of "%if %build_util_linux" - this should be inactive. According to the initial evaluation of variables, we should have: %define build_util_linux 1 %define build_util_linux_systemd 0 %define build_python_libmount 0 %define verify_sig 0 But if I look into preprocessed /tmp/check_if_valid_source_dir-5rRp5R/tmp.spec, I see that all are supposed to be 1. Note that this bug is triggered by format_spec_file (see bug 891152), which forces placing License tags to each %if branch. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 6

[Bug 638893] New: /usr/share/doc/packages/openssh/README.SuSE update wanted
by bugzilla_noreply＠novell.com 26 Dec '19

26 Dec '19

https://bugzilla.novell.com/show_bug.cgi?id=638893 https://bugzilla.novell.com/show_bug.cgi?id=638893#c0 Summary: /usr/share/doc/packages/openssh/README.SuSE update wanted Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: Other OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Other AssignedTo: anicka(a)novell.com ReportedBy: ke(a)novell.com QAContact: qa(a)suse.de Found By: Documentation Blocker: --- Please, update /usr/share/doc/packages/openssh/README.SuSE. I guess, by now we can remove 9.1 and earlier items. Also please remove the opener (Dear ...) and the closer (Your team). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

1 2