Debian Bug report logs - #218182
debconf truncated config.dat

Reply or subscribe to this bug.

Display info messages

Message #5 received at [email protected] (full text, mbox, reply):

From: Wookey <[email protected]>

To: Debian Bug Tracking System <[email protected]>

Subject: man-db: Woody security update install fails in postinst

Date: Wed, 29 Oct 2003 14:55:28 +0000

Package: man-db
Version: 2.3.20-18.woody.4
Severity: important

when I do the upgrade (with set -o xtrace in the postinst script) I get:
Setting up man-db (2.3.20-18.woody.4) ...
+ '[' configure = configure ']'
+ oldcatdir=/var/catman
+ catdir=/var/cache/man
+ maybesetuid=man mandb
+ conffile=/etc/manpath.config
+ . /usr/share/debconf/confmodule
++ '[' '!' '' ']'
++ exec /usr/share/debconf/frontend /var/lib/dpkg/info/man-db.postinst
configure 2.3.20-18
dpkg: error processing man-db (--configure):
 subprocess post-installation script returned error exit status 10
 
so it seems to call itself again via frontend, which seems to exit with no
error. I don't really understand what's going on here, but I've had man-db
unconfigurable for a while now and I'm not sure sure how to track it down
further, and am presumably still exposed to the problem it was intended to
fix.

Clues appreciated.

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux stoneboat.aleph1.co.uk 2.4.20 #7 Sun Apr 20 21:39:55 BST 2003 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages man-db depends on:
ii  bsdmainutils           5.20020211-4.99   More utilities from FreeBSD.
ii  debconf                1.0.32            Debian configuration management sy
ii  dpkg                   1.9.21            Package maintenance system for Deb
ii  groff                  1.17.2-15.woody.1 GNU troff text-formatting system
ii  groff-base             1.17.2-15.woody.1 GNU troff text-formatting system (
ii  libc6                  2.2.5-11.5        GNU C Library: Shared libraries an
ii  libdb2                 2:2.7.7.0-7       The Berkeley database routines (ru

Message #10 received at [email protected] (full text, mbox, reply):

From: Colin Watson <[email protected]>

To: Wookey <[email protected]>, [email protected]

Subject: Re: Bug#218182: man-db: Woody security update install fails in postinst

Date: Wed, 29 Oct 2003 15:09:33 +0000

On Wed, Oct 29, 2003 at 02:55:28PM +0000, Wookey wrote:
> Package: man-db
> Version: 2.3.20-18.woody.4
> Severity: important
> 
> when I do the upgrade (with set -o xtrace in the postinst script) I get:
> Setting up man-db (2.3.20-18.woody.4) ...
> + '[' configure = configure ']'
> + oldcatdir=/var/catman
> + catdir=/var/cache/man
> + maybesetuid=man mandb
> + conffile=/etc/manpath.config
> + . /usr/share/debconf/confmodule
> ++ '[' '!' '' ']'
> ++ exec /usr/share/debconf/frontend /var/lib/dpkg/info/man-db.postinst
> configure 2.3.20-18
> dpkg: error processing man-db (--configure):
>  subprocess post-installation script returned error exit status 10
>  
> so it seems to call itself again via frontend, which seems to exit with no
> error.

The inner call is normal for debconfiscated maintainer scripts. Could I
see the output with DEBCONF_DEBUG=developer in the environment? I
suspect a corrupted debconf database.

> I don't really understand what's going on here, but I've had man-db
> unconfigurable for a while now and I'm not sure sure how to track it down
> further, and am presumably still exposed to the problem it was intended to
> fix.

FWIW, it's only a security problem when /usr/lib/man-db/{man,mandb} are
setuid, which is optional although required for cat page support.

Cheers,

-- 
Colin Watson                                  [[email protected]]

Message #15 received at [email protected] (full text, mbox, reply):

From: Wookey <[email protected]>

To: Colin Watson <[email protected]>

Cc: Wookey <[email protected]>, [email protected]

Subject: Re: Bug#218182: man-db: Woody security update install fails in postinst

Date: Wed, 29 Oct 2003 15:33:52 +0000

+++ Colin Watson [03-10-29 15:09 +0000]:
> On Wed, Oct 29, 2003 at 02:55:28PM +0000, Wookey wrote:

> > so it seems to call itself again via frontend, which seems to exit with no
> > error.
> 
> The inner call is normal for debconfiscated maintainer scripts. Could I
> see the output with DEBCONF_DEBUG=developer in the environment? I
> suspect a corrupted debconf database.

OK - here it is. looks like you could be right. Does this 'doesn't exist'
confirm? Clues on fixing it welcome. thanx. (and for the very quick response
- I'm impressed :-)

wookey@stoneboat:/home$ DEBCONF_DEBUG=developer sudo dpkg --configure man-db
Setting up man-db (2.3.20-18.woody.4) ...
+ '[' configure = configure ']'
+ oldcatdir=/var/catman
+ catdir=/var/cache/man
+ maybesetuid=man mandb
+ conffile=/etc/manpath.config
+ . /usr/share/debconf/confmodule
++ '[' '!' '' ']'
++ exec /usr/share/debconf/frontend /var/lib/dpkg/info/man-db.postinst
configure 2.3.20-18
debconf (developer): frontend started
debconf (developer): frontend running, package name is man-db
debconf (developer): starting /var/lib/dpkg/info/man-db.config configure
2.3.20-18
debconf (developer): <-- VERSION 2.0
debconf (developer): --> 0 2.0
debconf (developer): <-- INPUT medium man-db/install-setuid
debconf (developer): --> 10 "man-db/install-setuid" doesn't exist
debconf (developer): <-- GO 
debconf (developer): --> 0 ok
debconf (developer): <-- GET man-db/install-setuid
debconf (developer): --> 10 man-db/install-setuid doesn't exist
dpkg: error processing man-db (--configure):
 subprocess post-installation script returned error exit status 10
 

> > I don't really understand what's going on here, but I've had man-db
> > unconfigurable for a while now and I'm not sure sure how to track it down
> > further, and am presumably still exposed to the problem it was intended to
> > fix.
> 
> FWIW, it's only a security problem when /usr/lib/man-db/{man,mandb} are
> setuid, which is optional although required for cat page support.

Right - I think I recall that now, and mine aren't so it's only an annoying
message every time I dpkg :-) (I have 4 of these right now and decided it
was time to get to the bottom of them all)

Wookey
-- 
Aleph One Ltd, Bottisham, CAMBRIDGE, CB5 9BA, UK  Tel +44 (0) 1223 811679
work: http://www.aleph1.co.uk/     play: http://www.chaos.org.uk/~wookey/

Message #20 received at [email protected] (full text, mbox, reply):

From: Colin Watson <[email protected]>

To: Wookey <[email protected]>, [email protected]

Subject: Re: Bug#218182: man-db: Woody security update install fails in postinst

Date: Wed, 29 Oct 2003 16:04:17 +0000

On Wed, Oct 29, 2003 at 03:33:52PM +0000, Wookey wrote:
> +++ Colin Watson [03-10-29 15:09 +0000]:
> > On Wed, Oct 29, 2003 at 02:55:28PM +0000, Wookey wrote:
> > > so it seems to call itself again via frontend, which seems to exit
> > > with no error.
> > 
> > The inner call is normal for debconfiscated maintainer scripts.
> > Could I see the output with DEBCONF_DEBUG=developer in the
> > environment? I suspect a corrupted debconf database.
> 
> OK - here it is. looks like you could be right. Does this 'doesn't
> exist' confirm? Clues on fixing it welcome. thanx. (and for the very
> quick response - I'm impressed :-)

I was just waiting for builds at work anyway ;)

> wookey@stoneboat:/home$ DEBCONF_DEBUG=developer sudo dpkg --configure man-db
[...]
> debconf (developer): <-- GET man-db/install-setuid
> debconf (developer): --> 10 man-db/install-setuid doesn't exist
> dpkg: error processing man-db (--configure):
>  subprocess post-installation script returned error exit status 10

It does confirm that theory, yes. Keep a copy of everything in
/var/cache/debconf, which I suspect joeyh@ will want to see, and run
/usr/share/debconf/fix_db.pl.

Cheers,

-- 
Colin Watson                                  [[email protected]]

Message #25 received at [email protected] (full text, mbox, reply):

From: Wookey <[email protected]>

To: Colin Watson <[email protected]>

Cc: [email protected]

Subject: Re: Bug#218182: man-db: Woody security update install fails in postinst

Date: Wed, 29 Oct 2003 17:12:44 +0000

+++ Colin Watson [03-10-29 16:04 +0000]:
> On Wed, Oct 29, 2003 at 03:33:52PM +0000, Wookey wrote:
> > +++ Colin Watson [03-10-29 15:09 +0000]:
> > > environment? I suspect a corrupted debconf database.

> > debconf (developer): <-- GET man-db/install-setuid
> > debconf (developer): --> 10 man-db/install-setuid doesn't exist
> > dpkg: error processing man-db (--configure):
> >  subprocess post-installation script returned error exit status 10
> 
> It does confirm that theory, yes. Keep a copy of everything in
> /var/cache/debconf, which I suspect joeyh@ will want to see, and run
> /usr/share/debconf/fix_db.pl.

OK - that did the trick (and indeed fixed all the other packages that
wouldn't install too (mysql-server, proftpd, ssh). So you can close this, or
perhaps move it to debconf as I've kept the files for analysis? 

Wookey
-- 
Aleph One Ltd, Bottisham, CAMBRIDGE, CB5 9BA, UK  Tel +44 (0) 1223 811679
work: http://www.aleph1.co.uk/     play: http://www.chaos.org.uk/~wookey/

Message #30 received at [email protected] (full text, mbox, reply):

From: Colin Watson <[email protected]>

To: Wookey <[email protected]>

Cc: [email protected], [email protected], [email protected]

Subject: Re: Bug#218182: man-db: Woody security update install fails in postinst

Date: Wed, 29 Oct 2003 17:17:58 +0000

reassign 218182 debconf
thanks

On Wed, Oct 29, 2003 at 05:12:44PM +0000, Wookey wrote:
> +++ Colin Watson [03-10-29 16:04 +0000]:
> > On Wed, Oct 29, 2003 at 03:33:52PM +0000, Wookey wrote:
> > > +++ Colin Watson [03-10-29 15:09 +0000]:
> > > > environment? I suspect a corrupted debconf database.
> 
> > > debconf (developer): <-- GET man-db/install-setuid
> > > debconf (developer): --> 10 man-db/install-setuid doesn't exist
> > > dpkg: error processing man-db (--configure):
> > >  subprocess post-installation script returned error exit status 10
> > 
> > It does confirm that theory, yes. Keep a copy of everything in
> > /var/cache/debconf, which I suspect joeyh@ will want to see, and run
> > /usr/share/debconf/fix_db.pl.
> 
> OK - that did the trick (and indeed fixed all the other packages that
> wouldn't install too (mysql-server, proftpd, ssh). So you can close
> this, or perhaps move it to debconf as I've kept the files for
> analysis? 

I'll pass it over to debconf in case Joey can get something useful from
it, I think. Good luck ...

Cheers,

-- 
Colin Watson                                  [[email protected]]

Message #37 received at [email protected] (full text, mbox, reply):

From: Joey Hess <[email protected]>

Cc: Wookey <[email protected]>, [email protected]

Subject: Re: Bug#218182: man-db: Woody security update install fails in postinst

Date: Wed, 29 Oct 2003 13:11:52 -0500

[Message part 1 (text/plain, inline)]

Colin Watson wrote:
> I'll pass it over to debconf in case Joey can get something useful from
> it, I think. Good luck ...

Please send me the files you backed up, thanks.

-- 
see shy jo

[signature.asc (application/pgp-signature, inline)]

Message #42 received at [email protected] (full text, mbox, reply):

From: Joey Hess <[email protected]>

To: [email protected]

Subject: analysis

Date: Sun, 30 Nov 2003 14:04:20 -0500

[Message part 1 (text/plain, inline)]

Looking at the files, it seems the config.dat only contains a few
entries for recently installed packages. At some point in the past, the
whole config.dat was apparently zeroed out, leaving orphaned templates.

I will downgrade the severity, as this could be user or disk error. Of
course it could be a debconf bug too, and enough people have reported
this kind of thing to warrent leaving it open.

-- 
see shy jo

[signature.asc (application/pgp-signature, inline)]

Send a report that this bug log contains spam.