pkg/55471: security/racoon2 violates DESTDIR

To: pkg-manager%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,pkgsrc-bugs%netbsd.org@localhost
Subject: pkg/55471: security/racoon2 violates DESTDIR
From: Hauke Fath <hf%spg.tu-darmstadt.de@localhost>
Date: Thu, 9 Jul 2020 08:30:00 +0000 (UTC)

>Number:         55471
>Category:       pkg
>Synopsis:       security/racoon2 violates DESTDIR
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    pkg-manager
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Jul 09 08:30:00 +0000 2020
>Originator:     Hauke Fath
>Release:        NetBSD 9.0_STABLE
>Organization:
Technische Universitaet Darmstadt
>Environment:
	
	
System: NetBSD Petzeck 9.0_STABLE NetBSD 9.0_STABLE (DMZ_DOMU) #1: Tue May 5 13:38:54 CEST 2020 hf@Hochstuhl:/var/obj/netbsd-builds/9/amd64/sys/arch/amd64/compile/DMZ_DOMU amd64
Architecture: x86_64
Machine: amd64
>Description:

	Late in the install phase, the package starts a script that
	does not heed DESTDIR, and tries to directly manipulate
	preference files under PKG_SYSCONFDIR:

[...]
===> Change directory to pskgen
/usr/bin/install -c -o hf -g users -d /var/obj/pkgsrc/security/racoon2/work/.destdir/usr/pkg/sbin
/usr/bin/install -c -o hf -g users -m 755 pskgen /var/obj/pkgsrc/security/racoon2/work/.destdir/usr/pkg/sbin
/usr/bin/install -c -o hf -g users -m 644 pskgen.8 /var/obj/pkgsrc/security/racoon2/work/.destdir/usr/pkg/man/man8
/usr/bin/install -c -o hf -g users -d /var/obj/pkgsrc/security/racoon2/work/.destdir/usr/pkg/etc/racoon2
sh ./autogen.spmd.pwd
mv: rename /etc/pkg/racoon2/spmd.pwd to /etc/pkg/racoon2/spmd.pwd.bak: Permission denied
can't open /etc/pkg/racoon2/spmd.pwd at /usr/pkg/sbin/pskgen line 116.
*** Error code 13

Stop.
make[1]: stopped in /var/obj/pkgsrc/security/racoon2/work/racoon2-b2a193fc9875d1fb89c0a51690745379bc135fcf/pskgen
*** Error code 1

	The config files actually existed from a previous
	installation. In addition to missing credentials, the
	autogen.spmd.pwd script should probably not even be run on an
	existing configuration.

	I patched autogen.spmd.pwd.in to respect PKG_SYSCONFDIR, but
	that is not the biggest problem. Since I do not know exactly
	what pskgen(8) is trying to accomplish, and why it has to be
	run in the install phase, I will leave the proper fix to the
	maintainer. (I don't think the pkginstall framework allows for
	inserting arbitrary filters into the copying process?)

	
>How-To-Repeat:

	"cd .../security/racoon2 && make package" on a machine with
	non-default SYSCONFDIR.

	
>Fix:

	Either run pskgen(8) on the files installed in EGDIR, or
	advise users to manually run it on the relevant config files
	in PKG_SYSCONFDIR.
 
	

>Unformatted:

Prev by Date: PR/55227 CVS commit: pkgsrc/lang/ecl
Next by Date: Re: pkg/55227 (update lang/ecl to ecl-20.4.24)
Previous by Thread: PR/55227 CVS commit: pkgsrc/lang/ecl
Next by Thread: Re: pkg/55227 (update lang/ecl to ecl-20.4.24)
Indexes:

Home | Main Index | Thread Index | Old Index