2017-08-04 13:46:43 |
Carl W. Soderstrom |
bug |
|
|
added bug |
2017-09-18 12:10:44 |
Launchpad Janitor |
awstats (Ubuntu): status |
New |
Confirmed |
|
2017-09-20 19:06:04 |
Andreas Hasenack |
awstats (Ubuntu): importance |
Undecided |
Low |
|
2017-09-20 19:06:16 |
Andreas Hasenack |
tags |
|
bitesize server-next |
|
2017-09-20 19:20:34 |
Andreas Hasenack |
tags |
bitesize server-next |
bite-size server-next |
|
2017-09-20 19:20:53 |
Andreas Hasenack |
tags |
bite-size server-next |
bitesize server-next |
|
2017-09-20 19:22:25 |
Andreas Hasenack |
bug |
|
|
added subscriber Ubuntu Server Team |
2017-09-20 19:22:57 |
Andreas Hasenack |
awstats (Ubuntu): status |
Confirmed |
Triaged |
|
2017-09-20 19:27:57 |
Andreas Hasenack |
bug watch added |
|
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=858461 |
|
2017-09-20 19:42:43 |
Andreas Hasenack |
bug |
|
|
added subscriber Andreas Hasenack |
2017-12-15 20:25:33 |
Andreas Hasenack |
nominated for series |
|
Ubuntu Artful |
|
2017-12-15 20:25:33 |
Andreas Hasenack |
nominated for series |
|
Ubuntu Zesty |
|
2017-12-15 20:25:33 |
Andreas Hasenack |
nominated for series |
|
Ubuntu Xenial |
|
2017-12-15 20:31:49 |
David Britton |
bug task added |
|
awstats (Ubuntu Artful) |
|
2017-12-15 20:31:54 |
David Britton |
bug task added |
|
awstats (Ubuntu Xenial) |
|
2017-12-15 20:32:06 |
David Britton |
bug task added |
|
awstats (Ubuntu Zesty) |
|
2017-12-15 20:36:31 |
Andreas Hasenack |
awstats (Ubuntu Xenial): importance |
Undecided |
Low |
|
2017-12-15 20:36:34 |
Andreas Hasenack |
awstats (Ubuntu Zesty): importance |
Undecided |
Low |
|
2017-12-15 20:36:35 |
Andreas Hasenack |
awstats (Ubuntu Artful): importance |
Undecided |
Low |
|
2017-12-15 20:36:42 |
Andreas Hasenack |
awstats (Ubuntu Xenial): status |
New |
Triaged |
|
2017-12-15 20:36:44 |
Andreas Hasenack |
awstats (Ubuntu Zesty): status |
New |
Triaged |
|
2017-12-15 20:36:48 |
Andreas Hasenack |
awstats (Ubuntu Artful): status |
New |
Triaged |
|
2018-01-05 17:21:03 |
Andreas Hasenack |
awstats (Ubuntu Zesty): status |
Triaged |
Won't Fix |
|
2018-01-05 17:34:45 |
Andreas Hasenack |
awstats (Ubuntu Xenial): assignee |
|
Andreas Hasenack (ahasenack) |
|
2018-01-05 17:34:48 |
Andreas Hasenack |
awstats (Ubuntu Artful): assignee |
|
Andreas Hasenack (ahasenack) |
|
2018-01-05 17:34:52 |
Andreas Hasenack |
awstats (Ubuntu Xenial): status |
Triaged |
In Progress |
|
2018-01-05 17:34:56 |
Andreas Hasenack |
awstats (Ubuntu Artful): status |
Triaged |
In Progress |
|
2018-01-05 17:35:05 |
Andreas Hasenack |
awstats (Ubuntu): assignee |
|
Andreas Hasenack (ahasenack) |
|
2018-01-05 17:35:09 |
Andreas Hasenack |
awstats (Ubuntu): status |
Triaged |
In Progress |
|
2018-01-05 17:36:52 |
Andreas Hasenack |
description |
This was found in Ubuntu 16.04. I have not tested other versions.
The /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh script does not run by default, because the 'www-data' user does not have a valid shell by default.
root@www:~# bash -x /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
+ UPDATE_SCRIPT=/usr/share/awstats/tools/update.sh
+ '[' -x /usr/share/awstats/tools/update.sh ']'
+ su -l -c /usr/share/awstats/tools/update.sh www-data
This account is currently not available.
We could give www-data a valid shell but my preferred fix is to edit /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh and explicitly specify the shell with '-s /bin/bash':
diff -u ~/prerotate.sh /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
--- /root/prerotate.sh 2017-07-31 17:07:43.749559681 -0500
+++ /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh 2017-07-31 17:07:54.122034426 -0500
@@ -2,5 +2,5 @@
UPDATE_SCRIPT=/usr/share/awstats/tools/update.sh
if [ -x $UPDATE_SCRIPT ]
then
- su -l -c $UPDATE_SCRIPT www-data
+ su -l -c $UPDATE_SCRIPT -s /bin/bash www-data
fi |
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test Case]
* detailed instructions how to reproduce the bug
* these should allow someone who is not familiar with the affected
package to reproduce the bug and verify that the updated package fixes
the problem.
[Regression Potential]
* discussion of how regressions are most likely to manifest as a result of this change.
* It is assumed that any SRU candidate patch is well-tested before
upload and has a low overall risk of regression, but it's important
to make the effort to think about what ''could'' happen in the
event of a regression.
* This both shows the SRU team that the risks have been considered,
and provides guidance to testers in regression-testing the SRU.
[Other Info]
* Anything else you think is useful to include
* Anticipate questions from users, SRU, +1 maintenance, security teams and the Technical Board
* and address these questions in advance
=== Original description ===
This was found in Ubuntu 16.04. I have not tested other versions.
The /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh script does not run by default, because the 'www-data' user does not have a valid shell by default.
root@www:~# bash -x /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
+ UPDATE_SCRIPT=/usr/share/awstats/tools/update.sh
+ '[' -x /usr/share/awstats/tools/update.sh ']'
+ su -l -c /usr/share/awstats/tools/update.sh www-data
This account is currently not available.
We could give www-data a valid shell but my preferred fix is to edit /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh and explicitly specify the shell with '-s /bin/bash':
diff -u ~/prerotate.sh /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
--- /root/prerotate.sh 2017-07-31 17:07:43.749559681 -0500
+++ /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh 2017-07-31 17:07:54.122034426 -0500
@@ -2,5 +2,5 @@
UPDATE_SCRIPT=/usr/share/awstats/tools/update.sh
if [ -x $UPDATE_SCRIPT ]
then
- su -l -c $UPDATE_SCRIPT www-data
+ su -l -c $UPDATE_SCRIPT -s /bin/bash www-data
fi |
|
2018-01-05 17:50:14 |
Andreas Hasenack |
description |
[Impact]
* An explanation of the effects of the bug on users and
* justification for backporting the fix to the stable release.
* In addition, it is helpful, but not required, to include an
explanation of how the upload fixes this bug.
[Test Case]
* detailed instructions how to reproduce the bug
* these should allow someone who is not familiar with the affected
package to reproduce the bug and verify that the updated package fixes
the problem.
[Regression Potential]
* discussion of how regressions are most likely to manifest as a result of this change.
* It is assumed that any SRU candidate patch is well-tested before
upload and has a low overall risk of regression, but it's important
to make the effort to think about what ''could'' happen in the
event of a regression.
* This both shows the SRU team that the risks have been considered,
and provides guidance to testers in regression-testing the SRU.
[Other Info]
* Anything else you think is useful to include
* Anticipate questions from users, SRU, +1 maintenance, security teams and the Technical Board
* and address these questions in advance
=== Original description ===
This was found in Ubuntu 16.04. I have not tested other versions.
The /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh script does not run by default, because the 'www-data' user does not have a valid shell by default.
root@www:~# bash -x /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
+ UPDATE_SCRIPT=/usr/share/awstats/tools/update.sh
+ '[' -x /usr/share/awstats/tools/update.sh ']'
+ su -l -c /usr/share/awstats/tools/update.sh www-data
This account is currently not available.
We could give www-data a valid shell but my preferred fix is to edit /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh and explicitly specify the shell with '-s /bin/bash':
diff -u ~/prerotate.sh /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
--- /root/prerotate.sh 2017-07-31 17:07:43.749559681 -0500
+++ /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh 2017-07-31 17:07:54.122034426 -0500
@@ -2,5 +2,5 @@
UPDATE_SCRIPT=/usr/share/awstats/tools/update.sh
if [ -x $UPDATE_SCRIPT ]
then
- su -l -c $UPDATE_SCRIPT www-data
+ su -l -c $UPDATE_SCRIPT -s /bin/bash www-data
fi |
[Impact]
The logrotate script that is responsible for updating awstats statistics does not run because the www-data user that it runs as does not have a valid shell.
This update adjusts the su command line to specify the same shell as the script shebang line.
[Test Case]
To test, run the script:
Version with the bug:
$ sudo /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
No directory, logging in with HOME=/
This account is currently not available.
Fixed version:
$ sudo /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
No directory, logging in with HOME=/
Error while processing /etc/awstats/awstats.conf
Error: SiteDomain parameter not defined in your config/domain file. You must edit it for using this version of AWStats.
Setup ('/etc/awstats/awstats.conf' file, web server or permissions) may be wrong.
Check config file, permissions and AWStats documentation (in 'docs' directory).
Note the "fixed" version actually runs the script and complains about something else, unrelated to this bug. The admin must complete the installation of awstats before using it, but this test is enough to verify the fix.
If you want to get a full run, you have to follow the instructions in the README.Debian file. Basically, at a minimum:
- edit /etc/awstats/awstats.conf and give SiteDomain a value
- change group ownership of /var/log/apache2 and /var/log/apache2/* to www-data (that's one solution). README.Debian has other ideas, and I would add using ACLs if your filesystem of choice supports them: "setfacl -m g:www-data:rx /var/log/apache2" and "setfacl -m g:www-data:r /var/log/apache2/*"
[Regression Potential]
Code that wasn't running before because of this bug will now run. If the user didn't complete the awstats configuration he/she will get more verbose cron emails.
[Other Info]
Users who have already worked around the issue by manually editing the logrotate file and adding "-s /bin/sh" or something similar will get a dpkg prompt when upgrading to this version:
Configuration file '/etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
=== Original description ===
This was found in Ubuntu 16.04. I have not tested other versions.
The /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh script does not run by default, because the 'www-data' user does not have a valid shell by default.
root@www:~# bash -x /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
+ UPDATE_SCRIPT=/usr/share/awstats/tools/update.sh
+ '[' -x /usr/share/awstats/tools/update.sh ']'
+ su -l -c /usr/share/awstats/tools/update.sh www-data
This account is currently not available.
We could give www-data a valid shell but my preferred fix is to edit /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh and explicitly specify the shell with '-s /bin/bash':
diff -u ~/prerotate.sh /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh
--- /root/prerotate.sh 2017-07-31 17:07:43.749559681 -0500
+++ /etc/logrotate.d/httpd-prerotate/awstats/prerotate.sh 2017-07-31 17:07:54.122034426 -0500
@@ -2,5 +2,5 @@
UPDATE_SCRIPT=/usr/share/awstats/tools/update.sh
if [ -x $UPDATE_SCRIPT ]
then
- su -l -c $UPDATE_SCRIPT www-data
+ su -l -c $UPDATE_SCRIPT -s /bin/bash www-data
fi |
|
2018-01-05 17:53:41 |
Andreas Hasenack |
merge proposal linked |
|
https://code.launchpad.net/~ahasenack/ubuntu/+source/awstats/+git/awstats/+merge/335761 |
|
2018-01-05 17:53:58 |
Andreas Hasenack |
merge proposal linked |
|
https://code.launchpad.net/~ahasenack/ubuntu/+source/awstats/+git/awstats/+merge/335759 |
|
2018-01-05 17:54:07 |
Andreas Hasenack |
merge proposal linked |
|
https://code.launchpad.net/~ahasenack/ubuntu/+source/awstats/+git/awstats/+merge/335760 |
|
2018-01-08 17:22:55 |
Andreas Hasenack |
bug task added |
|
awstats (Debian) |
|
2018-01-09 14:36:29 |
Bug Watch Updater |
awstats (Debian): status |
Unknown |
New |
|
2018-01-11 07:15:39 |
Launchpad Janitor |
awstats (Ubuntu): status |
In Progress |
Fix Released |
|
2018-01-11 21:07:22 |
Brian Murray |
awstats (Ubuntu Artful): status |
In Progress |
Fix Committed |
|
2018-01-11 21:07:23 |
Brian Murray |
bug |
|
|
added subscriber Ubuntu Stable Release Updates Team |
2018-01-11 21:07:25 |
Brian Murray |
bug |
|
|
added subscriber SRU Verification |
2018-01-11 21:07:30 |
Brian Murray |
tags |
bitesize server-next |
bitesize server-next verification-needed verification-needed-artful |
|
2018-01-11 21:08:10 |
Brian Murray |
awstats (Ubuntu Xenial): status |
In Progress |
Fix Committed |
|
2018-01-11 21:08:16 |
Brian Murray |
tags |
bitesize server-next verification-needed verification-needed-artful |
bitesize server-next verification-needed verification-needed-artful verification-needed-xenial |
|
2018-01-12 11:43:51 |
Andreas Hasenack |
tags |
bitesize server-next verification-needed verification-needed-artful verification-needed-xenial |
bitesize server-next verification-done-xenial verification-needed verification-needed-artful |
|
2018-01-12 11:47:35 |
Andreas Hasenack |
tags |
bitesize server-next verification-done-xenial verification-needed verification-needed-artful |
bitesize server-next verification-done-artful verification-done-xenial verification-needed |
|
2018-01-22 09:43:52 |
Launchpad Janitor |
awstats (Ubuntu Artful): status |
Fix Committed |
Fix Released |
|
2018-01-22 09:43:54 |
Łukasz Zemczak |
removed subscriber Ubuntu Stable Release Updates Team |
|
|
|
2018-01-22 09:44:06 |
Launchpad Janitor |
awstats (Ubuntu Xenial): status |
Fix Committed |
Fix Released |
|
2020-05-05 20:33:29 |
Bryce Harrington |
tags |
bitesize server-next verification-done-artful verification-done-xenial verification-needed |
server-next verification-done-artful verification-done-xenial verification-needed |
|