Bug 29241 - UCR should be called with an absolute path
UCR should be called with an absolute path
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: univention-lib
UCS 3.0
Other Linux
: P5 normal (vote)
: UCS 3.2-1-errata
Assigned To: Janek Walkenhorst
Philipp Hahn
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2012-11-15 14:50 CET by Moritz Muehlenhoff
Modified: 2014-05-07 15:24 CEST (History)
1 user (show)

See Also:
What kind of report is it?: ---
What type of bug is this?: ---
Who will be affected by this bug?: ---
How will those affected feel about the bug?: ---
User Pain:
Enterprise Customer affected?:
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number:
Bug group (optional):
Max CVSS v3 score:


Attachments
Patch (641 bytes, patch)
2012-11-15 14:51 CET, Moritz Muehlenhoff
Details | Diff
Call UCR with absolute path (2.54 KB, patch)
2013-01-23 12:51 CET, Moritz Muehlenhoff
Details | Diff
Updated patch for 3.2-1 (6.79 KB, patch)
2014-03-11 12:40 CET, Moritz Muehlenhoff
Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Moritz Muehlenhoff univentionstaff 2012-11-15 14:50:42 CET
is_ucr_true ruft univention-config-registry nicht mit einem absoluten Pfad auf. Da /usr/sbin für normale Benutzer nicht im PATH ist, schlägt das fehl.

(Aufgefallen bei der Verwendung in UCC-Session-Skripten (die als normaler Benutzer gestartet werden)

Patch aus UCC hängt an.
Comment 1 Moritz Muehlenhoff univentionstaff 2012-11-15 14:51:23 CET
Created attachment 4795 [details]
Patch
Comment 2 Moritz Muehlenhoff univentionstaff 2013-01-23 12:50:45 CET
There are further occurrences in univention-lib, which execute "ucr". Since the UCR binaries are under /usr/sbin and /sbin/sbin is not in the PATH of non-root users, the calls fail when run as regular users.

The attached patch was made for UCC (where this bug is triggered in session scripts, which are executed with user privs)
Comment 3 Moritz Muehlenhoff univentionstaff 2013-01-23 12:51:37 CET
Created attachment 5001 [details]
Call UCR with absolute path
Comment 4 Moritz Muehlenhoff univentionstaff 2013-05-31 10:45:50 CEST
We will not ship a UCS 3.1-2 release; the next UCS release will be UCS 3.2.

As such, this bug is moved to the new target milestone.
Comment 5 Moritz Muehlenhoff univentionstaff 2014-03-11 12:40:49 CET
Created attachment 5825 [details]
Updated patch for 3.2-1

Updated patch based on the version in 3.2-1 (which was integrated in UCC 2.0)
Comment 6 Janek Walkenhorst univentionstaff 2014-04-25 17:49:40 CEST
Fixed with univention-lib 3.0.26-19.
Advisory: 2014-04-25-univention-lib.yaml
Comment 7 Philipp Hahn univentionstaff 2014-05-07 13:01:50 CEST
OK: r49641
OK: find \( -name \*.py -o -name debian \) -prune -o -type f -exec grep '\<\(ucr\|univention-config-registry\)\>' {} + | grep -v /usr/sbin/univention-config-registry
OK: announce_errata -V 2014-04-25-univention-lib.yaml
OK: aptitude install '?source-package(univention-lib)'
OK: . /usr/share/univention-lib/ldap.sh && ucs_addServiceToLocalhost foo
OK: . /usr/share/univention-lib/ldap.sh && ucs_removeServiceToLocalhost foo
OK: . /usr/share/univention-lib/ldap.sh && ucs_isServiceUnused LDAP
OK: . /usr/share/univention-lib/base.sh && is_domain_controller
OK: . /usr/share/univention-lib/umc.sh && umc_init
OK: . /usr/share/univention-lib/ucr.sh && is_ucr_true repository/online/unmaintained
Comment 8 Moritz Muehlenhoff univentionstaff 2014-05-07 15:24:40 CEST
http://errata.univention.de/ucs/3.2/105.html