On 2015-01-19 13:51, Paul Tagliamonte wrote:
On Sun, Jan 18, 2015 at 09:19:19PM -0300, go...@riseup.net wrote:
Package: docker.io
Version: 1.3.3~dfsg1-2
When you have a external docker group (ex. LDAP group) with same name,
the
installation crashs. The shared group in external LDAP Server is a
best
pratice.
While true, I'm concerned about existing groups *unrelated* to docker
being on the system already, giving rights to the group members when
that's otherwise a bad idea.
e.g.,
| [tag@cassiel:~][⌚ 11:50 AM] ♥ ssh alioth.d.o groups | tr " " "\n" |
| grep docker
| docker
| scm_docker
This can happen, but I can't see any possibility of a group docker
causes any security problem.
If docker was ever installed on alioth, I'd have root, along with the
rest of the team. I don't think that'd be entirely expected.
I'm all for making this fail in a *better* way, but I don't want to
allow the existing group by default. Perhaps a debconf prompt would be
wise.
This is the best solution, I agree, but we can improve later. I don't
know enought about debconf yet to send that patch now, but I will learn
about it.
What you think about apply that patch now and improve it later?
Follow the patch to fix this possible problem in DEBIAN/postinst file:
6c6
< if [ -z "$2" ]; then
---
> if ! getent group docker > /dev/null 2>&1 ; then
I saw a similar fix for the similar problem in that bug report :
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=61049
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
