Package: smart-notifier Version: 0.28-1 Severity: normal Tags: patch Dear maintainer,
I've prepared an NMU for smart-notifier (versioned as 0.28-1.1) and uploaded it
to unstable. My changes are also available from:
git://git.debian.org/git/users/smcv/nmu/smart-notifier.git
Regards,
Simon
diffstat for smart-notifier_0.28-1 smart-notifier_0.28-1.1
config/smart-notifier.conf | 9 +--------
debian/changelog | 16 ++++++++++++++++
debian/control | 6 +++---
debian/rules | 14 +++++++-------
scripts/smart-notifier | 5 +----
src/smart_notifier/gui.py | 2 +-
6 files changed, 29 insertions(+), 23 deletions(-)
only in patch2:
unchanged:
--- smart-notifier-0.28.orig/config/smart-notifier.conf
+++ smart-notifier-0.28/config/smart-notifier.conf
@@ -6,16 +6,9 @@
<!-- This configuration file specifies the required security policies
for the smart-notifier to work. -->
- <!-- Only allow root to invoke methods on the WarnUser interfaces -->
+ <!-- Only allow root to emit the signal -->
<policy user="root">
<allow own="smart_notifier.DbusService"/>
</policy>
- <!-- Any user can own the DbusService service -->
- <policy context="default">
- <allow send_interface="smart_notifier.DbusService.WarnUser"/>
- <allow receive_interface="smart_notifier.DbusService.WarnUser"
- receive_sender="smart_notifier.DbusService"/>
- </policy>
-
</busconfig>
only in patch2:
unchanged:
--- smart-notifier-0.28.orig/src/smart_notifier/gui.py
+++ smart-notifier-0.28/src/smart_notifier/gui.py
@@ -47,6 +47,6 @@
smart_notifier.BUS.add_signal_receiver(warn_user,
signal_name='warn_user',
dbus_interface=smart_notifier.UD_INTERFACE,
- #named_service=smart_notifier.UD_SERVICE, - thiss fails
+ named_service=smart_notifier.SERVICE_NAME,
path=smart_notifier.UD_SERVICE)
gtk.main()
only in patch2:
unchanged:
--- smart-notifier-0.28.orig/scripts/smart-notifier
+++ smart-notifier-0.28/scripts/smart-notifier
@@ -2,12 +2,9 @@
import sys
-# which python version are we using, the hash-bang abouve might be munged by setuptools
-version = '%s.%s' % (sys.version_info[0], sys.version_info[1])
-
# get a path to our private module, and make sure it overrides
# all other paths (This is probably Debian specific)
-sys.path.insert(0, '/usr/share/smart-notifier/lib/python%s' % version)
+sys.path.insert(0, '/usr/share/smart-notifier')
if '--notify' in sys.argv:
import smart_notifier
only in patch2:
unchanged:
--- smart-notifier-0.28.orig/debian/control
+++ smart-notifier-0.28/debian/control
@@ -3,13 +3,13 @@
Priority: optional
Maintainer: Brian Sutherland <ji...@web.de>
Build-Depends: debhelper (>= 5.0.37.3)
-Build-Depends-Indep: python-all-dev (>= 2.3.5-11), python-central (>= 0.4.10), python-setuptools (>= 0.6b3-1)
+Build-Depends-Indep: python (>= 2.4), python-central (>= 0.4.10), python-setuptools (>= 0.6b3-1)
Standards-Version: 3.7.2
-XS-Python-Version: 2.4
+XS-Python-Version: >= 2.4
Package: smart-notifier
Architecture: all
-Depends: ${python:Depends}, dbus, python2.4-dbus, smartmontools (>= 5.33+5.34cvs20050802-2), python2.4-gtk2, python2.4-glade2
+Depends: ${python:Depends}, dbus, python-dbus, smartmontools (>= 5.33+5.34cvs20050802-2), python-gtk2, python-glade2
XB-Python-Version: ${python:Versions}
Description: graphical hard disk health status notifier
A graphical notifier for smartmontools which attempts to show messages from
only in patch2:
unchanged:
--- smart-notifier-0.28.orig/debian/changelog
+++ smart-notifier-0.28/debian/changelog
@@ -1,3 +1,19 @@
+smart-notifier (0.28-1.1) unstable; urgency=medium
+
+ * Non-maintainer upload while dealing with D-Bus' CVE-2008-4311.
+ * Audit the D-Bus security policy file for compatibility with D-Bus versions
+ where CVE-2008-4311 has been fixed, and remove rules that appear to have
+ been cargo-culted from some other package and are likely to cause
+ unintended consequences for other packages (see freedesktop.org #18961).
+ * Only display the SMART message if it came from the part of smart_notifier
+ that only root can run, rather than allowing arbitrary local users to
+ spoof arbitrary messages from smartd. (Closes: #510709)
+ * Use the default Python version, and install version-independent modules
+ once, rather than once per supported Python version. Not RC, but I couldn't
+ bring myself to upload it without fixing this. (Closes: #507490)
+
+ -- Simon McVittie <s...@debian.org> Sun, 11 Jan 2009 17:21:30 +0000
+
smart-notifier (0.28-1) unstable; urgency=low
* Bump build depends on debhelper and rebuild (Closes: #383099).
only in patch2:
unchanged:
--- smart-notifier-0.28.orig/debian/rules
+++ smart-notifier-0.28/debian/rules
@@ -3,7 +3,7 @@
# Uncomment this to turn on verbose mode.
#export DH_VERBOSE=1
-PYVERS=$(shell pyversions -vr debian/control)
+PYVERS=$(shell pyversions -vd)
PYMOD=smart_notifier
PACKAGE=smart-notifier
DEB_UPSTREAM_VERSION=$(shell dpkg-parsechangelog \
@@ -14,7 +14,7 @@
build-python%:
dh_testdir
- python$* setup.py build
+ python setup.py build
touch $@
clean:
@@ -26,7 +26,7 @@
dh_clean
clean-python%:
- python$* setup.py clean
+ python setup.py clean
install: build
dh_testdir
@@ -43,14 +43,14 @@
debian/smart-notifier/etc/xdg/autostart/smart-notifier.desktop
install-python%:
- python$* setup.py install --no-compile --single-version-externally-managed --root=debian/$(PACKAGE)
- install -d debian/$(PACKAGE)/usr/share/smart-notifier/lib/python$*
+ python setup.py install --no-compile --single-version-externally-managed --root=debian/$(PACKAGE)
+ install -d debian/$(PACKAGE)/usr/share/smart-notifier
# Remove python and module version from .egg-info and move it to the privat modules
mv debian/$(PACKAGE)/usr/lib/python$*/site-packages/$(PYMOD)-$(DEB_UPSTREAM_VERSION)-py$*.egg-info \
- debian/$(PACKAGE)/usr/share/smart-notifier/lib/python$*/$(PYMOD).egg-info
+ debian/$(PACKAGE)/usr/share/smart-notifier/$(PYMOD).egg-info
# Move the python module to a private location
mv debian/$(PACKAGE)/usr/lib/python$*/site-packages/$(PYMOD) \
- debian/$(PACKAGE)/usr/share/smart-notifier/lib/python$*/$(PYMOD)
+ debian/$(PACKAGE)/usr/share/smart-notifier/$(PYMOD)
# Build architecture-independent files here.
binary-indep: build install
signature.asc
Description: Digital signature
