webmin 1.410 is out. here are 3 patches for that. the only problem is there are access violations maybe anybody else can help to fix that.
Created attachment 150921 [details, diff] ebuild patch
Created attachment 150923 [details, diff] ldap-useradmin patch
Created attachment 150924 [details, diff] virtual-server patch
*** Bug 225849 has been marked as a duplicate of this bug. ***
1.420 now available
the patches should work with 1.420. but the problem is as before the access violations.
(In reply to comment #6) > the patches should work with 1.420. > but the problem is as before the access violations. > Thanks Christian for the note. Still haven't had time to check them out.
(In reply to comment #6) > the patches should work with 1.420. > but the problem is as before the access violations. > Do you get: --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-29791.log" rename: /etc/ssh/sshd_config.webmintmp.30530 unlink: /etc/ssh/sshd_config.webmintmp.30530 -------------------------------------------------------------------------------- I can't seem to see where this file is coming from. The build system is rather weird. IF you get than same msg I can put a check for that in the ebuild and die on detection. Best I can think of for now. Let me know.
(In reply to comment #8) > (In reply to comment #6) > > the patches should work with 1.420. > > but the problem is as before the access violations. > > > > Do you get: > --------------------------- ACCESS VIOLATION SUMMARY > --------------------------- > LOG FILE = "/var/log/sandbox/sandbox-29791.log" > > rename: /etc/ssh/sshd_config.webmintmp.30530 > unlink: /etc/ssh/sshd_config.webmintmp.30530 > -------------------------------------------------------------------------------- > > I can't seem to see where this file is coming from. The build system is rather > weird. IF you get than same msg I can put a check for that in the ebuild and > die on detection. Best I can think of for now. Let me know. > i get: open_wr: /etc/passwd.lock open_wr: /etc/group.lock open_wr: /etc/shadow.lock open_wr: /etc/passwd.lock open_wr: /etc/group.lock open_wr: /etc/shadow.lock open_wr: /etc/group.webmintmp.26779 open_wr: /etc/group
I had no sandbox violations on AMD64 with 1.420 and the older vmin (3.23). Once I upped the version to 3.56 or 3.59 I got: --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-13639.log" open_wr: /etc/ssh/sshd_config.webmintmp.14384 open_wr: /etc/ssh/sshd_config --------------------------------------------------------------------------------
Well. I seemed to have fixed it for me by messing with the perl in the sshd/sshd-lib.pl file. I created a patch: -open(CONF, $config{'sshd_config'}); +open(CONF, $config{'sshd_config'},O_RDONLY); and it got past the sandbox violation. But the Miniserv doesnt like that, so I added: sed -i -e "s:,O_RDONLY::g" "/usr/libexec/webmin/sshd/sshd-lib.pl" during the pkg_postinst() to remove it. I didn't upload the patches because I'm not sure if thats a proper solution or not but it seems to work for me.
webmin 1.430 is out.
Created attachment 163367 [details, diff] webmin-1.430.ebuild.patch
getting access violation after applying the patches (~x86): * Applying virtual-server-3.23-pgsql.patch ... [ ok ] * Applying webmin-1.170-setup-nocheck.patch ... [ ok ] >>> Source unpacked. >>> Compiling source in /var/tmp/portage/app-admin/webmin-1.430/work/webmin-1.430 ... >>> Source compiled. >>> Test phase [not enabled]: app-admin/webmin-1.430 >>> Install webmin-1.430 into /var/tmp/portage/app-admin/webmin-1.430/image/ category app-admin >>> Completed installing webmin-1.430 into /var/tmp/portage/app-admin/webmin-1.430/image/ --------------------------- ACCESS VIOLATION SUMMARY --------------------------- LOG FILE = "/var/log/sandbox/sandbox-5557.log" unlink: /etc/passwd.lock unlink: /etc/group.lock unlink: /etc/shadow.lock unlink: /etc/passwd.lock unlink: /etc/group.lock unlink: /etc/shadow.lock unlink: /etc/passwd.lock unlink: /etc/group.lock unlink: /etc/shadow.lock unlink: /etc/passwd.lock unlink: /etc/group.lock unlink: /etc/shadow.lock -------------------------------------------------------------------------------- I didn't try #11, because he doesn't get an answer if this is an appropriate solution.
(In reply to comment #14) > getting access violation after applying the patches (~x86): > > * Applying virtual-server-3.23-pgsql.patch ... > > > [ ok ] > * Applying webmin-1.170-setup-nocheck.patch ... > > > [ ok ] > >>> Source unpacked. > >>> Compiling source in /var/tmp/portage/app-admin/webmin-1.430/work/webmin-1.430 ... > >>> Source compiled. > >>> Test phase [not enabled]: app-admin/webmin-1.430 > > >>> Install webmin-1.430 into /var/tmp/portage/app-admin/webmin-1.430/image/ category app-admin > >>> Completed installing webmin-1.430 into /var/tmp/portage/app-admin/webmin-1.430/image/ > > --------------------------- ACCESS VIOLATION SUMMARY > --------------------------- > LOG FILE = "/var/log/sandbox/sandbox-5557.log" > > unlink: /etc/passwd.lock > unlink: /etc/group.lock > unlink: /etc/shadow.lock > unlink: /etc/passwd.lock > unlink: /etc/group.lock > unlink: /etc/shadow.lock > unlink: /etc/passwd.lock > unlink: /etc/group.lock > unlink: /etc/shadow.lock > unlink: /etc/passwd.lock > unlink: /etc/group.lock > unlink: /etc/shadow.lock > -------------------------------------------------------------------------------- > I didn't try #11, because he doesn't get an answer if this is an appropriate > solution. > are you sure that the access violations are only when you apply these patches? the patches should not be the reason of the access violations.
I described it unlcear, if i install webmin-1.430 with the patches i got the access violations, w/o sandbox it works but this isn't the proper way. Installing webmin-1.400-r1 (gentoo tree), i don't get an error.
Created attachment 164423 [details, diff] webmin-1.430-r1.ebuild.patch WITHOUT virtual-server
(In reply to comment #16) > I described it unlcear, if i install webmin-1.430 with the patches i got the > access violations, w/o sandbox it works but this isn't the proper way. > Installing webmin-1.400-r1 (gentoo tree), i don't get an error. > please try https://bugs.gentoo.org/attachment.cgi?id=164423 when you don't need virtual-server. the access violations are only from virtual-server. this patch should work without any problems.
Installs with patch Comment #17 w/o access violation. Thank you. Should we provide one patch from webmin-1.400-r1.ebuild (last in the tree) to webmin-1.430-r1.ebuild?
Created attachment 164433 [details, diff] webmin-1.430.ebuild.patch diff from 1.400-r1 to 1.430 WITH virtual-server
Created attachment 164435 [details, diff] webmin-1.430-r1.ebuild.patch WITHOUT virtual-server diff from 1.400-r1 to 1.430 WITHOUT virtual-server
(In reply to comment #11) > Well. I seemed to have fixed it for me by messing with the perl in the > sshd/sshd-lib.pl file. I created a patch: > > -open(CONF, $config{'sshd_config'}); > +open(CONF, $config{'sshd_config'},O_RDONLY); > > and it got past the sandbox violation. But the Miniserv doesnt like that, so I > added: > sed -i -e "s:,O_RDONLY::g" "/usr/libexec/webmin/sshd/sshd-lib.pl" > during the pkg_postinst() to remove it. > > I didn't upload the patches because I'm not sure if thats a proper solution or > not but it seems to work for me. > this does not work because it must be: open(CONF, "<", $config{'sshd_config'}); or sysopen(CONF, $config{'sshd_config'}, O_RDONLY); but i'm not sure if that avoids the access violation because there will be a tmpfile created by virtual-server i think
Created attachment 166321 [details, diff] webmin-gentoo-configs.patch
Created attachment 166322 [details, diff] webmin-1.430-r1.ebuild.patch WITHOUT virtual-server i've fixed various gentoo specific settings.
Created attachment 170136 [details] webmin-1.440.ebuild (without virtual-server)
ebuild 1.440 compiles fine on ~x86. Thank you. Just a hint, 1.441 with small bug fixes is out.
(In reply to comment #26) > ebuild 1.440 compiles fine on ~x86. Thank you. > Just a hint, 1.441 with small bug fixes is out. > just a fix for IE :P well.. rename to webmin-1.441.ebuild is enough.
Added 1.441 to the tree. Please file new bugs for any issue that comes up. Thanks.