Mailing List Archive

On Thu, Jul 08, 2021 at 07:38:05PM -0700, Georgy Yakovlev wrote:
> Signed-off-by: Sam James <sam@gentoo.org>
> Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
> ---
> .../2021-07-07-systemd-tmpfiles.en.txt | 48 +++++++++++++++++++
> 1 file changed, 48 insertions(+)
> create mode 100644 2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
>
> diff --git a/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> new file mode 100644
> index 0000000..0960663
> --- /dev/null
> +++ b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> @@ -0,0 +1,48 @@
> +Title: systemd-tmpfiles replaces opentmpfiles due to security issues
> +Author: Georgy Yakovlev <gyakovlev@gentoo.org>
> +Author: Sam James <sam@gentoo.org>
> +Posted: 2021-07-07
> +Revision: 1
> +News-Item-Format: 2.0
> +Display-If-Installed: virtual/tmpfiles

This should be:

Display-If-Installed: sys-apps/opentmpfiles

> +
> +On 2021-07-06, the sys-apps/opentmpfiles package was masked due to a
> +root privilege escalation vulnerability (CVE-2017-18925 [0],
> +bug #751415 [1], issue 4 [2] upstream).
> +
> +The use of opentmpfiles is discouraged by its maintainer due to the
> +unpatched vulnerability and other long-standing bugs [3].
> +
> +Users will start seeing their package manager trying to replace
> +sys-apps/opentmpfiles with sys-apps/systemd-tmpfiles because it is
> +another provider of virtual/tmpfiles.
> +
> +Despite the name, 'systemd-tmpfiles' does not depend on systemd, does
> +not use dbus, and is just a drop-in replacement for opentmpfiles. It is
> +a small binary built from systemd source code, but works separately,
> +similarly to eudev or elogind. It is known to work on both glibc and
> +musl systems.
> +
> +Note that systemd-tmpfiles is specifically for non-systemd systems. It
> +is intended to be used on an OpenRC system.
> +
> +If you wish to selectively test systemd-tmpfiles, follow those steps:
> +
> + 1. # emerge --oneshot sys-apps/systemd-tmpfiles
> + 2. # reboot
> +
> +No other steps required.
> +
> +If, after reviewing the linked bug reference for opentmpfiles, you feel
> +your system is not vulnerable/applicable to the attack described, you
> +can unmask[4] opentmpfiles at your own risk:
> +
> +1. In /etc/portage/package.unmask, add:
> +-sys-apps/opentmpfiles
> +2. # emerge --oneshot sys-apps/opentmpfiles

Something might need to be added cautioning folks that if they unmask
this, it may disappear on them in the future if we decide to remove it.

William

> +
> +[0] https://nvd.nist.gov/vuln/detail/CVE-2017-18925
> +[1] https://bugs.gentoo.org/751415
> +[2] https://github.com/OpenRC/opentmpfiles/issues/4
> +[3] https://bugs.gentoo.org/741216
> +[4] https://wiki.gentoo.org/wiki/Knowledge_Base:Unmasking_a_package
> --
> 2.32.0
>
>

On 9.7.2021 5.49, William Hubbs wrote:

>> +Display-If-Installed: virtual/tmpfiles
>
> This should be:
>
> Display-If-Installed: sys-apps/opentmpfiles
>

Disagree. Some people seem to be waking up into "oh no, what have I
installed?".

-- juippis

On Fri, Jul 09, 2021 at 07:04:45AM +0300, Joonas Niilola wrote:
> On 9.7.2021 5.49, William Hubbs wrote:
>
> >> +Display-If-Installed: virtual/tmpfiles
> >
> > This should be:
> >
> > Display-If-Installed: sys-apps/opentmpfiles
> >
>
> Disagree. Some people seem to be waking up into "oh no, what have I
> installed?".

systemd and systemd-tmpfiles are also providers of this virtual, so
people who have these installed don't need to see the newsitem.

William

Signed-off-by: Sam James <sam@gentoo.org>
Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
---
.../2021-07-07-systemd-tmpfiles.en.txt | 64 +++++++++++++++++++
1 file changed, 64 insertions(+)
create mode 100644 2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt

diff --git a/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
new file mode 100644
index 0000000..e946c89
--- /dev/null
+++ b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
@@ -0,0 +1,64 @@
+Title: systemd-tmpfiles replaces opentmpfiles due to security issues
+Author: Georgy Yakovlev <gyakovlev@gentoo.org>
+Author: Sam James <sam@gentoo.org>
+Posted: 2021-07-07
+Revision: 1
+News-Item-Format: 2.0
+Display-If-Installed: sys-apps/opentmpfiles
+Display-If-Installed: sys-apps/systemd-tmpfiles
+
+A tmpfiles [0] implementation provides a generic mechanism to define
+the creation of regular files, directories, pipes, and device nodes,
+adjustments to their access mode, ownership, attributes, quota
+assignments, and contents, and finally their time-based removal.
+It is commonly used for volatile and temporary files and directories
+such as those located under /run/, /tmp/, /var/tmp/, the API file
+systems such as /sys/ or /proc/, as well as some other directories
+below /var/. [1]
+
+On 2021-07-06, the sys-apps/opentmpfiles package was masked due to a
+root privilege escalation vulnerability (CVE-2017-18925 [2],
+bug #751415 [3], issue 4 [4] upstream).
+
+The use of opentmpfiles is discouraged by its maintainer due to the
+unpatched vulnerability and other long-standing bugs [5].
+
+Users will start seeing their package manager trying to replace
+sys-apps/opentmpfiles with sys-apps/systemd-tmpfiles because it is
+another provider of virtual/tmpfiles.
+
+Despite the name, 'systemd-tmpfiles' does not depend on systemd, does
+not use dbus, and is just a drop-in replacement for opentmpfiles. It is
+a small binary built from systemd source code, but works separately,
+similarly to eudev or elogind. It is known to work on both glibc and
+musl systems.
+
+Note that systemd-tmpfiles is specifically for non-systemd systems. It
+is intended to be used on an OpenRC system.
+
+If you wish to selectively test systemd-tmpfiles, follow those steps:
+
+ 1. # emerge --oneshot sys-apps/systemd-tmpfiles
+ 2. # reboot
+
+No other steps required.
+
+If, after reviewing the linked bug reference for opentmpfiles, you feel
+your system is not vulnerable/applicable to the attack described, you
+can unmask [6] opentmpfiles at your own risk:
+
+ 1. In /etc/portage/package.unmask, add a line:
+ -sys-apps/opentmpfiles-
+ 2. # emerge --oneshot sys-apps/opentmpfiles
+
+Note that opentmpfiles is likely to be removed from gentoo repository
+in the future.
+
+[0] https://www.freedesktop.org/software/systemd/man/systemd-tmpfiles.html
+[1] https://www.freedesktop.org/software/systemd/man/tmpfiles.d.html
+[2] https://nvd.nist.gov/vuln/detail/CVE-2017-18925
+[3] https://bugs.gentoo.org/751415
+[4] https://github.com/OpenRC/opentmpfiles/issues/4
+[5] https://bugs.gentoo.org/741216
+[6] https://wiki.gentoo.org/wiki/Knowledge_Base:Unmasking_a_package
+
--
2.32.0

On Fri, Jul 9, 2021 at 4:38 AM Georgy Yakovlev <gyakovlev@gentoo.org> wrote:

> Signed-off-by: Sam James <sam@gentoo.org>
> Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
> ---
> .../2021-07-07-systemd-tmpfiles.en.txt | 48 +++++++++++++++++++
> 1 file changed, 48 insertions(+)
> create mode 100644
> 2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
>
> diff --git
> a/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> new file mode 100644
> index 0000000..0960663
> --- /dev/null
> +++ b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> @@ -0,0 +1,48 @@
> +Title: systemd-tmpfiles replaces opentmpfiles due to security issues
> +Author: Georgy Yakovlev <gyakovlev@gentoo.org>
> +Author: Sam James <sam@gentoo.org>
> +Posted: 2021-07-07
> +Revision: 1
> +News-Item-Format: 2.0
> +Display-If-Installed: virtual/tmpfiles
> +
> +On 2021-07-06, the sys-apps/opentmpfiles package was masked due to a
> +root privilege escalation vulnerability (CVE-2017-18925 [0],
> +bug #751415 [1], issue 4 [2] upstream).
> +
> +The use of opentmpfiles is discouraged by its maintainer due to the
> +unpatched vulnerability and other long-standing bugs [3].
> +
> +Users will start seeing their package manager trying to replace
> +sys-apps/opentmpfiles with sys-apps/systemd-tmpfiles because it is
> +another provider of virtual/tmpfiles.
> +
> +Despite the name, 'systemd-tmpfiles' does not depend on systemd, does
> +not use dbus, and is just a drop-in replacement for opentmpfiles. It is
> +a small binary built from systemd source code, but works separately,
> +similarly to eudev or elogind. It is known to work on both glibc and
> +musl systems.
> +
> +Note that systemd-tmpfiles is specifically for non-systemd systems. It
> +is intended to be used on an OpenRC system.
> +
> +If you wish to selectively test systemd-tmpfiles, follow those steps:
> +
> + 1. # emerge --oneshot sys-apps/systemd-tmpfiles
> + 2. # reboot
> +
> +No other steps required.
> +
> +If, after reviewing the linked bug reference for opentmpfiles, you feel
> +your system is not vulnerable/applicable to the attack described, you
> +can unmask[4] opentmpfiles at your own risk:
> +
> +1. In /etc/portage/package.unmask, add:
> +-sys-apps/opentmpfiles
> +2. # emerge --oneshot sys-apps/opentmpfiles
> +
> +[0] https://nvd.nist.gov/vuln/detail/CVE-2017-18925
> +[1] https://bugs.gentoo.org/751415
> +[2] https://github.com/OpenRC/opentmpfiles/issues/4
> +[3] https://bugs.gentoo.org/741216
> +[4] https://wiki.gentoo.org/wiki/Knowledge_Base:Unmasking_a_package
> --
> 2.32.0
>
>
>
Plus maybe removing these dead symlinks:
/etc/runlevels/boot/opentmpfiles-setup
/etc/runlevels/sysinit/opentmpfiles-dev

On Thu, 2021-07-08 at 21:43 -0700, Georgy Yakovlev wrote:
> Signed-off-by: Sam James <sam@gentoo.org>
> Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
> ---
> .../2021-07-07-systemd-tmpfiles.en.txt | 64 +++++++++++++++++++
> 1 file changed, 64 insertions(+)
> create mode 100644 2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
>
> diff --git a/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> new file mode 100644
> index 0000000..e946c89
> --- /dev/null
> +++ b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> @@ -0,0 +1,64 @@
> +Title: systemd-tmpfiles replaces opentmpfiles due to security issues
> +Author: Georgy Yakovlev <gyakovlev@gentoo.org>
> +Author: Sam James <sam@gentoo.org>
> +Posted: 2021-07-07
> +Revision: 1
> +News-Item-Format: 2.0
> +Display-If-Installed: sys-apps/opentmpfiles
> +Display-If-Installed: sys-apps/systemd-tmpfiles
> +
> +A tmpfiles [0] implementation provides a generic mechanism to define
> +the creation of regular files, directories, pipes, and device nodes,
> +adjustments to their access mode, ownership, attributes, quota
> +assignments, and contents, and finally their time-based removal.
> +It is commonly used for volatile and temporary files and directories
> +such as those located under /run/, /tmp/, /var/tmp/, the API file
> +systems such as /sys/ or /proc/, as well as some other directories
> +below /var/. [1]
> +
> +On 2021-07-06, the sys-apps/opentmpfiles package was masked due to a
> +root privilege escalation vulnerability (CVE-2017-18925 [2],
> +bug #751415 [3], issue 4 [4] upstream).
> +
> +The use of opentmpfiles is discouraged by its maintainer due to the
> +unpatched vulnerability and other long-standing bugs [5].
> +
> +Users will start seeing their package manager trying to replace
> +sys-apps/opentmpfiles with sys-apps/systemd-tmpfiles because it is
> +another provider of virtual/tmpfiles.
> +
> +Despite the name, 'systemd-tmpfiles' does not depend on systemd, does
> +not use dbus, and is just a drop-in replacement for opentmpfiles. It is
> +a small binary built from systemd source code, but works separately,
> +similarly to eudev or elogind. It is known to work on both glibc and
> +musl systems.
> +
> +Note that systemd-tmpfiles is specifically for non-systemd systems. It
> +is intended to be used on an OpenRC system.

Maybe it'd be worth adding a sentence that systemd itself provides
the utility on systemd systems.

--
Best regards,
Micha? Górny

On 09.07.2021 09:11, Micha? Górny wrote:
> On Thu, 2021-07-08 at 21:43 -0700, Georgy Yakovlev wrote:
> > Signed-off-by: Sam James <sam@gentoo.org>
> > Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
> > ---
> > .../2021-07-07-systemd-tmpfiles.en.txt | 64 +++++++++++++++++++
> > 1 file changed, 64 insertions(+)
> > create mode 100644 2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> >
> > diff --git a/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> > new file mode 100644
> > index 0000000..e946c89
> > --- /dev/null
> > +++ b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
... snip
> > +Note that systemd-tmpfiles is specifically for non-systemd systems. It
> > +is intended to be used on an OpenRC system.
>
> Maybe it'd be worth adding a sentence that systemd itself provides
> the utility on systemd systems.
Already pushed as is. It should not be shown to systemd users anyway, so
no big losss.
> --
> Best regards,
> Micha? Górny
>
>

--
Best regards,
Georgy

On 09.07.2021 08:50, Tomas Mozes wrote:
> On Fri, Jul 9, 2021 at 4:38 AM Georgy Yakovlev <gyakovlev@gentoo.org> wrote:
>
> > Signed-off-by: Sam James <sam@gentoo.org>
> > Signed-off-by: Georgy Yakovlev <gyakovlev@gentoo.org>
> > ---
> > .../2021-07-07-systemd-tmpfiles.en.txt | 48 +++++++++++++++++++
> > 1 file changed, 48 insertions(+)
> > create mode 100644
> > 2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> >
> > diff --git
> > a/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> > b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
> > new file mode 100644
> > index 0000000..0960663
> > --- /dev/null
> > +++ b/2021-07-07-systemd-tmpfiles/2021-07-07-systemd-tmpfiles.en.txt
...snip
> > +
> > + 1. # emerge --oneshot sys-apps/systemd-tmpfiles
> > + 2. # reboot
> > +
> > +No other steps required.
> > +
...snip
> Plus maybe removing these dead symlinks:
> /etc/runlevels/boot/opentmpfiles-setup
> /etc/runlevels/sysinit/opentmpfiles-dev

added, thanks.

--
Best regards,
Georgy

>>>>> On Fri, 09 Jul 2021, Georgy Yakovlev wrote:

> +Title: systemd-tmpfiles replaces opentmpfiles due to security issues

Title is way too long, maximum of 50 characters is allowed.

>>>>> On Fri, 09 Jul 2021, Georgy Yakovlev wrote:

> Already pushed as is.

So as far as I can see, you've posted it for review at 02:38:05 today,
and pushed it at 08:25:55?

That is less than the 72 hours mandated by GLEP 42, so definitely
not OK. That pr@ wasn't CCed isn't helpful either.

Ulrich

On 09.07.2021 13:57, Ulrich Mueller wrote:
> >>>>> On Fri, 09 Jul 2021, Georgy Yakovlev wrote:
>
> > Already pushed as is.
>
> So as far as I can see, you've posted it for review at 02:38:05 today,
> and pushed it at 08:25:55?
>
> That is less than the 72 hours mandated by GLEP 42, so definitely
> not OK. That pr@ wasn't CCed isn't helpful either.
>
> Ulrich

Sorry about not CC-ing and making title longer than 50.

But sure, let's revert and wait 3 days, instead of sending an explanation
to users who may need it now.
Let's wait till more topics on forums created, and let our IRC support
guys do more work explaining it to people.

Makes sense.

--
Best regards,
Georgy