Please read this before reporting a bug:
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
https://wiki.archlinux.org/title/Bug_reporting_guidelines
Do NOT report bugs when a package is just outdated, or it is in the AUR. Use the 'flag out of date' link on the package page, or the Mailing List.
REPEAT: Do NOT report bugs for outdated packages!
FS#31748 - [iputils] Unable to install over NFS
Attached to Project:
Arch Linux
Opened by Paul Gideon Dann (giddie) - Monday, 01 October 2012, 09:10 GMT
Last edited by Stéphane Gaudreault (stephane) - Tuesday, 02 October 2012, 18:08 GMT
Opened by Paul Gideon Dann (giddie) - Monday, 01 October 2012, 09:10 GMT
Last edited by Stéphane Gaudreault (stephane) - Tuesday, 02 October 2012, 18:08 GMT
|
DetailsDescription:
The iputils package is unable to install on a system with root mounted over NFS. This is because of the use of setcap to enable ping for non-root users. I'm not sure quite what to do about this. Capabilities seems sensible, but if NFS doesn't support them, this could become crippling if other, more critical packages start using them too... Additional info: * Version 20101006-4 Steps to reproduce: $ pacman -S iputils [...] (1/1) upgrading iputils [###########################] 100% Failed to set capabilities on file `usr/bin/ping' (Operation not supported) usage: setcap [-q] [-v] (-r|-|<caps>) <filename> [ ... (-r|-|<capsN>) <filenameN> ] Note <filename> must be a regular (non-symlink) file. Failed to set capabilities on file `usr/bin/ping6' (Operation not supported) usage: setcap [-q] [-v] (-r|-|<caps>) <filename> [ ... (-r|-|<capsN>) <filenameN> ] Note <filename> must be a regular (non-symlink) file. |
This task depends upon
Closed by Stéphane Gaudreault (stephane)
Tuesday, 02 October 2012, 18:08 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in [testing]
Tuesday, 02 October 2012, 18:08 GMT
Reason for closing: Fixed
Additional comments about closing: Fixed in [testing]
Comment by Paul Gideon Dann (giddie) -
Monday, 01 October 2012, 10:23 GMT
I realise I was slightly misleading in my description: the install script fails, but the package does install. As a result, though, ping does not work for non-root users.
Comment by Thomas Bächler (brain0) -
Monday, 01 October 2012, 11:21 GMT
As per, https://mailman.archlinux.org/pipermail/arch-general/2012-October/031362.html we should add a setuid-root-fallback for all these packages (at least wireshark is affected as well).
Comment by Stéphane Gaudreault (stephane) -
Monday, 01 October 2012, 19:29 GMT
Please try iputils-20101006-5 in [testing].
Comment by Paul Gideon Dann (giddie) -
Tuesday, 02 October 2012, 10:03 GMT
That works great; thanks. So are packagers just going to have to remember to fall back to setuid whenever they use setcap? I'm worried this could really easily happen again as (and when) capabilities are used more.
Comment by Stéphane Gaudreault (stephane) -
Tuesday, 02 October 2012, 18:08 GMT
Yes. Capabilities are likely to be used more and more in the future. In my opinion, having /usr/bin on NFS is a bad idea, but you can report bugs if you find another package that fail to install because of this.