Created attachment 611957 [details] updated sysconfig to support shellinabox user and group Description of problem: As packaged, shellinabox can not run as it doesn't have access to a directory to store its generated .pem files. Version-Release number of selected component (if applicable): 2.14 How reproducible: install shellinabox and then try systemctl start shellinaboxd.service and then check the status and /var/log/messages. Actual results: Doesn't run Expected results: service starts. Additional info: I am attaching an updated shellinaboxd.sysconfig and a diff to the spec file that fix the problem. The problem is fixed by having pre in the spec create a user account, having post chown a directory in /var/run to that user account, and having the sysconfig file tell shellinabox to look for certs in that directory and run with the shellinabox user and group. The patch to the spec file assumes that bug: https://bugzilla.redhat.com/show_bug.cgi?id=856398 is fixed
Created attachment 611959 [details] Patch to spec to implement fix
Sorry I didn't include a %changelog entry in the spec and I missed your new packages that were just built a few days ago. Here is a candidate template: %changelog * Tue Sep 11 2012 Joel Young <jdy> - 2.14-8 +- Fix bug with firefox 15 in which - key ignored +- Create shellinabox user/group and /var/run dir for certs
Many thanks for the patches. I mostly use it as a web ssh frontend to some hidden boxes, so I didn't step onto the issue. I applied the required changes, but a bit differently to comply with packaging guidelines and uniformity: http://pkgs.fedoraproject.org/cgit/shellinabox.git/commit/?id=b15565af5a8728dc7e5346244208ed6160a668c0 Many thanks! Builds on the way.
shellinabox-2.14-9.el5 has been submitted as an update for Fedora EPEL 5. https://admin.fedoraproject.org/updates/shellinabox-2.14-9.el5
shellinabox-2.14-9.el6 has been submitted as an update for Fedora EPEL 6. https://admin.fedoraproject.org/updates/shellinabox-2.14-9.el6
shellinabox-2.14-9.fc16 has been submitted as an update for Fedora 16. https://admin.fedoraproject.org/updates/shellinabox-2.14-9.fc16
shellinabox-2.14-9.fc17 has been submitted as an update for Fedora 17. https://admin.fedoraproject.org/updates/shellinabox-2.14-9.fc17
shellinabox-2.14-9.fc18 has been submitted as an update for Fedora 18. https://admin.fedoraproject.org/updates/shellinabox-2.14-9.fc18
I forgot one thing on my patch. I think that the /var/run/shellinabox directory should be chmod 700. What do you think? Thanks for processing these so quickly! Joel
Never mind. I see in your spec that you set it to 750. That is fine! From what I read in the packager guidelines, fedora doesn't advocate removing the user on package uninstall.
s/doesn't advocate/forbids/ is closer.
Package shellinabox-2.14-9.fc18: * should fix your issue, * was pushed to the Fedora 18 testing repository, * should be available at your local mirror within two days. Update it with: # su -c 'yum update --enablerepo=updates-testing shellinabox-2.14-9.fc18' as soon as you are able to. Please go to the following url: https://admin.fedoraproject.org/updates/FEDORA-2012-13852/shellinabox-2.14-9.fc18 then log in and leave karma (feedback).
Thanks! I've tested these on F16 and they work fine. Note that I did create a new bug (I guess it is really a feature request) also. https://bugzilla.redhat.com/show_bug.cgi?id=856860 Sorry for sending these staggered. Didn't expect such fast support! I have no more in the pipeline.
(In reply to comment #11) > s/doesn't advocate/forbids/ is closer. Oh, it's true [1]. I thought about what was done in another package, but that was to switch from a dynamic fedora-usermgmt created user to switch to an allocated static uid and not for a normal user. I will remove that along with the changes in the other bug. "We never remove users or groups created by packages. [...] Cleanup of unused users/groups is left to the system administrators to take care of if they so desire." [1] http://fedoraproject.org/wiki/Packaging:UsersAndGroups Thanks, --Simone
shellinabox-2.14-9.fc16 has been pushed to the Fedora 16 stable repository. If problems still persist, please make note of it in this bug report.
shellinabox-2.14-9.fc18 has been pushed to the Fedora 18 stable repository. If problems still persist, please make note of it in this bug report.
shellinabox-2.14-9.fc17 has been pushed to the Fedora 17 stable repository. If problems still persist, please make note of it in this bug report.