Fabre

#1136583 scap-security-guide uses pidof but does not depend on procps #1136583

Package:: src:scap-security-guide

Source:: src:scap-security-guide

Submitter:: Gioele Barabucci

Date:: 2026-05-30 05:35:01 UTC

Severity:: normal

Tags:

#1136583#5

Date:: 2026-05-13 23:32:21 UTC

From:

To:

Dear maintainer(s) of scap-security-guide,

it appears that scap-security-guide uses `pidof` in its testsuite, or that
at least one of its binary packages uses `pidof` at runtime.
Historically, `pidof` was provided by the Essential package
`sysvinit-tools`, making an explicit dependency unnecessary. However
`pidof` will soon be moved to `procps` and will no longer be part of
the Essential set.

Please add an explicit dependency on `procps`:

* via the `Depends:` field of all binary packages of scap-security-guide
  that use `pidof` at runtime;
* via the `Build-Depends:` field of scap-security-guide, if `pidof` is
  used in tests run at build-time;
* via the `Depends:` field of `debian/control/tests`, if `pidof` is
  used in autopkgtests.

To prevent any disruption for users of scap-security-guide, please add
this dependency now, before `pidof` is moved from `sysvinit-utils` to
`procps`. Alternatively, you could remove all uses of `pidof`.

It is believed that scap-security-guide uses `pidof` due to the following
code snippets:

```
path: scap-security-guide_0.1.79-1/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_remote_server/bash/shared.sh
config_file="/etc/ntp.conf"
/usr/sbin/pidof ntpd || config_file="{{{ chrony_conf_path }}}"
if ! grep -q ^server "$config_file" ; then


path: scap-security-guide_0.1.79-1/linux_os/guide/services/ntp/service_chronyd_or_ntpd_enabled/bash/shared.sh
# disruption = low
if {{{ bash_package_installed("chrony") }}} ; then
    if ! /usr/sbin/pidof ntpd ; then
        {{{ bash_service_command("enable", "chronyd") | indent(8) }}}
    fi


path: scap-security-guide_0.1.79-1/linux_os/guide/services/ntp/chronyd_or_ntpd_specify_multiple_servers/bash/shared.sh
config_file="/etc/ntp.conf"
/usr/sbin/pidof ntpd || config_file="{{{ chrony_conf_path }}}"
if ! [ "$(grep -c '^server' "$config_file")" -gt 1 ] ; then


path: scap-security-guide_0.1.79-1/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh
pof="/bin/pidof"
{{% else %}}
pof="/usr/sbin/pidof"
{{% endif %}}


path: scap-security-guide_0.1.79-1/linux_os/guide/services/ntp/chronyd_or_ntpd_set_maxpoll/bash/shared.sh
{{% if 'sle' in product or 'slmicro' in product or 'ubuntu' in product %}}
pof="/bin/pidof"
{{% else %}}
pof="/usr/sbin/pidof"
```

Feel free to close this issue if this is a false positive (for example
if this code is in an unreachable code path).

Regards,

#1136583#8

Date:: 2026-05-30 05:34:26 UTC

From:

To:

Hello,

Bug #1136583 in scap-security-guide reported by you has been fixed in the
Git repository and is awaiting an upload. You can see the commit
message below and you can check the diff of the fix at:

https://salsa.debian.org/pkg-security-team/scap-security-guide/-/commit/6b414d31135301861483d57c77247e7f3d4e4cfc

(this message was generated automatically)
-- 
Greetings

https://bugs.debian.org/1136583

#1136583 scap-security-guide uses pidof but does not depend on procps #1136583

Just Reply to ...

Reply to submitter ...

Send control command (Silently)

Set Architecture Tags (Silently)