Bug#1062063: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u2

[Jan Wagner]

Hi Adam,

> 
> Am 31.01.2024 um 18:59 schrieb Adam D. Barratt :
> 
>> On Wed, 2024-01-31 at 09:50 +0100, Jan Wagner wrote:
>> As reported in #1061956, check_http fails when called with --no-body
>> and
>> Transfer-Encoding: chunked is used
> 
> Please go ahead.

I uploaded the package to proposed-updates.

Many thanks.

Bug#1061956: [Pkg-nagios-devel] Bug#1061956: monitoring-plugins-basic: check_http --no-body fails when Transfer-Encoding: chunked

[Jan Wagner]

Hi Cyprien,

Am 30.01.24 um 14:27 schrieb Cyprien Nicolas:

This issue is related to `check_http` failing to handle the --no-body
or -N argument when a server sends the Transfer-Encoding: chunked
header.

We use this argument for checking only the HTTP status code, as we
don't need the full body of the response.

The issue is already fixed upstream since 2.3.4 [1] and I can't
reproduce the issue with 2.3.5-1 from testing.


thanks for reporting.


Would it be possible to get a fix in current stable? In next
point-release maybe?


I opened #1062063 for this.


1. https://github.com/monitoring-plugins/monitoring-plugins/pull/1901


Maybe as in 
https://github.com/monitoring-plugins/monitoring-plugins/pull/1901#issuecomment-1771021923 
suggested you might want to migrate over to check_curl?


With kind regards, Jan.
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#1062063: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u2

[Jan Wagner]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: monitoring-plug...@packages.debian.org
Control: affects -1 + src:monitoring-plugins

[ Reason ]
As reported in #1061956, check_http fails when called with --no-body and 
Transfer-Encoding: chunked is used


[ Impact ]
check_http is unusable when called with --no-body and Transfer-Encoding: 
chunked is used


[ Tests ]
Upstream test suite, It was verified to work in the upstream issue 
tracker 
(https://github.com/monitoring-plugins/monitoring-plugins/pull/1901) and 
2.3.5-1 has also this fix, which is since some time in testing.


[ Risks ]
Low, trivial change.

[ Checklist ]
   [x] *all* changes are documented in the d/changelog
   [x] I reviewed all changes and I approve them
   [x] attach debdiff against the package in (old)stable
   [x] the issue is verified as fixed in unstable

[ Changes ]
The patch is required to fix the check_http regression.

[ Other info ]
This is a request for pre approval, if you are okay with the changes, 
I'll upload it.


Kind Regards,

Jan
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--diff --git a/debian/changelog b/debian/changelog
index d0b7b5b..1e067a3 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+monitoring-plugins (2.3.3-5+deb12u2) bookworm; urgency=medium
+
+  * [c45bc15] Adding d/p/23_check_http_fix_unchunking_body from upstream
+(Closes: #1061956)
+
+ -- Jan Wagner   Wed, 31 Jan 2024 09:40:18 +0100
+
 monitoring-plugins (2.3.3-5+deb12u1) bookworm; urgency=medium
 
   * [85eed74] Adding d/p/22_check_disk_avoid_mount from upstream
diff --git a/debian/patches/23_check_http_fix_unchunking_body 
b/debian/patches/23_check_http_fix_unchunking_body
new file mode 100644
index 000..b14
--- /dev/null
+++ b/debian/patches/23_check_http_fix_unchunking_body
@@ -0,0 +1,22 @@
+From a6802bd5f50a5c12ed5bafa4fe9ee14fede7c1e1 Mon Sep 17 00:00:00 2001
+From: Thoralf Rickert-Wendt <30341294+tricker...@users.noreply.github.com>
+Date: Tue, 8 Aug 2023 10:22:53 +0200
+Subject: [PATCH] Fix issue #1872
+
+---
+ plugins/check_http.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/plugins/check_http.c b/plugins/check_http.c
+index 1288c415d..718c8ee71 100644
+--- a/plugins/check_http.c
 b/plugins/check_http.c
+@@ -1279,7 +1279,7 @@ check_http (void)
+ 
+   regmatch_t chre_pmatch[1]; // We actually do not care about this, since we 
only want to know IF it was found
+ 
+-  if (regexec(_header_regex, header, 1, chre_pmatch, 0) == 0) {
++  if (!no_body && regexec(_header_regex, header, 1, chre_pmatch, 0) 
== 0) {
+ if (verbose) {
+   printf("Found chunked content\n");
+ }
diff --git a/debian/patches/series b/debian/patches/series
index b024b25..d8711a4 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -9,3 +9,4 @@
 15_check_swap_remove_includes
 16_check_snmp_disable_multiplier_when_unused
 22_check_disk_avoid_mount
+23_check_http_fix_unchunking_body

Bug#1054401: bookworm-pu: package nagios-plugins-contrib/42.20230308+deb12u1

[Jan Wagner]

Hi,

Am 05.11.23 um 15:41 schrieb Jan Wagner:

Am 23.10.23 um 19:43 schrieb Holger Levsen:

On Mon, Oct 23, 2023 at 01:19:25PM +0200, Jan Wagner wrote:

[ Reason ]
As reported in #1033791, check_running_kernel fails to find version on
bookworm/(arm64|armhf).

[ Impact ]
check_running_kernel doesn't work on arm64 and armhf as expected, 
this is a

regression.

[ Tests ]
The patch was verified to work in #1033791
I've rebuild the package on arm64 and can confirm 
/usr/lib/nagios/plugins/check_running_kernel
now works on those arm64 systems where the version currently in 
bookworm does

not work.


is there anything I can do to get the package into bookworm?


I would enjoy to hear from the RM about this.

Thanks, Jan

Bug#1054401: bookworm-pu: package nagios-plugins-contrib/42.20230308+deb12u1

[Jan Wagner]

Hi there,

Am 23.10.23 um 19:43 schrieb Holger Levsen:

On Mon, Oct 23, 2023 at 01:19:25PM +0200, Jan Wagner wrote:

[ Reason ]
As reported in #1033791, check_running_kernel fails to find version on
bookworm/(arm64|armhf).

[ Impact ]
check_running_kernel doesn't work on arm64 and armhf as expected, this is a
regression.

[ Tests ]
The patch was verified to work in #1033791

I've rebuild the package on arm64 and can confirm 
/usr/lib/nagios/plugins/check_running_kernel
now works on those arm64 systems where the version currently in bookworm does
not work.


is there anything I can do to get the package into bookworm?

Cheers, Jan

Bug#1054401: bookworm-pu: package nagios-plugins-contrib/42.20230308+deb12u1

[Jan Wagner]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: monitoring-plug...@packages.debian.org
Control: affects -1 + src:nagios-plugins-contrib

[ Reason ]
As reported in #1033791, check_running_kernel fails to find version on 
bookworm/(arm64|armhf).


[ Impact ]
check_running_kernel doesn't work on arm64 and armhf as expected, this 
is a regression.


[ Tests ]
The patch was verified to work in #1033791

[ Risks ]
Low, trivial change.

[ Checklist ]
   [x] *all* changes are documented in the d/changelog
   [x] I reviewed all changes and I approve them
   [x] attach debdiff against the package in (old)stable
   [x] the issue is verified as fixed in unstable

[ Changes ]
The patch is required to fix check_running_kernel on arm64 and armhf.

[ Other info ]
This is a request for pre approval, if you are okay with the changes, 
I'll upload it.


Kind Regards,

Jan
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--diff --git a/debian/changelog b/debian/changelog
index 1ce2330..2360b0b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+nagios-plugins-contrib (42.20230308+deb12u1) bookworm; urgency=medium
+
+  [ Manfred Stock ]
+  * [f5a0186] Extend fix for on-disk version detection on Bookworm
+(Closes: #1033791)
+
+ -- Jan Wagner   Mon, 23 Oct 2023 13:03:28 +0200
+
 nagios-plugins-contrib (42.20230308) unstable; urgency=high
 
   * [4ab7834] Adding d/p/dsa/check_running_kernel_bookworm_fix
diff --git a/debian/patches/dsa/check_running_kernel_bookworm_fix 
b/debian/patches/dsa/check_running_kernel_bookworm_fix
index fe5e75d..d98b929 100644
--- a/debian/patches/dsa/check_running_kernel_bookworm_fix
+++ b/debian/patches/dsa/check_running_kernel_bookworm_fix
@@ -9,3 +9,12 @@
if [ -x /usr/bin/lsb_release ] ; then
vendor=$(lsb_release -i -s)
if [ -n "$vendor" ] && [ "xDebian" != 
"x$vendor" ] ; then
+@@ -211,7 +211,7 @@
+   fi
+   fi
+   [ -z "$on_disk_version" ] || continue
+-  on_disk_version="`cat "$on_disk" | $STRINGS | grep 
'Linux version' | head -n1`"
++  on_disk_version="`cat "$on_disk" | $STRINGS | grep 
'Linux version' | tail -n1`"
+   [ -z "$on_disk_version" ] || continue
+ 
+   echo "UNKNOWN: Failed to get a version string from 
image $on_disk"

Bug#1053557: squid: Squid autopkgtest failures prevents squid from entering testing

[Jan Wagner]

Source: squid
Version: 6.3-1
Severity: normal
X-Debbugs-Cc: w...@cyconet.org

Hi there,

looking at https://ci.debian.net/packages/s/squid/testing/amd64/ the 
autopkgtest (upstream-test-suite) fails:


154s make: Entering directory 
'/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src/test-suite'
154s make  ESIExpressions mem_node_test mem_hdr_test splay 
syntheticoperators VirtualDeleteOperator
154s make[1]: Entering directory 
'/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src/test-suite'
154s g++ -std=c++17 -DHAVE_CONFIG_H 
-DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" 
-DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" 
-DDEFAULT_SQUID_CONFIG_DIR=\"/etc\"   -I.. -I../include -I../lib 
-I../src -I../include  -isystem /usr/include/mit-krb5   -I. 
-I/usr/include/libxml2  -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra 
-Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments 
-Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe 
-D_REENTRANT -I/usr/include/p11-kit-1-g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -march=native -c -o test_tools.o 
test_tools.cc
154s g++ -std=c++17 -DHAVE_CONFIG_H 
-DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" 
-DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" 
-DDEFAULT_SQUID_CONFIG_DIR=\"/etc\"   -I.. -I../include -I../lib 
-I../src -I../include  -isystem /usr/include/mit-krb5   -I. 
-I/usr/include/libxml2  -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra 
-Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments 
-Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe 
-D_REENTRANT -I/usr/include/p11-kit-1-g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -march=native -c -o 
stub_cbdata.o stub_cbdata.cc
154s g++ -std=c++17 -DHAVE_CONFIG_H 
-DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" 
-DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" 
-DDEFAULT_SQUID_CONFIG_DIR=\"/etc\"   -I.. -I../include -I../lib 
-I../src -I../include  -isystem /usr/include/mit-krb5   -I. 
-I/usr/include/libxml2  -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra 
-Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments 
-Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe 
-D_REENTRANT -I/usr/include/p11-kit-1-g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -march=native -c -o 
stub_MemBuf.o stub_MemBuf.cc
154s g++ -std=c++17 -DHAVE_CONFIG_H 
-DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" 
-DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" 
-DDEFAULT_SQUID_CONFIG_DIR=\"/etc\"   -I.. -I../include -I../lib 
-I../src -I../include  -isystem /usr/include/mit-krb5   -I. 
-I/usr/include/libxml2  -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra 
-Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments 
-Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe 
-D_REENTRANT -I/usr/include/p11-kit-1-g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -march=native -c -o stub_SBuf.o 
stub_SBuf.cc
155s g++ -std=c++17 -DHAVE_CONFIG_H 
-DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" 
-DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" 
-DDEFAULT_SQUID_CONFIG_DIR=\"/etc\"   -I.. -I../include -I../lib 
-I../src -I../include  -isystem /usr/include/mit-krb5   -I. 
-I/usr/include/libxml2  -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra 
-Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments 
-Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe 
-D_REENTRANT -I/usr/include/p11-kit-1-g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -march=native -c -o stub_tools.o 
stub_tools.cc
155s g++ -std=c++17 -DHAVE_CONFIG_H 
-DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" 
-DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" 
-DDEFAULT_SQUID_CONFIG_DIR=\"/etc\"   -I.. -I../include -I../lib 
-I../src -I../include  -isystem /usr/include/mit-krb5   -I. 
-I/usr/include/libxml2  -Wdate-time -D_FORTIFY_SOURCE=2 -Wall -Wextra 
-Wimplicit-fallthrough=5 -Wpointer-arith -Wwrite-strings -Wcomments 
-Wshadow -Wmissing-declarations -Woverloaded-virtual -Werror -pipe 
-D_REENTRANT -I/usr/include/p11-kit-1-g -O2 
-ffile-prefix-map=/tmp/autopkgtest-lxc.mpw063si/downtmp/build.lxu/src=. 
-fstack-protector-strong -fstack-clash-protection -Wformat 
-Werror=format-security -fcf-protection -march=native -c -o stub_fatal.o 
stub_fatal.cc
156s g++ -std=c++17 -DHAVE_CONFIG_H 
-DDEFAULT_CONFIG_FILE=\"/etc/squid.conf\" 
-DDEFAULT_SQUID_DATA_DIR=\"/usr/share\" 

Bug#1052218: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u1

[Jan Wagner]

Am 23.09.23 um 21:42 schrieb Adam D. Barratt:

Control: tags -1 confirmed

On Tue, 2023-09-19 at 08:35 +0200, Jan Wagner wrote:

As reported in #1051768, check_disk has gotten very slow on a
machine
with a huge number of mount points (in excess of 16000).

[ Impact ]
check_disk used to take around 10 seconds on bullseye in this
scenario,
now it is more than one hour



Please go ahead.


monitoring-plugins_2.3.3-5+deb12u1 was uploaded to proposed-updates.

with best regards, Jan

Bug#1051768: [Pkg-nagios-devel] Bug#1051768: monitoring-plugins-basic: check_disk is very slow

[Jan Wagner]

Am 12.09.23 um 13:06 schrieb Arnaud Gomes:

Could you please cherry-pick commit 0dd1110 in a future release of the
package?


I've requested approval with #1052218 for this

Bug#1052218: bookworm-pu: package monitoring-plugins/2.3.3-5+deb12u1

[Jan Wagner]

Package: release.debian.org
Severity: normal
Tags: bookworm
User: release.debian@packages.debian.org
Usertags: pu
X-Debbugs-Cc: monitoring-plug...@packages.debian.org
Control: affects -1 + src:monitoring-plugins

[ Reason ]
As reported in #1051768, check_disk has gotten very slow on a machine 
with a huge number of mount points (in excess of 16000).


[ Impact ]
check_disk used to take around 10 seconds on bullseye in this scenario,
now it is more than one hour

[ Tests ]
Upstream test suite, It was verified to work in the upstream issue 
tracker 
(https://github.com/monitoring-plugins/monitoring-plugins/issues/1919#issuecomment-1715348368) 
and 2.3.3-6 has also this fix, which is since some time in testing.


[ Risks ]
Low, trivial change.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
The patch is required to speed up check_disk with a huge number of mount 
points.


[ Other info ]
This is a request for pre approval, if you are okay with the changes, 
I'll upload it.


Kind Regards,

Jan
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--diff --git a/debian/changelog b/debian/changelog
index d938ad6..d0b7b5b 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+monitoring-plugins (2.3.3-5+deb12u1) bookworm; urgency=medium
+
+  * [85eed74] Adding d/p/22_check_disk_avoid_mount from upstream
+(Closes: #1051768)
+
+ -- Jan Wagner   Tue, 19 Sep 2023 07:54:14 +0200
+
 monitoring-plugins (2.3.3-5) unstable; urgency=medium
 
   * [6fb8e25] Adding d/p/14_check_curl_fix_SSL_with_multiple_IPs from upstream
diff --git a/debian/patches/22_check_disk_avoid_mount 
b/debian/patches/22_check_disk_avoid_mount
new file mode 100644
index 000..49a7113
--- /dev/null
+++ b/debian/patches/22_check_disk_avoid_mount
@@ -0,0 +1,47 @@
+From 0dd11100aa92bab172293ec9615a8a56b0e35ee6 Mon Sep 17 00:00:00 2001
+From: Stefan Taferner 
+Date: Wed, 10 May 2023 19:28:05 +0200
+Subject: [PATCH] avoid mounting when searching for matching mount points
+
+---
+ lib/utils_disk.c | 17 +
+ 1 file changed, 9 insertions(+), 8 deletions(-)
+
+diff --git a/lib/utils_disk.c b/lib/utils_disk.c
+index 468769b19..582d3ea17 100644
+--- a/lib/utils_disk.c
 b/lib/utils_disk.c
+@@ -147,24 +147,25 @@ np_set_best_match(struct parameter_list *desired, struct 
mount_entry *mount_list
+ 
+   /* set best match if path name exactly matches a mounted device name */
+   for (me = mount_list; me; me = me->me_next) {
+-  if (get_fs_usage(me->me_mountdir, me->me_devname, ) < 0)
+-continue; /* skip if permissions do not suffice for accessing device 
*/
+-if (strcmp(me->me_devname, d->name)==0)
+-  best_match = me;
++if (strcmp(me->me_devname, d->name)==0) {
++  if (get_fs_usage(me->me_mountdir, me->me_devname, ) >= 0) {
++best_match = me;
++  }
++}
+   }
+ 
+   /* set best match by directory name if no match was found by devname */
+   if (! best_match) {
+ for (me = mount_list; me; me = me->me_next) {
+-if (get_fs_usage(me->me_mountdir, me->me_devname, ) < 0)
+-  continue; /* skip if permissions do not suffice for accessing 
device */
+   size_t len = strlen (me->me_mountdir);
+   if ((exact == FALSE && (best_match_len <= len && len <= name_len &&
+  (len == 1 || strncmp (me->me_mountdir, d->name, len) == 0)))
+  || (exact == TRUE && strcmp(me->me_mountdir, d->name)==0))
+   {
+-best_match = me;
+-best_match_len = len;
++if (get_fs_usage(me->me_mountdir, me->me_devname, ) >= 0) {
++  best_match = me;
++  best_match_len = len;
++}
+   }
+ }
+   }
diff --git a/debian/patches/series b/debian/patches/series
index ae89285..b024b25 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -8,3 +8,4 @@
 14_check_curl_fix_SSL_with_multiple_IPs
 15_check_swap_remove_includes
 16_check_snmp_disable_multiplier_when_unused
+22_check_disk_avoid_mount

Bug#998834: Multiple subsystem options in sshd_config prevent sshd from starting

[Jan Wagner]

Hi,

Am 09.05.23 um 09:43 schrieb Jan Wagner:

https://bugzilla.mindrot.org/attachment.cgi?id=3591=diff==1=raw
 has a patch for this


what needs to happen to raise the chance to get that integrated? It's 
super annoying to work around this and (re)integrate this back after 
every dist upgrade. If Debian wants to be user friedly this is a feature 
which might underline it.
If there is anything I can help to move things forward, please let me 
know and I will try my best to do so.


Many thanks, Jan

Bug#998834: Multiple subsystem options in sshd_config prevent sshd from starting

[Jan Wagner]

tags 998834 + patch
thanks

https://bugzilla.mindrot.org/attachment.cgi?id=3591=diff==1=raw 
has a patch for this

Bug#1034781: [Pkg-nagios-devel] Bug#1034781: monitoring-plugins-contrib: Dependency 'bc' missing for check_ssl_cert

[Jan Wagner]

Hi Johannes,

Am 24.04.23 um 13:10 schrieb Drexl Johannes:

since a couple of versions check_ssl_cert uses bc to calculate floating
point values. The commit was

https://github.com/matteocorti/check_ssl_cert/commit/6bedeb49bd1523a1d90adeb3ef21e46b7190aada

Hence now bc needs to go from the Recommends section of the package to
actually being a dependency:

Depends: bc


looking into 
/usr/share/doc/monitoring-plugins-contrib/README.Debian.plugins:


Some plugins require additional libraries. To prevent you from having to
install dozens of further packages that you don't actually need, there 
is no strict dependency on those libraries. Rather, they are listed as 
recommenda-tions or suggestions.


apt-get(8) and aptitude(8) will install recommended packages 
automatically by default. If you did not disable this feature you will 
have everything in place to operate all plugins when installing the 
"nagios-plugins-contrib" package.
Else you have to install missing dependencies manually (see the section 
"Plugin dependencies" below).


So it's intention that bc is "just" a Recommend. See 
https://salsa.debian.org/nagios-team/nagios-plugins-contrib/-/commit/013199bb350af8e2a91213ecb1fc168d37405d94 
for this.


With kind regards, Jan
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-@ s+:()>- a+ C$ UL$ P+ L$ !E--- W+++$ N+++ o++ K++ 
!w---? O M+

!V- PS+ PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y+
--END GEEK CODE BLOCK--

Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5

[Jan Wagner]

Hi,

Am 27.03.23 um 08:28 schrieb Jan Wagner:

here are the upstream fixes, related upstream CI pipelines and issues:


while we are at fixing bugs.

I'd also like to include 
https://patch-diff.githubusercontent.com/raw/monitoring-plugins/monitoring-plugins/pull/1850.patch, 
which fixes 
https://github.com/monitoring-plugins/monitoring-plugins/issues/1849 
(check_snmp: unit removed from check result)
https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4531646296/jobs/7982048943?pr=1850 
has a successfull upstream CI test run.


Thanks Jan

Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5

[Jan Wagner]

Hi Sebastian,

Am 26.03.23 um 19:36 schrieb Sebastian Ramacher:

Hi Jan

On 2023-03-25 16:58:12 +0100, Jan Wagner wrote:

Hi Sebastian,

Am 25.03.23 um 10:31 schrieb Sebastian Ramacher:

What's the rationale to include these patches? Do they fix bugs reported
in the BTS or upstream?


upstream


I was hoping to get some more details on the bugs and why fixing them
warrants an unblock.


here are the upstream fixes, related upstream CI pipelines and issues:

* [953ee52] Adding d/p/13_check_icmp_improvements from upstream

This is 
https://github.com/monitoring-plugins/monitoring-plugins/pull/1807 which 
fixes https://github.com/monitoring-plugins/monitoring-plugins/issues/1752.
https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4216517133/jobs/7318393872?pr=1807 
has a successfull CI run with running upstream testsuite on Debian testing.


* [6fb8e25] Adding d/p/14_check_curl_fix_SSL_with_multiple_IPs from upstream

This is 
https://github.com/monitoring-plugins/monitoring-plugins/pull/1847 which 
fixes https://github.com/monitoring-plugins/monitoring-plugins/issues/1844.
https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4391896655/jobs/769170?pr=1847 
has a successfull CI run with running upstream testsuite on Debian testing.


* [eab1e1d] Adding d/p/15_check_swap_remove_includes from upstream

This is 
https://github.com/monitoring-plugins/monitoring-plugins/pull/1854 which 
fixes https://github.com/monitoring-plugins/monitoring-plugins/issues/1853.
https://github.com/monitoring-plugins/monitoring-plugins/actions/runs/4438159520/jobs/7788839977?pr=1854 
has a successfull CI run with running upstream testsuite on Debian testing.


If you need more information, I'm happy to provide those.

With kind regards, Jan

Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5

[Jan Wagner]

Hi Sebastian,

Am 25.03.23 um 10:31 schrieb Sebastian Ramacher:

What's the rationale to include these patches? Do they fix bugs reported
in the BTS or upstream?


upstream

With kind regards, Jan

Bug#1033439: pre-unblock: monitoring-plugins/2.3.3-5

[Jan Wagner]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock
X-Debbugs-Cc: pkg-nagios-de...@lists.alioth.debian.org
Control: affects -1 + src:monitoring-plugins

Please see these changes for monitoring-plugins. 2.3.3-4 is already 
uploaded into unstable (containing one fix from upstream) but is blocked 
due missing autopkgtests. I prepared another upload containing two fixes 
from upstream, which is not uploaded yet.


[ Reason ]
This release targets several fixes that should go into bookworm:

* [953ee52] Adding d/p/13_check_icmp_improvements from upstream
* [6fb8e25] Adding d/p/14_check_curl_fix_SSL_with_multiple_IPs from upstream
* [eab1e1d] Adding d/p/15_check_swap_remove_includes from upstream

[ Impact ]
Included patches fixes regressions from latest upstream release.

[ Tests ]
Upstream testsuite passes as well as Salsa CI 
(https://salsa.debian.org/nagios-team/monitoring-plugins/-/pipelines/514242) 
tests (ignoring the blhc).


[ Risks ]
The code changes are trivial enough to not expect regressions.

[ Checklist ]
 [x] all changes are documented in the d/changelog
 [x] I reviewed all changes and I approve them
 [x] attach debdiff against the package in testing

[ Other info ]

unblock monitoring-plugins/2.3.3-5diff --git a/debian/changelog b/debian/changelog
index caf2e31..c738c88 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,16 @@
+monitoring-plugins (2.3.3-5) unstable; urgency=medium
+
+  * [6fb8e25] Adding d/p/14_check_curl_fix_SSL_with_multiple_IPs from upstream
+  * [eab1e1d] Adding d/p/15_check_swap_remove_includes from upstream
+
+ -- Jan Wagner   Fri, 24 Mar 2023 19:16:16 +
+
+monitoring-plugins (2.3.3-4) unstable; urgency=medium
+
+  * [953ee52] Adding d/p/13_check_icmp_improvements from upstream
+
+ -- Jan Wagner   Tue, 07 Mar 2023 13:29:35 +
+
 monitoring-plugins (2.3.3-3) unstable; urgency=medium
 
   * [15d0c56] Adding d/p/12_check_curl_improvements from upstream
diff --git a/debian/patches/13_check_icmp_improvements b/debian/patches/13_check_icmp_improvements
new file mode 100644
index 000..0eb2748
--- /dev/null
+++ b/debian/patches/13_check_icmp_improvements
@@ -0,0 +1,200 @@
+From 413af1955538b06803458c628099f1ba9da1966b Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+rincewinds...@users.noreply.github.com>
+Date: Fri, 4 Nov 2022 16:51:32 +0100
+Subject: [PATCH 1/5] Remove trailing whitespaces
+
+---
+ plugins-root/check_icmp.c | 24 
+ 1 file changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c
+index f8f153512..abd88c4e7 100644
+--- a/plugins-root/check_icmp.c
 b/plugins-root/check_icmp.c
+@@ -1,39 +1,39 @@
+ /*
+-* 
++*
+ * Monitoring check_icmp plugin
+-* 
++*
+ * License: GPL
+ * Copyright (c) 2005-2008 Monitoring Plugins Development Team
+ * Original Author : Andreas Ericsson 
+-* 
++*
+ * Description:
+-* 
++*
+ * This file contains the check_icmp plugin
+-* 
++*
+ * Relevant RFC's: 792 (ICMP), 791 (IP)
+-* 
++*
+ * This program was modeled somewhat after the check_icmp program,
+ * which was in turn a hack of fping (www.fping.org) but has been
+ * completely rewritten since to generate higher precision rta values,
+ * and support several different modes as well as setting ttl to control.
+ * redundant routes. The only remainders of fping is currently a few
+ * function names.
+-* 
+-* 
++*
++*
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+-* 
++*
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU General Public License for more details.
+-* 
++*
+ * You should have received a copy of the GNU General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+-* 
+-* 
++*
++*
+ */
+ 
+ /* progname may change */
+
+From 7d074091dba8c1d4081971bf62e694d0b1a03d41 Mon Sep 17 00:00:00 2001
+From: RincewindsHat <12514511+rincewinds...@users.noreply.github.com>
+Date: Fri, 4 Nov 2022 16:53:57 +0100
+Subject: [PATCH 2/5] Remove hardcoded DBL_MAX definition
+
+---
+ plugins-root/check_icmp.c | 4 
+ 1 file changed, 4 deletions(-)
+
+diff --git a/plugins-root/check_icmp.c b/plugins-root/check_icmp.c
+index abd88c4e7..0d10d22db 100644
+--- a/plugins-root/check_icmp.c
 b/plugins-root/check_icmp.c
+@@ -95,10 +95,6 @@ const char *email = "de...@monitoring-plugins.org";
+ # define ICMP_UNREACH_PRECEDENCE_CUTOFF 15
+ #endif
+ 
+-#ifnde

Bug#516097: [Pkg-nagios-devel] Bug#516097: nagios-plugins-basic: Please implement --ignore-inaccessible: PR request merged.

[Jan Wagner]

Hi Hilmar,

Am 11.03.23 um 12:16 schrieb Hilmar Preusse:

Package: nagios-plugins-basic
Version: 2.3.3-4
Followup-For: Bug #516097

Please note that the PR related to the upstream issue was merged
to the master branch today so it will be part in one of the next
releases. Consider the patch in one of the next uploads.


thanks for picking up here. I'm closely monitoring upstream changes and 
will include this soon. As we are in freeze for bookworm now and this is 
(just) a new feature, it is very unlikely that it will make into 
bookworm itself.
But I'm planing to upload this short after the release into unstable and 
will backport it to bookworm-backports as well.


Cheers Jan.
P.S. Maybe uploads to experimental might happen
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-@ s+:()>- a+ C$ UL$ P+ L$ !E--- W+++$ N+++ o++ K++ 
!w---? O M+

!V- PS+ PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y+
--END GEEK CODE BLOCK--

Bug#1029720: [Pkg-nagios-devel] Bug#1029720: Bug#1029720: monitoring-plugins-contrib: false positive w bookworm kernel: "running kernel does not match on-disk kernel image'

[Jan Wagner]

Thanks for all your input.

As the release is coming closer and I'm very short on time at the moment 
patches are very appreciated.


Thanks Jan

Bug#1029720: [Pkg-nagios-devel] Bug#1029720: monitoring-plugins-contrib: false positive w bookworm kernel: "running kernel does not match on-disk kernel image'

[Jan Wagner]

Hi Holger,

Am 30.01.23 um 12:33 schrieb Holger Levsen:

$ scp ./nagios-plugins-contrib-38.20230124/dsa/checks/dsa-check-running-kernel 
osuosl168-amd64.debian.net:

and then there:

holger@osuosl168-amd64:~ $ bash dsa-check-running-kernel
WARNING: Running kernel does not match on-disk kernel image: [Linux version 
6.1.0-1-amd64 (debian-ker...@lists.debian.org) (gcc-12 (Debian 12.2.0-13) 
12.2.0, GNU ld (GNU Binutils for Debian) 2.39.90.20221231) #1 SMP 
PREEMPT_DYNAMIC Debian 6.1.4-1 (2023-01-07) != Linux version 6.1.0-1-amd64 
(debian-ker...@lists.debian.org) (gcc-12 (Debian 12.2.0-13) 12.2.0, GNU ld (GNU 
Binutils for Debian) 2.39.90.20221231) # SMP PREEMPT_DYNAMIC Debian 6.1.4-1 
(2023-01-07)]
holger@osuosl168-amd64:~ $ md5sum dsa-check-running-kernel
155205740a07f98f13bf6045b317c505  dsa-check-running-kernel

so, no, doesnt help.


thanks for confirming.

As I don't have a bookworm system (with running kernel) at hand, I can't 
go deeper into debugging this issue until I get hands on it.


Sorry Jan

Bug#1029720: [Pkg-nagios-devel] Bug#1029720: monitoring-plugins-contrib: false positive w bookworm kernel: "running kernel does not match on-disk kernel image'

[Jan Wagner]

Hi Holger,

Am 26.01.23 um 17:41 schrieb Holger Levsen:

on a system running bookworm and the latest amd64 kernel
/usr/lib/nagios/plugins/check_running_kernel warns me that the running kernel 
doesnt
match the on-disk kernel, while it*is*  running the latest kernel.
(line breaks added for better readability.)


thanks for your bugreport.

can you try the version from unstable 
(https://packages.debian.org/sid/nagios-plugins-contrib) which I 
uploaded a few days ago?


Thank Jan

Bug#977294: nagios-plugins-contrib: (another) check_uptime is shipped with monitoring-plugins 2.3

[Jan Wagner]

Am 13.12.20 um 18:10 schrieb Jan Wagner:

Package: nagios-plugins-contrib
Severity: normal

Monitoring Plugins ships a check_uptime since version 2.3, see
https://github.com/monitoring-plugins/monitoring-plugins/commits/v2.3/plugins-scripts/check_uptime.pl

I would suggest to remove check_uptime from the package. If removing is
not an option, we should rename the script.


The check_uptime in monitoring-plugins is a script which has to be 
executed on the system that has to be monitored. The check_uptime of 
this package is working via SNMP and remote, so it's a completely 
different usecase.

Bug#913142: monitoring-plugins-basic: check_http sending extra CRLF after POST data

[Jan Wagner]

Hi Pierre,

Am 07.11.18 um 14:26 schrieb Pierre TEISSONNIERE:

Package: monitoring-plugins-basic
Version: 2.2-3
Severity: normal

Dear Maintainer,

* What led up to the situation ? Using check_http with POST data
* What exactly did you do (or not do) that was effective (or ineffective) ? 
check_http is used with POST data to check a web application is answerng 
properly
* What was the outcome of this action ? Extra CRLF triggering alarm in WAF 
because not complying to RFC
* What outcome did you expect instead ? Packet not blocked by WAF

This is a known bug which could lead to security issues (disabled WAF checks to 
allow requests). cf : 
https://github.com/nagios-plugins/nagios-plugins/issues/266


I published a new package 2.3.2-1 (to unstable) which tries to solve the 
issue. Can you please test it?


Thanks Jan
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-@ s+:()>- a+ C$ UL$ P+ L$ !E--- W+++$ N+++ o++ K++ 
!w---? O M+

!V- PS+ PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y+
--END GEEK CODE BLOCK--

Bug#1023280: [Pkg-nagios-devel] Bug#1023280: monitoring-plugins-basic: check_disk always segfaults

[Jan Wagner]

tags 1023280 + moreinfo unreproducible
forwarded 1023280 
https://github.com/monitoring-plugins/monitoring-plugins/issues/1805
thanks

Hi Stephane,

Am 01.11.22 um 18:00 schrieb Stephane Bortzmeyer:

-- System Information:
Debian Release: bookworm/sid
   APT prefers unstable
   APT policy: (500, 'unstable')
Architecture: armhf (armv7l)

Kernel: Linux 5.15.74 (SMP w/2 CPU threads)
Locale: LANG=C, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8), LANGUAGE not set
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)


I'm unable to reproduce this on bullseye/amd64

Cheers Jan

Bug#1004088: [Pkg-nagios-devel] Bug#1004088: no plugin to remote monitor chrony

[Jan Wagner]

Hi Marc,

Am 20.01.22 um 18:00 schrieb Marc Haber:

according to discussions on debian-devel, Debian is kind of planning to
move away from src:ntp as NTP server implementation. chrony is among the
candidates to be a replacement, and it already has significant coverage
since it's installed in the Debian Cloud images.

However, chrony doesn't support ntp mode 6, and thus check_ntp_peer does
not work with chrony servers. It would be lovely if there would be a
plugin that allows remote monitoring of a chrony server.


looking at 
https://www.mail-archive.com/chrony-users@chrony.tuxfamily.org/msg01506.html 
seems not to indicate, that there might be an easy solution for the 
problem you mentioned.



There is an open github issue upstream since 2018, so it seems unlikely
that upstream will provide such a plugin in the near future. Reference: 
https://github.com/monitoring-plugins/monitoring-plugins/issues/1526


If upstream might not handle this, what do you expact from the 
monitoring-plugins maintainers? Feel free to push things forward 
upstream, for example providing patches there.


In the meantime, if there is another plugin which can handle this, feel 
free to request to add it to nagios-plugin-contrib?


Cheers, Jan.
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#933658: [Pkg-nagios-devel] Bug#933658: monitoring-plugins-standard: check_dns unable to cope with punycode/UTF-8 domains

[Jan Wagner]

Hi Kilian,

thanks for bringing this to our attention.

Am 01.08.19 um 15:26 schrieb Kilian Krause:

The current version of check_dns seems to be broken w.r.t. punycode/UTF-8 
domains:

# /usr/lib/nagios/plugins/check_dns -H xn--brckenkurs-mathematik-9hc.de. -s 
129.69.252.34
DNS CRITICAL - '/usr/bin/nslookup -sil' msg parsing exited with no address
# /usr/lib/nagios/plugins/check_dns -H brückenkurs-mathematik.de -s 
129.69.252.34
DNS CRITICAL - '/usr/bin/nslookup -sil' msg parsing exited with no address
# nslookup -sil brückenkurs-mathematik.de 129.69.252.34
Server: 129.69.252.34
Address:129.69.252.34#53

Name:   brückenkurs-mathematik.de
Address: 129.69.8.19
Name:   brückenkurs-mathematik.de
Address: 2001:7c0:2041:8::19


$ /usr/lib/nagios/plugins/check_dns -H xn--brckenkurs-mathematik-9hc.de. -s 
8.8.8.8
DNS OK: 0.054 seconds response time. xn--brckenkurs-mathematik-9hc.de. returns 
129.69.8.19|time=0.053687s;;;0.00
$ dpkg -S /usr/bin/nslookup
dnsutils: /usr/bin/nslookup
$ dpkg -l | grep dnsutils
ii  dnsutils 
1:9.10.3.dfsg.P4-12.3+deb9u10  amd64Clients provided with BIND
$ cat /etc/debian_version
9.13
$ /usr/lib/nagios/plugins/check_dns -V
check_dns v2.3 (monitoring-plugins 2.3)

Look like it's fixed with monitoring-plugins 2.3 (at least with punycode,
which seems resonable).

Cheeers, Jan.

Bug#965329: [Pkg-nagios-devel] Bug#965329: check_ldaps (and maybe others?) cannot be restricted to IPv4-only checks via -4 cmdline switch

[Jan Wagner]

Hi Mika,

Am 19.07.20 um 18:10 schrieb Mike Gabriel:

Package: monitoring-plugins-standard
Version: 2.2-6

Hi,

I just stumbled over a peculiar thing.

I migrated one of my LDAP server that gets monitored via Icinga2 for 
IPv6 and IPv4 connectivity separately. The LDAP hosts IPv6 setup is 
still buggy after its migration and the Icinga2 host for now gets 
blocked by the providers firewall and cannot reach the the LDAP server's 
IPv6 address (like a fw DROP or a routing problem). (I filed a ticket 
with the server hoster for that, so this is off-topic here).


I'm not able to reproduce this on Debian 11 and with 
monitoring-plugins-standard 2.3.1.


Are you able to test that on your side?

Many thanks, Jan.

Bug#994901: bullseye-pu: Bug#994901: postfwd: Systemd .service file missing for postfwd

[Jan Wagner]

Hi there,

Am 22.09.21 um 22:26 schrieb Jakub Filo:

* What led up to the situation?
Upgrading to Bullseye, the /lib/systemd/system/postfwd.service file
is no longer available and therefore the service does not start - the
upgrade effectively broke a working package
* What exactly did you do (or not do) that was effective (or


just wonna ask if this bug qualifies for an update in bullseye?

The patch fixing this is: 
https://gitlab.uncompleted.org/debian/postfwd/-/commit/d0ecd91cc74c6934b53792da0a3bb8a649b6a40d.patch 
and is really trivial. Yes, it is fixed in unstable already.


Thanks, Jan.
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--From d0ecd91cc74c6934b53792da0a3bb8a649b6a40d Mon Sep 17 00:00:00 2001
From: Jan Wagner 
Date: Tue, 28 Sep 2021 12:12:12 +0200
Subject: [PATCH] d/rules: Calling dh_installsystemd (Closes: #994901)

---
 debian/rules | 1 +
 1 file changed, 1 insertion(+)

diff --git a/debian/rules b/debian/rules
index 7ad15e3..f27e5e3 100755
--- a/debian/rules
+++ b/debian/rules
@@ -40,6 +40,7 @@ binary-indep: build install
dh_installdocs -phapolicy tools/hapolicy/hapolicy[0-9a-zA-Z.]*
dh_installexamples
dh_installinit -- defaults 19 21
+   dh_installsystemd --no-enable
dh_installman
dh_compress
dh_fixperms
-- 
GitLab

Bug#990457: [Pkg-nagios-devel] Bug#990457: monitoring-plugins-contrib: Too many things in the same package leads to recommends being ignored most of the time

[Jan Wagner]

Hi Gabriel,

Am 29.06.21 um 19:34 schrieb Gabriel Filion:

I would like to suggest breaking up this package into smaller binary packages
that are focused on one application/service per package. This way one could
install only the checks that are required with their individual requirements.


as you may have read the documentation and used our suggested way to 
solve your problem by not installing the recommands automatically, our 
plan worked out.
Anyway ... if you would like to do the work to draft such a package 
split, you can send MRs via 
https://salsa.debian.org/nagios-team/pkg-nagios-plugins-contrib/, which 
would be very welcomed.


With kind regards, Jan.

Bug#988012: Bug#988190: unblock: diaspora-installer/0.7.14.0+debian2

[Jan Wagner]

Am 14.05.21 um 12:46 schrieb Pirate Praveen:

Tracker says it will be auto removed by May 25 and 15 more days are needed for 
migration. Does it mean, this missed bullseye?


0.7.14.0+debian2+nmu2 would have been in time.

Cheers, Jan.

Bug#985336: #985336 not fixed (anymore)

[Jan Wagner]

reopen 985336
thx

As 0.7.15.0+debian does not incorporate the changes done by 
0.7.14.0+debian2+nmu1 and 0.7.14.0+debian2+nmu2 (where are the 
changelogs?) this bug is present in 0.7.15.0+debian again!


Cheers, Jan.
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#988012: unblock: diaspora-installer/0.7.14.0+debian2+nmu2

[Jan Wagner]

Package: release.debian.org
User: release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package diaspora-installer

I prepared a fix for #986286 and uploaded it to unstable, this fixed the 
problem that the Gemfile.lock included unavailable software versions.
Gunnar Wolf also fixed #985336 by adding the dependenciy of tzdata. Both 
are RC bugs.
Beside that, there seems to be some other minor fixes in the debdiff, 
which seems to be part of nmu1. Those are (beside the small fix of the 
unitfile) documentational fixes.


[ Reason ]
Fixeing two RC bugs.

[ Impact ]
The package can not be installed without a fixed #986286.

[ Tests ]
I did run autopkg tests locally.

[ Risks ]
I see no higher risk for users compared to 0.7.14.0+debian2

[ Checklist ]
  [ ] all changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in testing

unblock diaspora-installer/0.7.14.0+debian2+nmu2

Bug#987488: unblock: ircci/20210314-1

[Jan Wagner]

Hi Daniel,

Am 28.04.21 um 18:52 schrieb Daniel Echeverri:
I will go to work in this, but I'm not sure how is the best way in the 
case. Could you give a orientation? I think I can't make a complete 
debdiff because  in version unstable I bumped debhelper to 13 and this 
change is not accepted at this stage of the release.


I think you need to prepare a new package version where you revert the 
debhelper bump. Anyway ... in this case I would ask RM for a 
pre-approval before uploading the new package to unstable (see 
bugs.debian.org/987178 for an example). This may save time for possible 
reupload, if RM requests more changes.


Cheers, Jan.
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#986286: diaspora-installer: fails to install: Your bundle is locked to mimemagic (0.3.5), but that version could not be found

[Jan Wagner]

Hi there,

based on https://github.com/diaspora/diaspora/pull/8231 I adjusted 
diaspora-download.sh to change Gemfile.lock accordingly and uploaded the 
package 0.7.14.0+debian2+nmu2 to DELAYED/5. The diff is attached.


Cheers, Jan.
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--
commit 0e50f2ba851d216c801029a27c7fda9e6ff15160
Author: Jan Wagner 
Date:   Sun Apr 25 23:53:28 2021 +0200

Fix #986286

diff --git a/debian/changelog b/debian/changelog
index 719be1d..11ec0b5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,12 @@
+diaspora-installer (0.7.14.0+debian2+nmu2) unstable; urgency=medium
+
+  * Non-maintainer upload.
+  * Adjust diaspora-download.sh to modify Gemfile.lock so mimemagic (0.3.10)
+is used (beside nokogiri (~> 1) and rake), upstream change 79133df
+(Closes: #986286)
+
+ -- Jan Wagner   Sun, 25 Apr 2021 23:33:26 +0200
+
 diaspora-installer (0.7.14.0+debian2+nmu1) unstable; urgency=medium
 
   * Non-maintainer upload
diff --git a/diaspora-download.sh b/diaspora-download.sh
index 2318c4a..ffa1ff2 100755
--- a/diaspora-download.sh
+++ b/diaspora-download.sh
@@ -43,7 +43,7 @@ cp -r  ${diaspora_cache}/${diaspora_archive}/public/* ${diaspora_user_home}/publ
 chown -R ${diaspora_user}: ${diaspora_user_home}/public
 chown -R ${diaspora_user}: ${diaspora_user_home}/app-assets
 # Remove BUNDLED WITH from Gemfile.lock to allow using packaged bundler
-head -n -3 ${diaspora_cache}/${diaspora_archive}/Gemfile.lock > ${diaspora_home}/Gemfile.lock
+head -n -3 ${diaspora_cache}/${diaspora_archive}/Gemfile.lock | sed "s/mimemagic (0.3.5)/mimemagic (0.3.10)\n  nokogiri (~> 1)\n  rake/" > ${diaspora_home}/Gemfile.lock
 
 echo "Copying source tarball to ${diaspora_user_home}/public..."
 cp -f ${diaspora_cache}/diaspora-${diaspora_version}.tar.gz ${diaspora_user_home}/public/source.tar.gz

Bug#987488: unblock: ircci/20210314-1

[Jan Wagner]

Hi there,

Am 25.04.21 um 09:35 schrieb Graham Inggs:

Control: retitle -1 unblock: ircii/20210314-1
Contro: tags -1 + moreinfo

Hi Jan

On Sat, 24 Apr 2021 at 16:21, Jan Wagner  wrote:

[ Risks ]
While the diffstat looks huge, a significant part is removed code.


This debdiff is unreviewable.  Please provide a filtered debdiff along
with the command used to filter it.

++ Bump Debhelper-compat to 13.

Bumping the debehlper compat level is not accepted at this stage of
the release [1].
Please revert this change.


security stated, that ircii might not qualify to be released with 
bullseye (see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987537#10).


I think I would leave it up to Daniel, who did the QA upload, if it's 
worth to work on this. If nobody is caring about ircii in bullseye, we 
should close this bug here.


With kind regards, Jan.

Bug#987488: (no subject)

[Jan Wagner]

user debian-rele...@lists.debian.org 


usertags -1 + bsp-2021-04-AT-Salzburg
thank you

Bug#986908: unblock: snort 2.9.15.1-5

[Jan Wagner]

Control: tags -1 - moreinfo

Hi there,

Am 22.04.21 um 11:03 schrieb Javier Fernandez-Sanguino:


On Mon, 19 Apr 2021 at 23:24, Chris Hofstaedtler > wrote:


 > $ debdiff snort_2.9.15.1-4_i386.deb snort_2.9.15.1-5_i386.deb
[..]

The debdiff does not seem to show any actual packaging changes. Are
you sure you diffed the correct files?


Apologies, I sent a debdiff of the binary packages. I will send a 
debdiff of the source packages soon.


here is the debdiff between 2.9.15.1-4 and 2.9.15.1-5.

Cheers, Jan.
--
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS 
PE Y++

PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--
diff -Nru snort-2.9.15.1/debian/changelog snort-2.9.15.1/debian/changelog
--- snort-2.9.15.1/debian/changelog 2020-12-06 17:23:14.0 +0100
+++ snort-2.9.15.1/debian/changelog 2021-04-10 22:55:04.0 +0200
@@ -1,3 +1,30 @@
+snort (2.9.15.1-5) unstable; urgency=medium
+
+  * debian/snort-common.{preinst,postinst,postrm}:
+- Handle using dpkg-maintscript-helper mv_conffile the relocation
+  of the cronjob /etc/cron.daily/5snort to /etc/cron.daily/snort-common
+  instead of moving it manually to prevent dpkg from prompting the
+  user upon upgrades from older snort version. Thank you
+  Chris Hofstaedtler for the tip (Closes: #984614)
+  * debian/control: Add  Pre-Depends: dpkg (>= 1.17.14) as we
+are now using dpkg-maintscript-helper
+  * debian/snort-common.{postrm,preinst},
+debian/snort.{postinst,postrm,preinst,prerm}:
+Add DEBIAN_SCRIPT_DEBUG to all maintainer scripts
+  * debian/snort.logrotate: Correct name of the alert files (snort.alert
+and not 'alert') this error prevented files from being properly
+logrotated
+  * configure.in: Added patch to check if rpc/rpc.h is required and is 
+provided by libtirpc-dev to warn Ubuntu users that libtirpc-dev is 
+required. 
+Note: not added libtirpc-dev to Build-Depends as Debian's glibc6-dev
+includes the RPC headers (LP: #1906572)
+  * debian/patches/decoding_do_not_assume_ipv4: Add patch provided by Hugh
+Davenport to not assume that all raw packets are IPv4 packets.
+(Closes: 633066)
+
+ -- Javier Fernández-Sanguino Peña   Sat, 10 Apr 2021 
22:55:04 +0200
+
 snort (2.9.15.1-4) unstable; urgency=high
 
   * debian/snort.docs, debian/snort-doc.docs debian/rules: Add README.csv and
@@ -21,6 +48,9 @@
   * debian/rules, debian/snort-common-libraries.dirs, debian/patches/config:
   Do not use multi-arch directories for the Snort libraries, instead, locate 
all
   of the compiled under libraries /usr/lib/snort  (Closes: #962275)
+  This fixes the error "FATAL ERROR: /etc/snort/snort.conf(271) Could not stat
+  dynamic module path "/usr/lib/i386-linux-gnu/snort_dynamicpreprocessor/": No
+  such file or directory" (LP: #1901466, #1902405, #1905164)
   * debian/rules: Drop configure options which are not anymore relevant
   * debian/po: 
 - Update Dutch translation, thanks to Frans Spiesschaert (Closes: #961214)
@@ -101,7 +131,8 @@
 (LP: #1570517, #1484733, #1398969, #1310182, #1273021, #1231833)
 (LP: #1222754, #1215408, #1207981, #1207237, #1181514, #1175892)
 (LP: #1175264, #1161358, #1158169, #1116013, #1065121, #1064478)
-(LP: #1061459, #1031917)
+(LP: #1061459, #1031917, #1905137, #1897344, #1896849, #1882601)
+(LP: #1881141, #1877638)
   - Add also debugging messages as, based on the number of reports in
 Ubuntu, there seems to be many cases where the users install the
 package (with high debconf priority) and the proper network interface
diff -Nru snort-2.9.15.1/debian/control snort-2.9.15.1/debian/control
--- snort-2.9.15.1/debian/control   2020-12-06 17:23:14.0 +0100
+++ snort-2.9.15.1/debian/control   2021-04-10 22:55:04.0 +0200
@@ -65,7 +65,7 @@
 
 Package: snort-common
 Architecture: all
-Pre-Depends: adduser (>= 3.11), ${misc:Pre-Depends}
+Pre-Depends: adduser (>= 3.11), dpkg (>= 1.17.14), ${misc:Pre-Depends}
 Depends: 
 perl, 
 debconf (>= 0.2.80) | debconf-2.0,
diff -Nru snort-2.9.15.1/debian/patches/decoding_do_not_assume_ipv4 
snort-2.9.15.1/debian/patches/decoding_do_not_assume_ipv4
--- snort-2.9.15.1/debian/patches/decoding_do_not_assume_ipv4   1970-01-01 
01:00:00.0 +0100
+++ snort-2.9.15.1/debian/patches/decoding_do_not_assume_ipv4   2021-04-10 
22:55:04.0 +0200
@@ -0,0 +1,48 @@
+Description: Do not assume IPv4 packets when decoding
+ When using Snort on a interface without a link level layer, for example a
+ AIYIA tunnel for IPv6 through SixXs, then snort assumes that the packets will
+ be IPv4. I have a patch that adds a check on the IP version number in the
+ header, and if it is not an IPv4 packet, try decoding as IPv6.
+.
+ Without this 

Bug#987178: [pre-approval] unblock: monitoring-plugins/2.3.1-1

[Jan Wagner]

Control: tags -1 - moreinfo

Am 21.04.21 um 23:06 schrieb Sebastian Ramacher:

On 2021-04-19 10:03:12 +0200, Jan Wagner wrote:

Package: release.debian.org
User:release.debian@packages.debian.org
Usertags: unblock
Severity: normal

Please unblock package monitoring-plugins 2.3.1-1

The new package is already uploaded to experimental as 2.3.1-1~exp2, but I
did not upload 2.3.1-1 unto unstable yet. I'm waiting here for an approval.

>

ACK. Please remove the moreinfo tag once the new version is available in
unstable.


2.3.1-1 is uploaded to unstable.

Many thanks, Jan.

Bug#986563: [Pkg-nagios-devel] Bug#986563: monitoring-plugins-contrib: check_ssl_cert Renegotiation test broken with STARTTLS

[Jan Wagner]

Package: nagios-plugins-contrib
Version: 34.20210407+1

Hi Slavko,

Am 07.04.21 um 14:52 schrieb Slavko:

The currently shipped check_ssl_cert has broken Renegotiation test, which
uses plain ports with STARTTLS certificate checks. It was fixed by upstream,
see https://github.com/matteocorti/check_ssl_cert/issues/272 in the 2.0.1
version.


thanks for bringing this to our attention. It was fixed with upload 
34.20210407+1.


Cheers, Jan.

Bug#982847: [Pkg-nagios-devel] Bug#982847: monitoring-plugins-standard: check_pgsql check of database name is too strict

[Jan Wagner]

forwarded 982847 
https://github.com/monitoring-plugins/monitoring-plugins/issues/1660
forwarded 982847 
https://github.com/monitoring-plugins/monitoring-plugins/issues/1661
thanks

Hi Florian,

thanks for bringing this to our attention.

Am 15.02.21 um 11:16 schrieb Florian Lohoff:
> diff --git a/plugins/check_pgsql.c b/plugins/check_pgsql.c
> index 11ce691..88cd029 100644
> --- a/plugins/check_pgsql.c
> +++ b/plugins/check_pgsql.c
> @@ -69,7 +69,6 @@ int process_arguments (int, char **);
>  int validate_arguments (void);
>  void print_usage (void);
>  void print_help (void);
> -int is_pg_dbname (char *);
>  int is_pg_logname (char *);
>  int do_query (PGconn *, char *);
>  
> @@ -344,11 +343,7 @@ process_arguments (int argc, char **argv)
>   pgport = optarg;
>   break;
>   case 'd': /* database name */
> - if (!is_pg_dbname (optarg)) /* checks length and valid 
> chars */
> - usage2 (_("Database name is not valid"), 
> optarg);
> - else /* we know length, and know optarg is terminated, 
> so us strcpy */
> - strcpy (dbName, optarg);
> - break;
> + strcpy (dbName, optarg);
>   case 'l': /* login name */
>   if (!is_pg_logname (optarg))
>   usage2 (_("User name is not valid"), optarg);
> @@ -408,45 +403,6 @@ validate_arguments ()
>   return OK;
>  }

are you sure it's a good idea to remove the break?

> @@ -344,11 +343,7 @@ process_arguments (int argc, char **argv)
>pgport = optarg;
> break;
> case 'd': /* database name */
> -   if (!is_pg_dbname (optarg)) /* checks length and 
> valid chars */
> -   usage2 (_("Database name is not valid"), 
> optarg);
> -   else /* we know length, and know optarg is 
> terminated, so us strcpy */
> -   strcpy (dbName, optarg);
> -   break;
> +   snprintf(dbName, NAMEDATALEN, "%s", optarg);
> case 'l': /* login name */
> if (!is_pg_logname (optarg))
> usage2 (_("User name is not valid"), optarg);

same here.

Many thanks, Jan.

Bug#977294: nagios-plugins-contrib: (another) check_uptime is shipped with monitoring-plugins 2.3

[Jan Wagner]

Package: nagios-plugins-contrib
Severity: normal

Monitoring Plugins ships a check_uptime since version 2.3, see
https://github.com/monitoring-plugins/monitoring-plugins/commits/v2.3/plugins-scripts/check_uptime.pl

I would suggest to remove check_uptime from the package. If removing is
not an option, we should rename the script.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--





signature.asc
Description: OpenPGP digital signature

Bug#976218: [Pkg-nagios-devel] Bug#976218: nagios-plugins-contrib: diff for NMU version 27.20200511+1+nmu1

[Jan Wagner]

Hi Christoph,

Am 07.12.20 um 22:05 schrieb Christoph Biedl:
> Okay, I've removed the upload from the queue as I really like to avoid
> disrupting the maintainers' workflow by doing a NMU. However, I'd
> appreciate if you could deal with this pretty soon as it is delaying the
> testing migration of a fairly important package. Perhaps upload a new
> check-ssl only and keep the rest for a later one?

many thanks for helping out. I uploaded a package yesterday in evening.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-@ s+:()>- a+ C$ UL$ P+ L$ !E--- W+++$ N+++ o++ K++
!w---? O M+
!V- PS+ PE Y++ PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y+
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#943888: [Pkg-nagios-devel] Bug#943888: check_libs: ignores deleted mmaped files

[Jan Wagner]

tags 943888 + unreproducible moreinfo
thanks

Hi Felix,

thanks for reporting.

Am 31.10.19 um 13:37 schrieb Felix Geyer:
> To reproduce on buster with systemd (but obviously applies to other
> processes as well):
> apt install --reinstall libseccomp2
> # /usr/lib/nagios/plugins/check_libs
> No upgraded libs linked in running processes

When running this on buster with package 27.20200511+1:

# /usr/lib/nagios/plugins/check_libs
The following processes have libs linked that were upgraded:
systemd-logind (662), systemd (11284, 11282)

I guess this was fixed with 27.20200511+1 by:

* [45d41ae] check_libs is now a symlink to check_libs_ng

With kind regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#976218: [Pkg-nagios-devel] Bug#976218: nagios-plugins-contrib: diff for NMU version 27.20200511+1+nmu1 (was: Bug#976218: file breaks nagios-plugins-contrib autopkgtest: SSL_CERT UNKNOWN www.debian

[Jan Wagner]

Hi Chirstoph,

thanks for taking care.

Am 07.12.20 um 08:09 schrieb Christoph Biedl:
> to resolve this issue, I've prepared a NMU for nagios-plugins-contrib
> (versioned as 27.20200511+1+nmu1), and uploaded it to DELAYED/5. Please
> feel free to tell me if I should delay it longer.

1.124.0 is already integrated into VCS
(https://salsa.debian.org/nagios-team/pkg-nagios-plugins-contrib/-/commit/6827b67108fcaafb5c73de8d7b44d71b2a7e6cf3),
so you can delay this a bit more. Actually I'm working hard to get the
latest VCS into unstable but I have to work on some other issues as well.

Thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#954961: [Pkg-nagios-devel] Bug#954961: /usr/lib/nagios/plugins/check_mailq: check_mailq doesn't recognize options -W and -C: Unknown option

[Jan Wagner]

Hi Humberto,

thanks for reporting,

Am 25.03.20 um 21:47 schrieb Humberto Flores III:
> * What led up to the situation?
> # /usr/lib/nagios/plugins/check_mailq -w 100 -c 200 -W 10 -C 20
> 
> 
> * What was the outcome of this action?
> Unknown option: W
> Unknown option: C

while added the feature with
https://github.com/monitoring-plugins/monitoring-plugins/commit/664be83730ff97368e8bfcf5e1fc4db2435d2c3a#diff-179d0007b238d07b3718fda62c6c8ae417378b36bdafd902dc78e86c14d7d9fb
it was removed by
https://github.com/monitoring-plugins/monitoring-plugins/commit/6fc70bc896b1c871eba2fb3cbb9bf693d86744a0
trying to fix
https://github.com/monitoring-plugins/monitoring-plugins/commit/6fc70bc896b1c871eba2fb3cbb9bf693d86744a0

I've to dig into this a little further.

Cheers, Jan.



signature.asc
Description: OpenPGP digital signature

Bug#929335: [Pkg-nagios-devel] Bug#929335: nagios-plugins-contrib FTCBFS: multiple reasons

[Jan Wagner]

Hi Helmut,

Am 21.05.19 um 22:04 schrieb Helmut Grohne:
> nagios-plugins-contrib fails to build from source. The first failure is
> installing Build-Depends as python and python-debian are not cross
> satisfiable. Since these are only used for scripts, we can annotate them
> with :native. Then, check_varnish is configured without --host. The
> attached patch uses dh_auto_configure to fix that. Finally,
> check_memcached hard codes the build architecture pkg-config. The
> attached patch makes nagios-plugins-contrib cross buildable. Please
> consider applying it.

I commited the changes into VCS beside the changes about varnish, as
this plugin was removed in the VCS.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#835596: [debian-mysql] Bug#835596: Bug#835596: [mariadb-10.0] Please ship support-files/mysqld_multi.server.sh

[Jan Wagner]

Hi,

Am 22.11.20 um 17:22 schrieb Otto Kekäläinen:
> And if you find out there are no code changes needed, maybe submit an
> addition to the README's so the next users have an easier time
> figuring out how to properly run multi-instnances?

sorry, I'm not using this szenario anymore. So I don't have any system
to test.

Sorry, Jan.

Bug#892628: fixed in icinga 1.14.2+ds-1

[Jan Wagner]

Hi Bas,

Am 11.03.18 um 19:20 schrieb Bas Couwenberg:
>* Update Apache configuration for 2.4 syntax.
>  (closes: #892628)

after upgrading to buster I did run into the problem, that there was no
authenticating when accessing icinga. Looking into 98d8eb16 show, that
you added

Require all granted

Seems that is not what you whated, cause requireing authentication it
has to be "Require all denied".

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--





signature.asc
Description: OpenPGP digital signature

Bug#929335: [Pkg-nagios-devel] Bug#929335: nagios-plugins-contrib FTCBFS: multiple reasons

[Jan Wagner]

Hi Helmut,

Am 21.05.19 um 22:04 schrieb Helmut Grohne:
> nagios-plugins-contrib fails to build from source. The first failure is
> installing Build-Depends as python and python-debian are not cross
> satisfiable. Since these are only used for scripts, we can annotate them
> with :native. Then, check_varnish is configured without --host. The
> attached patch uses dh_auto_configure to fix that. Finally,
> check_memcached hard codes the build architecture pkg-config. The
> attached patch makes nagios-plugins-contrib cross buildable. Please
> consider applying it.

thanks for providing those fixes. Can you please tell me the reason for
raising debhelper version? (Anyhow, shouldn't here also adjusted
debian/compat?)

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#924554: Bug#928108: unblock: unattended-upgrades/1.12 ?

[Jan Wagner]

Dear release team,

Am 12.05.19 um 12:41 schrieb Jan Wagner:
>>* Skip sending email when no package had to be installed, upgraded
> or removed
>>  (LP: #1821103) (Closes: #924554)
> I'm still considering this as a regression and thus RC.

DO we need to change severity to RC to get that fixed in buster?!?

Anyway, any statement from your side would be a beginning.

Sigh, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#914899: Error when installing mariadb-common

[Jan Wagner]

hi there,

Am 16.05.19 um 06:58 schrieb Mechtilde Stehmann:
> I got the same error message after a fresh installation.
> 
> The file /etc/mysql/mariadb.cnf doesn't exixt.

fresh installation here:

# ls -la /etc/mysql/mariadb.cnf
-rw-r--r-- 1 root root 869 Jan  8 23:10 /etc/mysql/mariadb.cnf
# dpkg -S /etc/mysql/mariadb.cnf
mariadb-common: /etc/mysql/mariadb.cnf
# dpkg -l | grep mariadb-common
ii  mariadb-common   1:10.3.14-1
 all  MariaDB common metapackage

cheers, jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#924554: Bug#928108: unblock: unattended-upgrades/1.12 ?

[Jan Wagner]

Dear Release Team,

Am 28.04.19 um 12:57 schrieb Bálint Réczey:
> Unattended-upgrades 1.12 contains almost only fixes for bugs holding
> back security updates or for regressions.
> I'm wondering if you would let it in Buster in full or just with
> omitting parts of the fixes. If omitting some of the fixes is desired
> please state which ones can go in and which ones can't.

did you have time to look into this yet?

>* Skip sending email when no package had to be installed, upgraded
or removed
>  (LP: #1821103) (Closes: #924554)

I'm still considering this as a regression and thus RC.

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--

Bug#924554: SUCCESS messages: significant behaviour change

[Jan Wagner]

Hi Bálint,

Am 28.04.19 um 13:08 schrieb Bálint Réczey:
> I asked Release Team in #928108.

thanks and much appreciated.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#924554: SUCCESS messages: significant behaviour change

[Jan Wagner]

Hi there,

Am 25.04.19 um 21:53 schrieb Sébastien Villemot:
> On Thu, 18 Apr 2019 17:18:45 + Balint Reczey  wrote:
> 
>>* Skip sending email when no package had to be installed, upgraded or 
>> removed
>>  (LP: #1821103) (Closes: #924554)
> 
> Any chance to have this issue fixed in buster?

can we please backport this fix to buster? This is a significant
behavior change (I would call it regression).

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#927272: unblock: monitoring-plugins 2.2-6

[Jan Wagner]

Package: release.debian.org
Severity: normal
User: release.debian@packages.debian.org
Usertags: unblock

Please consider unblocking monitoring-plugins, fixing a long standing
bug that check_ping -4 don't work for IPv4 cause ping prefers IPv6 and
check_ping needs to be configured at buildtime. Sorry, I missed this one
before the freeze.

Changes:
 monitoring-plugins (2.2-6) unstable; urgency=medium
 .
   * [697d611] travis-ci: Remove trusty from definition
   * [7b5d419] d/rules: Explicitly call ping with -4 and -6 on linux
arch (Closes: #863981)

See the attached diff for more details.

Thanks for considering, Jan.

unblock monitoring-plugins/2.2-6
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--
diff --git a/.travis.yml b/.travis.yml
index ccf9a12..e5c59ff 100644
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,6 +1,5 @@
-dist: xenial
 sudo: required
-dist: trusty
+dist: xenial

 matrix:
   include:
diff --git a/debian/changelog b/debian/changelog
index 85b8a43..5011228 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,11 @@
+monitoring-plugins (2.2-6) unstable; urgency=medium
+
+  * [697d611] travis-ci: Remove trusty from definition
+  * [7b5d419] d/rules: Explicitly call ping with -4 and -6 on linux arch
+(Closes: #863981)
+
+ -- Jan Wagner   Tue, 16 Apr 2019 19:14:10 +0200
+
 monitoring-plugins (2.2-5) unstable; urgency=medium

   [ Bas Couwenberg ]
diff --git a/debian/rules b/debian/rules
index c57a7e8..72f2ac7 100755
--- a/debian/rules
+++ b/debian/rules
@@ -56,8 +56,8 @@ ifeq (,$(findstring nostrip,$(DEB_BUILD_OPTIONS)))
 endif

 ifeq ($(DEB_HOST_ARCH_OS),linux)
-PING_CONFIGURE_ARGS = --with-ping-command="/bin/ping -n -U -w %d -c %d %s" \
-  --with-ping6-command="/bin/ping6 -n -U -w %d -c %d %s"
+PING_CONFIGURE_ARGS = --with-ping-command="/bin/ping -4 -n -U -w %d -c %d %s" \
+  --with-ping6-command="/bin/ping -6 -n -U -w %d -c %d %s"
 else
 PING_CONFIGURE_ARGS = --with-ping-command="/bin/ping -n -w %d -c %d %s" \
   --with-ping6-command="/bin/ping6 -n -w %d -c %d %s"

signature.asc
Description: OpenPGP digital signature

Bug#925919: (no subject)

[Jan Wagner]

Hi,

we've seen this with the following errors on several VMWare systems:

Mar 28 13:58:13 mail kernel: [26002.992114] general protection fault:
 [#1] SMP

Mar 28 07:03:46 sigten kernel: [ 1251.757467] BUG: Bad page map in
process apache2  pte:2c303a2236706f70 pmd:7afb5067
Mar 28 07:03:46 sigten kernel: [ 1251.757512] addr:7fcd0c40
vm_flags:0870 anon_vma:  (null) mapping:88007bac8630
index:1f
Mar 28 07:03:46 sigten kernel: [ 1251.757575] vma->vm_ops->fault:
filemap_fault+0x0/0x440
Mar 28 07:03:46 sigten kernel: [ 1251.757631] vma->vm_file->f_op->mmap:
ext4_file_mmap+0x0/0x50 [ext4]

Mar 28 09:10:42 sigten kernel: [  720.972735] general protection fault:
 [#1] SMP

Mar 28 12:44:12 sigten kernel: [10925.220435] php: Corrupted page table
at address 3b08686
Mar 28 12:44:12 sigten kernel: [10925.220469] PGD 80007c184067 PUD
58d71067 PMD 364ec067 PTE f0e9ec3f9ab7e0f5
Mar 28 12:44:12 sigten kernel: [10925.220495] Bad pagetable: 000b [#1] SMP

Mar 28 13:09:16 sigten kernel: [  984.817671] swap_dup: Bad swap file
entry 801f7f7f7f7f7f0
Mar 28 13:09:16 sigten kernel: [  984.817752] swap_dup: Bad swap file
entry 801f7f7f7f7f7f1
Mar 28 13:09:16 sigten kernel: [  984.817817] swap_dup: Bad swap file
entry 801f7f7f7f7f7f2
Mar 28 13:09:16 sigten kernel: [  984.817869] swap_dup: Bad swap file
entry 801f7f7f7f7f7f3
Mar 28 13:09:16 sigten kernel: [  984.817896] swap_dup: Bad swap file
entry 801f7f7f7f7f7f4
Mar 28 13:09:16 sigten kernel: [  984.817911] swap_dup: Bad swap file
entry 801f7f7f7f7f7f5
Mar 28 13:09:16 sigten kernel: [  984.817926] swap_dup: Bad swap file
entry 801f7f7f7f7f7f6
Mar 28 13:09:16 sigten kernel: [  984.817941] swap_dup: Bad swap file
entry 801f7f7f7f7f7f7
Mar 28 13:09:16 sigten kernel: [  984.817957] swap_dup: Bad swap file
entry 801f7f7f7f7f7f7

Mar 30 03:28:46 balduin kernel: [70308.718825] BUG: Bad page map in
process apache2  pte:56ff01f0c760031d pmd:bafb7067
Mar 30 03:28:46 balduin kernel: [70308.718909] addr:7fde20428000
vm_flags:0a100071 anon_vma:8800372ac8a8 mapping:880233802de0
index:57
Mar 30 03:28:46 balduin kernel: [70308.718959] vma->vm_ops->fault:
filemap_fault+0x0/0x440
Mar 30 03:28:46 balduin kernel: [70308.719016] vma->vm_file->f_op->mmap:
ext4_file_mmap+0x0/0x50 [ext4]

Cheers, Jan.



signature.asc
Description: OpenPGP digital signature

Bug#715141: apt_all update cronjob creates error mails when testing and unstable are not in the apt sources

[Jan Wagner]

Hi Lars,

Am 20.02.19 um 21:13 schrieb Lars Kruse:
> Am Wed, 20 Feb 2019 13:33:34 +
> schrieb Holger Levsen :
>> strangely this commit is in Buster:
>> ~/Projects/munin/munin$ git tag --contains 44604624b1c27f6
>> 2.0.44
>> 2.0.45
>> debian/2.0.44-1
>> debian/2.0.44-1_bpo9+1
>> debian/2.0.44-2
>> debian/2.0.45-1
>> debian/2.0.45-1_bpo9+1
>>
>> Lars, any idea?
[...]> @Jan: could you please verify that the issue is fixed for you?
> At least the error output of David's initial bug report should be impossible,
> unless your plugin is somehow older or you have another plugin configuration
> file hiding somewhere below /etc/munin.

I was using the version from stretch, with 2.0.45-1~bpo9+1 this issue
seems fixed, anyway ... I'm not able to filter the releases as described
in
https://github.com/munin-monitoring/munin/commit/44604624b1c27f60b78270dd577836d15f0d3c5c.

On the node:

# cat /etc/munin/plugin-conf.d/apt_all
[apt_all]
env.releases stretch
# apt-get update --print-uris|grep stretch| grep InRelease
'http://ftp.cyconet.org/debian/dists/stretch-backports/InRelease'
ftp.cyconet.org_debian_dists_stretch-backports_InRelease 0
'http://ftp.cyconet.org/debian/dists/stretch-updates/InRelease'
ftp.cyconet.org_debian_dists_stretch-updates_InRelease 0
'http://security.debian.org/dists/stretch/updates/InRelease'
security.debian.org_dists_stretch_updates_InRelease 0
'http://ftp.de.debian.org/debian/dists/stretch/InRelease'
ftp.de.debian.org_debian_dists_stretch_InRelease 0
'http://ftp.de.debian.org/debian/dists/stretch-updates/InRelease'
ftp.de.debian.org_debian_dists_stretch-updates_InRelease 0
'http://ftp.de.debian.org/debian/dists/stretch-backports/InRelease'
ftp.de.debian.org_debian_dists_stretch-backports_InRelease 0


On the Log on the munin system:

2019/02/21 14:15:13 [WARNING] Service apt_all on 192.168.66.59:4949
returned no data for label hold_1
2019/02/21 14:15:13 [ERROR] Unable to update apt_all on
192.168.66.59:4949 -> pending_stretch_backports: Missing data source
configuration attribute: label
2019/02/21 14:15:13 [WARNING] Service apt_all on 192.168.66.59:4949
returned no data for label pending_1

This results also into broken graphs. When having 4 releases filtered I
get 'pending_4' and 'hold_4' in my grpahs for example.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--


signature.asc
Description: OpenPGP digital signature

Bug#715141: apt_all update cronjob creates error mails when testing and unstable are not in the apt sources

[Jan Wagner]

Am 06.07.13 um 09:23 schrieb David Schmitt:
> root@testagent:~# /usr/share/munin/plugins/apt_all update 7200 1
> E: The value 'testing' is invalid for APT::Default-Release as such a
> release is not available in the sources
> E: The value 'unstable' is invalid for APT::Default-Release as such a
> release is not available in the sources
> E: The value 'testing' is invalid for APT::Default-Release as such a
> release is not available in the sources
> E: The value 'unstable' is invalid for APT::Default-Release as such a
> release is not available in the sources
> Hit http://security.debian.org wheezy/updates Release.gpg
> Hit http://security.debian.org wheezy/updates Release
> Hit http://security.debian.org wheezy/updates/main amd64 Packages
> Hit http://security.debian.org wheezy/updates/main Translation-en

As this has been fixed upstream by
https://github.com/munin-monitoring/munin/commit/44604624b1c27f60b78270dd577836d15f0d3c5c
can we please ship this fix with Debian buster?

Many thanks, Jan.



signature.asc
Description: OpenPGP digital signature

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

[Jan Wagner]

Am 12.02.19 um 17:44 schrieb Gedalya:
> On 2/13/19 12:38 AM, Jan Wagner wrote:
>> backports is not meant for fixing things. beside that it would require
>> all rebuilding most of the additional apache modules not shiped by the
>> apache2 source package.
> So we're back to doing nothing at all?

Just to point out: I'm not (one of) the package maintainer(s), I'm just
speaking here as user.



signature.asc
Description: OpenPGP digital signature

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

[Jan Wagner]

Am 12.02.19 um 17:28 schrieb Gedalya:
> So how about backporting it to stretch-backports? Isn't that what the 
> backports section is for?

backports is not meant for fixing things. beside that it would require
all rebuilding most of the additional apache modules not shiped by the
apache2 source package.

with regards, jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

[Jan Wagner]

Am 11.02.19 um 13:12 schrieb Sven Hartge:
>> Okay ... here is an area where you can push forward. What about
>> providing documentation patches?
> Sure. What kind of documentation. NEWS.Debian?

where would you expect such a documentation, as you suggested it?

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

[Jan Wagner]

Am 11.02.19 um 10:46 schrieb Sven Hartge:
> But this bug has been encountered frequently enough (and is difficult to
> spot, if you don't exactly know what to search for) and with increasing

Beeing there. Searched >3 weeks before I thought it would be a idea to
switch the mpm.

> adoption of SSL more and more people will hit it, that I think at least
> *some* action is warranted.
> 
> Maybe better documentation to help people encountering this

Okay ... here is an area where you can push forward. What about
providing documentation patches?

With kind regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#902493: apache2-bin: Event MPM listener thread may get blocked by SSL shutdowns

[Jan Wagner]

Hi Sven,

Am 11.02.19 um 09:51 schrieb Sven Hartge:
> Also I am a bit disappointed by you invoking the "the next release is
> near" argument. Most of my servers for example won't get Buster until
> early to mid 2020 and I think many of others are in the same boat.

just to point this out. You prefer an invasive backport and risk to
stability in other areas? The update policy of Debian in the past was,
that this should be avoided.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#849111: nagios-plugins-contrib: Sensors gone with check_lm_sensors 4.1.1

[Jan Wagner]

Hi Daniel,

Am 28.01.19 um 19:18 schrieb Daniel Bareiro:
> Dear mantainer, could you please apply these patches in the version we
> currently have in Stretch?

looking into
https://github.com/matteocorti/check_lm_sensors/pull/11/commits and
https://github.com/matteocorti/check_lm_sensors/pull/11/files doesn't
look, like this is just a fix for the particular issue but several other
changes that are not needed to fix the origin issue.

When we have a patch related to just this issue, we can look into it.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#879084: 879084: more info, and three possible fixes

[Jan Wagner]

Hi Bas,

Am 20.01.19 um 16:51 schrieb Sebastiaan Couwenberg:
>> does this (symlink utils.pm in /usr/lib/icinga) sounds for you like a
>> solution that can work out?
> If by that you mean that monitoring-plugins provides the symlink, that
> sounds reasonable.

okay ... looking into it.

> I'm generally not a fan of ePN and disable it in most plugins I use, as
> real perl doesn't suffer from the ePN limitations.
> 
> My general recommendation to users is to disable it in Icinga or patch
> the plugins in question to disable it.

Okay ... in the bug it was mentioned that the icinga package has ePN
enabled. Since upstream has turned it off by default and also
recommending it to not turn it on, how about dropping enableling this in
debian/patches/52_icinga.cfg-debianize.patch?

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#879084: 879084: more info, and three possible fixes

[Jan Wagner]

Hi Sebstian,

Am 15.01.19 um 02:18 schrieb Raphaël Halimi:
> It seems that quite a bunch of plugins should suffer from this problem;
> a quick grep on "use utils" in /usr/lib/nagios/plugins/ gives:
> 
> /usr/lib/nagios/plugins/check_breeze
> /usr/lib/nagios/plugins/check_disk_smb
> /usr/lib/nagios/plugins/check_file_age
> /usr/lib/nagios/plugins/check_flexlm
> /usr/lib/nagios/plugins/check_ifoperstatus
> /usr/lib/nagios/plugins/check_ifstatus
> /usr/lib/nagios/plugins/check_ircd
> /usr/lib/nagios/plugins/check_mailq
> /usr/lib/nagios/plugins/check_rpc
> /usr/lib/nagios/plugins/check_wave
> 
> To fix this bug without modifying every plugin, there are several solutions:
> 
> The one which seems the cleanest would be to modify Icinga's ePN source
> code to add /usr/lib/nagios in @INC (since that's where utils.pm is
> actually provided by monitoring-plugins-common) or even replace
> /usr/lib/icinga, since this directory contains only a single file
> "p1.pl", whose path is (correctly) set in /etc/icinga/icinga.cfg. I
> don't know what /usr/lib/icinga is used for, since on my system it only
> contains p1.pl.
[...]> leak, so I decided to trust the package maintainers' choice and
let ePN
> enabled, which brings us to the third solution: the quick and dirty
> workaround I used on my system to make the plugin(s) work, which is to
> simply symlink utils.pm in /usr/lib/icinga, so that ePN would find it in
> its @INC.
> 
> Solution 1 may have unforeseen consequences, especially if you decide to
> replace /usr/lib/icinga in @INC by /usr/lib/nagios; solution 2 may
> result in a performance loss (maybe a huge one on big installations), so
> the third one, which may look like a quick and dirty workaround, is in
> fact the less intrusive; and since icinga-core depends on icinga-common,
> which in turn depends on monitoring-plugins-basic, it would be safe for
> one of those two packages to provide such a symlink.

does this (symlink utils.pm in /usr/lib/icinga) sounds for you like a
solution that can work out?

Thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#919375: [Pkg-nagios-devel] Bug#919375: monitoring-plugins: FTBFS with mariadb-10.3: check_mysql.c:61:24: error: 'MYSQL_PORT' undeclared

[Jan Wagner]

Hi there,

Am 15.01.19 um 12:17 schrieb Andreas Beckmann:
> i686-linux-gnu-gcc -DLOCALEDIR=\"/usr/share/locale\" -DHAVE_CONFIG_H -I. -I.. 
>  -I.. -I../lib -I../gl -I../intl -I/usr/include/ldap 
> -I/usr/include/postgresql -I/usr/include -I/usr/include/mariadb 
> -I/usr/include/ma
> riadb/mysql -Wdate-time -D_FORTIFY_SOURCE=2 -DNP_VERSION='"2.2"' 
> -I/usr/include/mariadb -I/usr/include/mariadb/mysql -g -O2 
> -fdebug-prefix-map=/build/monitoring-plugins-2.2=. -fstack-protector-strong 
> -Wformat -We
> rror=format-security -Wall -Wl,-z,now -MT check_mysql-check_mysql.o -MD -MP 
> -MF .deps/check_mysql-check_mysql.Tpo -c -o check_mysql-check_mysql.o `test 
> -f 'check_mysql.c' || echo './'`check_mysql.c
> check_mysql.c:61:24: error: 'MYSQL_PORT' undeclared here (not in a function); 
> did you mean 'MYSQL_STMT'?
>  unsigned int db_port = MYSQL_PORT;
> ^~
> MYSQL_STMT
> make[3]: *** [Makefile:1869: check_mysql-check_mysql.o] Error 1

Upstream fixed the issue in
https://github.com/monitoring-plugins/monitoring-plugins/pull/1522 which
is a way different then the one that is committed to our packaging.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--
From 399cc141526ee77e1befce469f1fab40645f299d Mon Sep 17 00:00:00 2001
From: Bernard Spil 
Date: Mon, 6 Nov 2017 17:31:44 +0100
Subject: [PATCH] Fix build issue with MariaDB 10.2

As of 10.2 MariaDB no longer defines MYSQL_PORT.
---
 plugins/common.h | 5 +
 1 file changed, 5 insertions(+)

diff --git a/plugins/common.h b/plugins/common.h
index 8719b502..6bf4fca4 100644
--- a/plugins/common.h
+++ b/plugins/common.h
@@ -174,6 +174,11 @@
  *
  */
 
+/* MariaDB 10.2 client does not set MYSQL_PORT */
+#ifndef MYSQL_PORT
+#  define MYSQL_PORT 3306
+#endif
+
 enum {
OK = 0,
ERROR = -1


signature.asc
Description: OpenPGP digital signature

Bug#894601: [Pkg-nagios-devel] Bug#894601: check_raid fails to ignore listed devices

[Jan Wagner]

Hi Damyan,

Am 02.04.18 um 08:36 schrieb Damyan Ivanov:
> However, the chech whether a given device should be ignores is:
> 
>   # return true if parameter is not in ignore list
>   sub valid {
> my $this = shift;
> my ($v) = lc $_[0];
> 
> foreach (@utils::ignore) {
> warn "   $v is $_?";
> return 0 if lc $_ eq $v;
> }
> warn "$v is a valid device";
> return 1;
>   }
> 
> But @utils:ignore is not populated anywhere. The code that handles the 
> command 
> line is:
> 
>   if (@ARGV) {
> @App::Monitoring::Plugin::CheckRaid::Utils::ignore = @ARGV;
>   }
> 
> Changing the loop in valid() to use 
> @App::Monitoring::Plugin::CheckRaid::Utils::ignore instead of @utils::ignore 
> fixes it and ignoring devices listed on the command line works again.

thanks for bringing this to our attention. It would be very helpful
if you could raise[1] an issue upstream.

Many thanks, Jan.
[1] https://github.com/glensc/nagios-plugin-check_raid/#reporting-bugs
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#891830: [Pkg-nagios-devel] Bug#891830: check_raid/mdstat fails to parse 'sdd2[3](W)(S)'

[Jan Wagner]

tags 891830 + upstream
thanks

Hi Damyan,

Am 01.03.18 um 11:40 schrieb Damyan Ivanov:
> check_raid fails to parse the following:
> 
>  $ cat /proc/mdstat
>  Personalities : [raid1]
>  md1 : active raid1 sda2[4] sdd2[3](W)(S) sdb2[2]
>450883784 blocks super 1.2 [2/2] [UU]
>bitmap: 3/4 pages [12KB], 65536KB chunk
> 
>  $ /usr/lib/nagios/plugins/check_raid -p mdstat
>  Unexpected parse at /usr/lib/nagios/plugins/check_raid line 701, <$fh> line 
> 2.
> 
> Please find attached a quilt patch that fixes this.

many thanks for bringing this to our attention. It would be very helpful
if you could raise[1] an issue upstream.

Thanks, Jan.
[1] https://github.com/glensc/nagios-plugin-check_raid/#reporting-bugs
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#879084: [Pkg-nagios-devel] Bug#879084: monitoring-plugins-standard: check_mailq not embed perl safe

[Jan Wagner]

Hi Florian,

thanks for bringing this up.

Am 19.10.17 um 09:02 schrieb Florian Lohoff:
> i moved over to a Stretch/Icinga1 installation and check_mailq on the 
> icinga host would not work anymore - complaining about not finding
> utils.pm.
> 
> The cause seems to be that FindBin is incompatible with Embed Perl so
> the include path will not be set correctly.
> 
> Adding a
> 
>   push @INC, "/usr/lib/nagios/plugins/"
> 
> works - as does disabling embed perl by adding 
> 
> # nagios: -epn
> 
> at the beginning of the file:
> 
> [1508393842.167065] [2320.2] [pid=7885] Raw Command Input: 
> /usr/lib/nagios/plugins/check_mailq -w '$ARG1$' -c '$ARG2$' -M postfix
> [1508393842.167070] [2320.2] [pid=7885] Expanded Command Output: 
> /usr/lib/nagios/plugins/check_mailq -w '$ARG1$' -c '$ARG2$' -M postfix
> [1508393842.167094] [016.1] [pid=7885] Check result output will be written to 
> '/tmp/checkJS5yGx' (fd=5)
> [1508393842.167126] [016.1] [pid=7885] ** Using Embedded Perl interpreter to 
> run service check...
> [1508393842.167173] [016.0] [pid=7885] Embedded Perl failed to compile
>   /usr/lib/nagios/plugins/check_mailq, compile error **ePN failed to
>   compile /usr/lib/nagios/plugins/check_mailq: "Can't locate utils.pm
>   in @INC (you may need to install the utils module) (@INC contains:
>   /usr/lib/icinga /etc/perl /usr/local/lib/x86_64-linux-gnu/perl/5.24.1
>   /usr/local/share/perl/5.24.1 /usr/lib/x86_64-linux-gnu/perl5/5.24
>   /usr/share/perl5 /usr/lib/x86_64-linux-gnu/perl/5.24 
> /usr/share/perl/5.24
>   /usr/local/lib/site_perl) at (eval 29) line 37, BEGIN 
> failed--compilation
>   aborted at (eval 29) line 44." at /usr/lib/icinga/p1.pl line 159.
>- skipping plugin
> [1508393842.167194] [016.2] [pid=7885] Moving temp check result file 
> '/tmp/checkJS5yGx' to queue file 
> '/var/lib/icinga/spool/checkresults/cPevBhT'...
> 
> 
>  34 use FindBin;
>  35 use lib "$FindBin::Bin";
>  36 use utils qw(%ERRORS _revision   );
>  37 

Could it be that this s related to
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=863399#10?

Thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#827757: [Pkg-nagios-devel] Bug#827757: Bug#827757: apt-get upgrade doesn't want to upgrade packages in need of an upgrade

[Jan Wagner]

Hi Christoph,

do you have still issues with recent (stretch or buster) versions of
check_apt. There has been enhancements implemented since you bug report.

Thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#764603: [Pkg-nagios-devel] Bug#764603: nagios-plugins-basic: The nagios plugin rgrep does not recognize KoD packages from the ntpserver

[Jan Wagner]

severity 764603 normal
thanks

Am 10.10.14 um 14:14 schrieb leo weppelman:> It looks like my ntpd is
more eager to send a KoD than yours :-) It can> also be that your nagios
check has more time between the requests (I> believe 2secs. is the
threshold). But why this differs between our> configs is a mystery to me.
Is this still the case with recent versions (stretch and/or buster)?

Thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#880743: [Pkg-nagios-devel] Bug#880743: nagios-plugins-contrib: check_ssl_cert can't use -servername option of openssl s_client

[Jan Wagner]

Hi Johan,

Am 14.12.17 um 02:13 schrieb Johan Fleury:
> Is there any chance to see this patch pushed to stable along with unstable?

from what I've seen the changes are too invasive to backport this to
stable. Anyway if anybody can come up with an isolated patch(set) we can
have a look if this can be integrated.

With kind regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#884328: nagios-plugins-contrib: check_running_kernel checks against recent installed kernel file

[Jan Wagner]

Package: nagios-plugins-contrib
Version: 21.20170222
Severity: normal

Running this on recent Debian Jessie (with installed linux-image from
Jessie AND Wheezy) results into the following:

# /usr/lib/nagios/plugins/check_running_kernel
WARNING: Running kernel does not match on-disk kernel image: [Linux
version 3.16.0-4-amd64 (debian-ker...@lists.debian.org) (gcc version
4.8.4 (Debian 4.8.4-1) ) #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) !=
Linux version 3.2.0-4-amd64 (debian-ker...@lists.debian.org) (gcc
version 4.6.3 (Debian 4.6.3-14) ) #1 SMP Debian 3.2.96-2]

# ls -la /boot/vmlinuz*
-rw-r--r-- 1 root root 3129104 Sep 19 17:11 /boot/vmlinuz-3.16.0-4-amd64
-rw-r--r-- 1 root root 2854496 Dec 10 18:24 /boot/vmlinuz-3.2.0-4-amd64
# uname -s -r -v
Linux 3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19)

So it reports that the running 3.16.0-4-amd64 does not match the
recently installed 3.2.0-4-amd64. Indeed this it totally true, but I
guess this is nobody caring, cause in such a situation it would be
expected nobody wants to boot and run the 3.2.0 kernel.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#878966: [Pkg-nagios-devel] Bug#878966: nagios-plugins-contrib FTBFS with libvarnishapi-dev 5.2.0-1

[Jan Wagner]

Am 18.10.17 um 08:20 schrieb Adrian Bunk:
> ...
> check_varnish.c: In function 'check_stats_cb':
> check_varnish.c:193:33: error: 'const struct VSC_point' has no member named 
> 'section'
>   assert(sizeof(tmp) > (strlen(pt->section->fantom->type) + 1 +
>  ^
> check_varnish.c:194:19: error: 'const struct VSC_point' has no member named 
> 'section'
>   strlen(pt->section->fantom->ident) + 1 +
>^
> check_varnish.c:195:21: error: 'const struct VSC_point' has no member named 
> 'desc'; did you mean 'sdesc'?
>   strlen(pt->desc->name) + 1));
>  ^
> ...

looks like #879471 is the problem.



signature.asc
Description: OpenPGP digital signature

Bug#874259: [Pkg-nagios-devel] Bug#874259: nagios-plugins-contrib: check_memory regression on Debian 9 (don't work anymore)

[Jan Wagner]

tags 874259 + moreinfo unreproducible
thanks

Hi Tom,

Am 04.09.17 um 15:50 schrieb Tom LAREDO:
> nagios-plugins-contrib provides /usr/lib/nagios/plugins/check_memory that is 
> broken on Debian Stretch.
> 
> Here is the behaviour:
> 
> # /usr/lib/nagios/plugins/check_memory
> Can't call method "new" on an undefined value at ./check_memory line 55.
> 
> This may be due to the format change of 'free' command (or maybe a 
> broken/missing dependency?).

I can not reproduce this here. Did you have a look into
/usr/share/doc/nagios-plugins-contrib/README.Debian.plugins and
installed one of the listed packages which are needed to be installed?
Let me guess you are not installing recommends?

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#880544: [Pkg-nagios-devel] Bug#880544: nagios-plugins-contrib: check_rbl does not handle IPv6 addresses

[Jan Wagner]

tags 880544 + pending
thanks

Hi Hamish,

thanks for bringing this issue to our attention.

Am 02.11.17 um 02:18 schrieb Hamish Moffatt:
> check_rbl does not properly query the DNSBLs for IPv6 addresses.
> 
> The logic to convert the IP to .zen.spamhaus.org for example
> assumes an IPv4 dotted quad and doesn't handle IPv6.
Looks like this was fixed by
https://github.com/matteocorti/check_rbl/commit/565c94383ecb1f3e569192fd4de2bfc08f7d7789
which is part of version 1.4.1 of the plugin we imported recently into
out VCS.
It should be available with the next upload to unstable.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#880743: [Pkg-nagios-devel] Bug#880743: nagios-plugins-contrib: check_ssl_cert can't use -servername option of openssl s_client

[Jan Wagner]

tags 880743 + pending
thanks

Hi Johan,

thanks for bringing this to our attention.

Am 04.11.17 um 18:43 schrieb Johan Fleury:
> The check_ssl_cert plugin of nagios-plugins-contrib can't use TLS SNI
> due to a bug in the way it detects available options of `openssl
> s_client`.
> 
[...]

> Here is the output of check_ssl_cert on one of my domain that requires
> SNI:
> 
>   # /usr/lib/nagios/plugins/check_ssl_cert -v -H arcaik.net
>   expect not available
>   timeout available (/usr/bin/timeout)
>   found GNU date with timestamp support: enabling date computations
>   '/usr/bin/openssl s_client' does not support '-servername': disabling
>   virtual server support
>   downloading certificate to /tmp
>   parsing the certificate file
>   cannot find the CA Issuers in the certificate: disabling OCSP checks
>   The certificate will expire in 3649 day(s)
>   SSL_CERT CRITICAL subject=CN = vps01.br0.fr: Cannot verify
>   certificate, self signed certificate|days=3649
> 
> I can't use this version of check_ssl_cert to monitor my certs anymore.
> Is it possible to fix the script for the stable distribution? I already
> have a work around but I would rather use the Debian shipped plugins.
This is fixed with the imported version 1.57.0 of the plugin into our
VCS. It should be available with the next upload to unstable.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#884076: [Pkg-nagios-devel] Bug#884076: nagios-plugins-standard: check_mysql segfaults with --extra-opts

[Jan Wagner]

tags 884076 + moreinfo unreproducible
thanks

Hi Joonas,

thanks for bringing this to our attention.

Am 11.12.17 um 10:06 schrieb Joonas Kylmälä:
> I ran the command "/usr/lib/nagios/plugins/check_mysql --extra-opts" and
> it gave me the following output: "Segmentation fault".

Unfortunately I'm not able to reproduce this:

waja@bb:~$ /usr/lib/nagios/plugins/check_mysql --extra-opts
Cannot find config file in any standard location.
waja@bb:~$ dpkg --print-architecture
amd64
waja@bb:~$ cat /etc/debian_version
9.2
waja@bb:~$ dpkg -l | grep monitoring-plugins-standard
ii  monitoring-plugins-standard  2.2-3
amd64Plugins for nagios compatible monitoring systems (standard)

Would be good to have more informations so we maybe can reproduce this.

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#881974: [Letsencrypt-devel] Bug#881974: [dehydrated] Old LICENSE specification prevents letsencrypt account creation

[Jan Wagner]

Hi Mattia,

thanks for caring!

Am 18.11.17 um 14:04 schrieb Mattia Rizzolo:
>>> I guess, that it would be sufficient (and proper) to update the default
>>> value for LICENCE in /usr/bin/dehydrated.
>>
>> a fix for this was implemented with
>> https://gist.github.com/waja/8df78afb09691e4f383d818685f48885/revisions#diff-e259eb2e20fc5f6c60769b3f2919953a
>> and is included in version 0.4.0
> 
> Not sure how anything in that gist is related to this issue, tbh.

Oh sorry .. that was an copy'n'paste error from my side.

>> Indeed, I would welcome to get backported this to stable, as is some
>> kind of regression.
> 
> I'll see about getting
> https://anonscm.debian.org/git/letsencrypt/dehydrated.git/commit/?h=debian/stretch=5ae0ba0674a4913bcd27e16d02bacf486e570c83
> in the next point release.

I think this is NOT the best idea, cause this will just only help until
the next LICENSE is published and this has to be fixed again.

> AFAIK 0.4.0 is not affected because it downloads the last agreements at
> registration time, and therefore doesn't hardcode this URL.

No, it's fixed there. The issue for this is
https://github.com/lukas2511/dehydrated/issues/346 and it was fixed in
https://github.com/lukas2511/dehydrated/commit/6a32f20e004b9d835cd02de9d78300be02784cf1.

Best wishes, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#881974: [dehydrated] Old LICENSE specification prevents letsencrypt account creation

[Jan Wagner]

Hi Lars,

Am 17.11.17 um 04:10 schrieb Lars Kruse:
> I was able to work around this by adding the following line to
> /etc/dehydrated/config:
> 
>   LICENSE="https://letsencrypt.org/documents/LE-SA-v1.2-November-15-2017.pdf;
> 
> I guess, that it would be sufficient (and proper) to update the default
> value for LICENCE in /usr/bin/dehydrated.

a fix for this was implemented with
https://gist.github.com/waja/8df78afb09691e4f383d818685f48885/revisions#diff-e259eb2e20fc5f6c60769b3f2919953a
and is included in version 0.4.0

Indeed, I would welcome to get backported this to stable, as is some
kind of regression.

Thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#877992: postfix: Postfix does not start services after upgrade to stretch 9.2 and reboot

[Jan Wagner]

Hi there,

Am 16.10.17 um 22:58 schrieb Scott Kitterman:
> I've just upgraded several systems to 9.2 (and rebooted) and am unable to 
> reproduce the problem.  For the original submitter (or anyone else who had 
> the 
> problem) do you use multi-instance postfix?  Is there anything unusual about 
> your configuration?

as described in
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877992#10 I had
postfix bound with "inet_interfaces=" to a specific IP (which was not
available in early bootstage).

/lib/systemd/system-generators/postfix-instance-generator is doing a the
following:

if [ -f /etc/postfix/main.cf ]; then
for NAME in $(postmulti -l -a | awk '{ print $1}'); do
ln -s "$SERVICEFILE" "$WANTDIR/postfix@$NAME.service"
done
else
ln -s "$SERVICEFILE" "$WANTDIR/postfix@-.service"
fi

As "postmulti -l -a" failed in early bootstage in my case, it doesn't
generate the needed links.

I worked around the problem by removing the inet_interfaces-config
statement.

As every other reporter is affected at boot time, this seems the source
of the problem.
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=877992#20 indicates
the same and a reinstall seems to trigger generating the links.
I guess "postmulti -l -a" doesn't fail when the system is up and
running, but in early boot stage.

For everybody affected. You can try to boot into "/bin/sh" by adding
"init=/bin/sh" to your bootprompt. Be aware you will have no network in
this case.

I reproduced the issue in this case by running:

# ip link set lo up
# postmulti -l -a

Cheers, Jan.



signature.asc
Description: OpenPGP digital signature

Bug#877992: postfix: Postfix does not start services after upgrade to stretch 9.2 and reboot

[Jan Wagner]

Hi there,

Am 08.10.17 um 12:28 schrieb Thomas L.:
> yesterday I did an upgrade from Debian Stretch 9.1 to 9.2. Postfix was 
> updated. During the update, no error accured.
> After a reboot, "systemctl status postfix" showed this:
> 
> ● postfix.service - Postfix Mail Transport Agent
>Loaded: loaded (/lib/systemd/system/postfix.service; enabled; vendor 
> preset: enabled)
>Active: active (exited) since Sun 2017-10-08 12:10:45 CEST; 2min 7s ago
>   Process: 485 ExecReload=/bin/true (code=exited, status=0/SUCCESS)
>   Process: 447 ExecStart=/bin/true (code=exited, status=0/SUCCESS)
>  Main PID: 447 (code=exited, status=0/SUCCESS)
> Tasks: 0 (limit: 4915)
>Memory: 0B
>   CPU: 0
>CGroup: /system.slice/postfix.service
> 
> When I did "netstat -tulpn" no postfix processed were bound to any IP 
> addresses and htop showed me not a single postfix process. The error log 
> /var/log/mail.log was not touched.
> 
> "systemctl restart postfix" changed nothing, postfix was dead.
> 
> Only "apt-get install --reinstall postfix" helped. After re-installing 
> postfix, everything was working again. I could reproduce this problem on 4 of 
> my hosts. 

in my case the problem was having "inet_interfaces=" specified in
main.cf.
Booting with "init=/bin/sh" "postmulti -l -a" failed with:

postmulti: fatal: parameter inet_interfaces: no local interface found
for 

So /lib/systemd/system-generators/postfix-instance-generator failed to
create /run/systemd/generator/postfix.service.wants.

This seems to be a regression introduced by fixing #873957.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#867882: closed by Michal Čihař <ni...@debian.org> (Bug#867882: fixed in phpmyadmin 4:4.6.6-5)

[Jan Wagner]

Hi there,

Am 13.07.17 um 10:36 schrieb Jan Wagner:
> Am 10.07.17 um 13:51 schrieb Debian Bug Tracking System:
>>* Fix open_basedir setting for PHP 7 (Closes: #867882).
> 
> could you please also provide a fix for stretch for the next point
> release which should round about 1 month after stretch was released?

as this is a regression in stretch, is there anything that can I help
with, to get that fix available in stretch too?

Thanks, Jan.
-- 
Never write mail to <w...@spamfalle.info>, you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#799480: marked as done (grub-xen-host: XEN domU crash when PV grub chainloads 32-bit domU grub)

[Jan Wagner]

Hi there,

Am 23.06.17 um 15:21 schrieb Debian Bug Tracking System:
>  grub2 (2.02-1) unstable; urgency=medium
>  .
>* New upstream release.
>  - xen: Fix wrong register in relocator (closes: #799480).

could you please also provide a fix for stretch for the next point
release which should round about 1 month after stretch was released?

Even jessie whould be worth.

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#867882: closed by Michal Čihař <ni...@debian.org> (Bug#867882: fixed in phpmyadmin 4:4.6.6-5)

[Jan Wagner]

Hi there,

Am 10.07.17 um 13:51 schrieb Debian Bug Tracking System:
>* Fix open_basedir setting for PHP 7 (Closes: #867882).

could you please also provide a fix for stretch for the next point
release which should round about 1 month after stretch was released?

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#863981: check_ping uses IPv6 with -4

[Jan Wagner]

Hi Stefan,

Am 11.07.17 um 14:11 schrieb Stefan Bühler:
> Maybe adding a separate "ping4-command" compile time string is an option.

the problem is not the string, but the reliable detection (which
hopefully doesn't break in the feature again).

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#863981: check_ping uses IPv6 with -4

[Jan Wagner]

Dear Stefan,

Am 11.07.17 um 11:07 schrieb Stefan Bühler:
> You didn't get the issue.  I know very well how to call check_ping with
> -4 - I can do that with my local config.  But check_ping -4 DOES NOT
> call "ping -4" - it just calls "ping".  The -4 option does *NOTHING*. It
> basically is the same as not passing "-6".

just adding "-4" to the "ping-command" in debian/rules will solve this
problem but cause others.

<- snip ->
Depends: inetutils-ping (>= 2:1.9-1~) [kfreebsd-any hurd-any],
 iputils-ping [linux-any],
<- snap ->

inetutils-ping and older iputils-ping (when backporting) doesn't support
"ping -4". So this is something that has to be discovered at buildtime I
think.

> Also there is no package providing /etc/nagios-plugins/config/ping.cfg.
> Maybe you meant /usr/share/monitoring-plugins/templates-basic/ping.cfg ?
> But not really relevant at all.

Indeed, but ping.cfg is copied by ucf via maintainers script to
/etc/nagios-plugins/config/.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#863399: [Pkg-nagios-devel] Bug#863399: nagios-plugins-standard: missing dependency check_mailq -> FindBin.pm

[Jan Wagner]

Hi Fedor,

thanks for bringing this to our attention.

Am 26.05.2017 um 12:29 schrieb Fedor Piecka:
> Running check_mailq causes an error:
> 
> $ /usr/lib/nagios/plugins/check_mailq -w 5 -c 15 -M postfix
> Can't locate FindBin.pm in @INC (you may need to install the FindBin
> module) (@INC contains: /etc/perl
> /usr/local/lib/x86_64-linux-gnu/perl/5.20.2 /usr/local/share/perl/5.20.2
> /usr/lib/x86_64-linux-gnu/perl5/5.20 /usr/share/perl5
> /usr/lib/x86_64-linux-gnu/perl/5.20 /usr/share/perl/5.20
> /usr/local/lib/site_perl .) at /usr/lib/nagios/plugins/check_mailq line 34.
> BEGIN failed--compilation aborted at /usr/lib/nagios/plugins/check_mailq
> line 34.
> 
> After issuing "apt-get install libfindbin-libs-perl", the command works:
> 
> $ /usr/lib/nagios/plugins/check_mailq -w 5 -c 15 -M postfix
> OK: postfix mailq reports queue is empty|unsent=0;5;15;0

I guess you are not installing recommended packages? As in
/usr/share/doc/monitoring-plugins-standard/README.Debian.plugins stated
we avoid pulling all the depedencies as this was reported as an issue
many times in the past.
So if your are not switching off installing recommended packages
intentionally, this package should be installed (perl-modules).

With kind regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#863981: check_ping uses IPv6 with -4

[Jan Wagner]

Hi Stefan,

thanks for bringing this to our attention.

Am 02.06.2017 um 18:39 schrieb Stefan Bühler:
> check_ping doesn't forward the "-4" option to ping, and ping prefers
> IPv6 now (i.e. probably whatever is configured through gai.ping).
> 
> Giving upstream only allows configuring "ping-command" and
> "ping6-command" (there is no explicit "ping4-command") I suggest adding
> "-4" to the "ping-command" in debian/rules in the meantime.

I guess you have checked /etc/nagios-plugins/config/ping.cfg? There are
explicit commands ending on "_4" which are using "-4" in its command and
so forcing IPv4 tests.

With kind regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#867256: [Pkg-nagios-devel] Bug#867256: monitoring-plugins-basic: fails to install: Error: The new file apt.cfg does not exist!

[Jan Wagner]

Hi Andreas,

Am 10.07.2017 um 20:52 schrieb Andreas Beckmann:
> Looking at my logs, the problem was only reproducible in sid at the time
> I filed the bug, but now it also happens in buster.

Unfortunately this wasn't obvious from your bugreport and I tested with
stretch.

> OK, let me debug a bit more after the failure occurred
> 
> # sed -i '2iset -x' /var/lib/dpkg/info/monitoring-plugins-basic.postinst
> # dpkg --configure --pending
> Setting up monitoring-plugins-basic (2.2-3) ...
> + set -e
> + templdir=/usr/share/monitoring-plugins/templates-basic
> + . /usr/share/monitoring-plugins/dpkg/functions
> + npconfdir=/etc/nagios-plugins/config
> + plugindir=/usr/lib/nagios/plugins/
> + [ configure = configure ]
> + register_cfgs
> + cd /usr/share/monitoring-plugins/templates-basic
> + dest=/etc/nagios-plugins/config/apt.cfg
> + ucf apt.cfg /etc/nagios-plugins/config/apt.cfg
> Error: The new file apt.cfg does not exist!
> dpkg: error processing package monitoring-plugins-basic (--configure):
>  subprocess installed post-installation script returned error exit status 1
> Errors were encountered while processing:
>  monitoring-plugins-basic
> 
> extending the error message in ucf to also print $(pwd), reveals that
> the current directory of the process is /, which leads us to

Thanks for tracing this down.

> debconf (1.5.62) unstable; urgency=medium
> ...
>   * Change directory to / before executing maintainer scripts (closes:
> #608648).
> ...

root@68e9dcd89c70:/# dpkg -l | grep debconf
ii  debconf   1.5.61   all  Debian
configuration management system

So this explains why this was not reproducible. I tested this on
stretch, as the reported version is also in stretch.

It would be good to state on which release your problem exists, as one
package version can live on more then one. This would save time and
resources on all sides.

> So address your configuration files with absolute paths.

I'll prepare a fix and upload it to the VCS.

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#867256: [Pkg-nagios-devel] Bug#867256: monitoring-plugins-basic: fails to install: Error: The new file apt.cfg does not exist!

[Jan Wagner]

tags 867256 + unreproducible moreinfo
thanks

Hi Andreas,

thanks for bringing this to our attention.

Am 05.07.2017 um 10:42 schrieb Andreas Beckmann:
> during a test with piuparts I noticed your package failed to install. As
> per definition of the release team this makes the package too buggy for
> a release, thus the severity.
> 
>>From the attached log (scroll to the bottom...):
> 
>   Selecting previously unselected package monitoring-plugins-basic.
> (Reading database ... 4672 files and directories currently installed.)
>   Preparing to unpack .../monitoring-plugins-basic_2.2-3_amd64.deb ...
>   Unpacking monitoring-plugins-basic (2.2-3) ...
>   Setting up monitoring-plugins-basic (2.2-3) ...
>   Error: The new file apt.cfg does not exist!
>   dpkg: error processing package monitoring-plugins-basic (--configure):
>subprocess installed post-installation script returned error exit status 1
>   Errors were encountered while processing:
>monitoring-plugins-basic

I did run a "apt install monitoring-plugins-basic" on a fresh stretch
container.

The package installed without an issue.

Creating config file /etc/nagios-plugins/config/users.cfg with new version
Setcap for check_icmp and check_dhcp worked!
Processing triggers for libc-bin (2.24-11+deb9u1) ...
root@68e9dcd89c70:/# dpkg -S apt.cfg
monitoring-plugins-basic:
/usr/share/monitoring-plugins/templates-basic/apt.cfg
root@68e9dcd89c70:/# ls -la /etc/nagios-plugins/config/apt*
-rw-r--r-- 1 root root 277 Jan 19 07:14 /etc/nagios-plugins/config/apt.cfg

So I need more information to identify/reproduce the problem.

With kind regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#867882: [phpmyadmin] Not working with auth_type 'http'

[Jan Wagner]

Package: phpmyadmin
Version: 4:4.6.6-4
Severity: important
Tags: patch

Hi there,

after upgrading to stretch, phpmyadmin isn't working anymore. I'm using
auth_type 'http'.
It looks like the issue is a copy error in
c50c18d254561212980fa900e51d914a4e768781.

[Mon Jul 10 11:08:50.031604 2017] [:error] [pid 1490] [client
217.145.98.130:58406] PHP Warning:  is_dir(): open_basedir restriction
in effect. File(/usr/share/php/php-php-gettext/) is not within the
allowed path(s): (/usr/sha
re/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/)
in /usr/share/phpm
yadmin/libraries/vendor_config.php on line 64
[Mon Jul 10 11:08:50.031826 2017] [:error] [pid 1490] [client
217.145.98.130:58406] PHP Warning:  require_once(): open_basedir
restriction in effect. File(/usr/share/php/php-php-gettext/gettext.inc)
is not within the allowed p
ath(s):
(/usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/)
i
n /usr/share/phpmyadmin/libraries/common.inc.php on line 77
[Mon Jul 10 11:08:50.031863 2017] [:error] [pid 1490] [client
217.145.98.130:58406] PHP Warning:
require_once(/usr/share/php/php-php-gettext/gettext.inc): failed to open
stream: Operation not permitted in /usr/share/phpmyadmi
n/libraries/common.inc.php on line 77
[Mon Jul 10 11:08:50.031875 2017] [:error] [pid 1490] [client
217.145.98.130:58406] PHP Fatal error:  require_once(): Failed opening
required '/usr/share/php/php-gettext/gettext.inc' (include_path='.') in
/usr/share/phpmyadmin
/libraries/common.inc.php on line 77

As this is a regression, please consider to fix that in stable soon.

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--
--- /etc/phpmyadmin/apache.conf.orig	2016-12-01 08:42:43.0 +0100
+++ /etc/phpmyadmin/apache.conf 	2017-07-10 11:37:40.697076631 +0200
@@ -29,7 +29,7 @@
 
 php_value include_path .
 php_admin_value upload_tmp_dir /var/lib/phpmyadmin/tmp
-php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
+php_admin_value open_basedir /usr/share/phpmyadmin/:/etc/phpmyadmin/:/var/lib/phpmyadmin/:/usr/share/php/php-gettext/:/usr/share/php/php-php-gettext/:/usr/share/javascript/:/usr/share/php/tcpdf/:/usr/share/doc/phpmyadmin/:/usr/share/php/phpseclib/
 php_admin_value mbstring.func_overload 0
 
 


signature.asc
Description: OpenPGP digital signature

Bug#864173: [Pkg-nagios-devel] Bug#864173: check_backuppc does not compile

[Jan Wagner]

Hi Peter,

Am 12.06.17 um 21:37 schrieb Peter Palfrader:
>> I guess you have one of these packages installed?
>>
>> # zgrep -1 check_backuppc
>> /usr/share/doc/nagios-plugins-contrib/README.Debian.plugins | grep -v ^$
>> check_backuppc:
>> Required Packages: libmonitoring-plugin-perl | libnagios-plugin-perl
> I don't.

as statet in /usr/share/doc/nagios-plugins-contrib/README.Debian.plugins
you need to install additional packages for most of the plugins to work.
Those are mostly listed as Recommends which you might not have enabled.

Please ensure that libmonitoring-plugin-perl or libnagios-plugin-perl
(>= 0.31) are installed.

With best regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#864173: [Pkg-nagios-devel] Bug#864173: check_backuppc does not compile

[Jan Wagner]

Hi Peter,

thanks for bringing this to our attention.

Am 04.06.17 um 20:53 schrieb Peter Palfrader:
> } root@ajax:~# sudo -u backuppc /usr/lib/nagios/plugins/check_backuppc -H ajax
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 99.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 123.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 124.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 129.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 137.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 147.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 177.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 240.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 260.
> } Global symbol "%ERRORS" requires explicit package name (did you forget to 
> declare "my %ERRORS"?) at /usr/lib/nagios/plugins/check_backuppc line 286.
> } Execution of /usr/lib/nagios/plugins/check_backuppc aborted due to 
> compilation errors.
> } root@ajax:~# 

I guess you have one of these packages installed?

# zgrep -1 check_backuppc
/usr/share/doc/nagios-plugins-contrib/README.Debian.plugins | grep -v ^$
check_backuppc:
Required Packages: libmonitoring-plugin-perl | libnagios-plugin-perl

Actual I can't reproduce this on jessie with nagios-plugins-contrib
21.20170222~bpo8+1 installed.

With kind regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#863797: [Pkg-nagios-devel] Bug#863797: monitoring-plugins-basic: unable to use check_disk inside /var/tmp

[Jan Wagner]

Hi Emmanuel,

thanks for bringing this to our attention.

Am 31.05.17 um 12:06 schrieb Emmanuel DECAEN:
> Package: monitoring-plugins-basic
> Version: 2.2-3
[...]
> After upgrade, check_disk on /var/tmp/mysql is broken.
> 
> Status using nrpe (wrong):
> DISK CRITICAL - /var/tmp/mysql is not accessible: No such file or directory
> 
> Status using bash (works correctly):
> $ /usr/lib/nagios/plugins/check_disk -w 20% -c 10% -p /var/tmp/mysql
> DISK OK - free space: /var/tmp/mysql 10187 MB (99% inode=99%);|
> /var/tmp/mysql=42MB;8184;9207;0;10230

Which is a strong indication that check_disk itself works as expected.

> In nrpe, system wide /var/tmp is no more reachable
> $ grep "/var/tmp" /proc/11489/mountinfo
> 115 113 254:2 / /var/tmp/mysql rw,noatime,nodiratime shared:65
> master:32- xfs /dev/mapper/v1-tmp rw,attr2,inode64,noquota
> 121 113 8:5
> /tmp/systemd-private-b35c254c031041979d3126e02a0c5c51-nagios-nrpe-server.service-7xjqpw/tmp
> /var/tmp rw,relatime shared:66 master:28 - ext4 /dev/sda5 rw,data=ordered
As you traced the problem yourself to nrpe, you might want to reassign
the bug to nagios-nrpe-plugin with appropriate version?

Best regards, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#861814: [Pkg-nagios-devel] Bug#861814: nagios-plugins-contrib: check_email_delivery fails using SMTP TLS

[Jan Wagner]

severity 861814 normal
tags 861814 + moreinfo
thanks

Hi Gabriele,

thanks for your feedback.

Am 04.05.17 um 11:50 schrieb Gabriele Vivinetto:
> Version: 4.20120702
[...]
> Using check_email_delivery with  SMTP TLS fails with error
> 
> EMAIL DELIVERY CRITICAL - smtp failed: SMTP SEND CRITICAL - invalid 
> SSL_version specified at /usr/share/perl5/IO/Socket/SSL.pm line 332 
> 
> Command used:
> 
> /usr/lib/nagios/plugins/check_email_delivery \
>   --smtp-server smtp.gmail.com \
>   --smtp-username nag...@gmail.com \
>   --smtp-password 12345678 \
>   --smtptls \
>   --imap-server imap.example.com \
>   --username nag...@example.com \
>   --password 12345678 \
>   --imapssl \
>   --imap-port 993 \
>   --mailto nag...@example.com \
>   --mailfrom nag...@gmail.com

did you try the package from jessie/stretch? For making life easier you
can fetch them from squeeze-backports and squeeze-backports-sloppy.

Many thanks, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#856676: [Pkg-nagios-devel] Bug#856676: monitoring-plugins-basic: broken symlink: /usr/share/doc/monitoring-plugins-basic/LEGAL -> ../monitoring-plugins-common/LEGAL

[Jan Wagner]

tags 856676 + pending
thanks

Hi Andreas,

thanks for your bugreport.

Am 03.03.17 um 20:06 schrieb Andreas Beckmann:
> during a test with piuparts I noticed your package ships (or creates)
> a broken symlink.
> 
>>From the attached log (scroll to the bottom...):
> 
> 0m22.6s ERROR: FAIL: Broken symlinks:
>   /usr/share/doc/monitoring-plugins-basic/LEGAL -> 
> ../monitoring-plugins-common/LEGAL
> 
> 
> The monitoring-plugins-common package does not (or no longer) ship
> /usr/share/doc/monitoring-plugins-common/LEGAL

I've commited a fix into VCS, but actually I do not intend to fix this
in stretch as long there doesn't pop up an important bug.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#799480: Re: XEN domU crash when PV grub chainloads 32-bit domU grub

[Jan Wagner]

Hi there,

Am 07.02.17 um 09:55 schrieb Sergio Gelato:
> - Forwarded message from Vladimir Serbinenko -
> 
> Follow-up Comment #3, bug #46014 (project grub):
> 
> I believe this is red herring. Please try the patch that I've posted on
> grub-devel mailing list
> (https://lists.gnu.org/archive/html/grub-devel/2017-02/msg00031.html) or the
> branch xenfixes
> (http://git.savannah.gnu.org/cgit/grub.git/commit/?h=phcoder/xenfixes )

is there any chance to get that fixed in stretch (or maybe even in
jessie) please?

Thank, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature

Bug#855253: [Pkg-nagios-devel] Bug#855253: nagios-plugins-contrib: check_ssl_cert errors in Debian/Stretch

[Jan Wagner]

Hi Jonas,

thanks for reporting the issue.

Am 16.02.17 um 02:11 schrieb Jonas Meurer:
> apparently check_ssl_cert has issues in Debian/Stretch:
> 
> # /usr/lib/nagios/plugins/check_ssl_cert -H www.google.com
> Certificate will not expire
> unable to load certificate
> 139704416556224:error:0D07207B:asn1 encoding
> routines:ASN1_get_object:header too long:../crypto/asn1/asn1_lib.c:101:
> SSL_CERT CRITICAL www.google.com: unable to load certificate
> 139735049802944:error:0906D06C:PEM routines:PEM_read_bio:no start
> line:../crypto/pem/pem_lib.c:691:Expecting: TRUSTED
> CERTIFICATE|days=69

looks like an issue cause new behavior of openssl.

The atomar fix for this should be
https://github.com/matteocorti/check_ssl_cert/commit/4bb87dd352f4f479faa35eadb81760eef7173e56
and
https://github.com/matteocorti/check_ssl_cert/compare/v1.37.0...v1.42.0
would be the diff when updating check_ssl_cert to latest upstream. I
would prefer the latter one.

Cheers, Jan.
-- 
Never write mail to , you have been warned!
-BEGIN GEEK CODE BLOCK-
Version: 3.12
GIT d-- s+: a C+++ UL P+ L+++ E--- W+++ N+++ o++ K++ w--- O M+ V- PS
PE Y++
PGP++ t-- 5 X R tv- b+ DI D+ G++ e++ h r+++ y
--END GEEK CODE BLOCK--



signature.asc
Description: OpenPGP digital signature