I'm sorry the posted script have some mistakes.
Attached is the script /etc/init.d/courier-authdaemon with a better
solution to the reported problem that uses a dedicated function
postfix_check().
Guido Bozzetto.
#! /bin/sh -e
#
### BEGIN INIT INFO
# Provides
Package: courier-authdaemon
Version: 0.63.0-6+b1
Severity: minor
Tags: patch
Dear Maintainer,
with updating system from Debian 6.0.8 to 7.2 the Postfix
authentication don't work. courier-authdaemon authenticate
the system's users that are used to send email from external
on SMTP connections.
:
/etc/aide/aide.conf.d/31_aide_bind9
where there is the wrong line:
@@{BINDCHROOT}/dev/log$ LowLogs
while the correct, I suppose, is:
@@{BINDCHROOT}/dev/log$ LowLog
Thank you, Guido Bozzetto.
-- System Information:
Debian Release: 6.0
APT prefers stable
APT policy
Package: open-vm-tools
Severity: normal
With the kernel 2.6.32-5-686 2.6.32-27 the ethernet network adapter
VMXNET 2 (Enhanced) work.
Thank you.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (560, 'testing'), (545, 'testing-proposed-updates'), (540,
Package: open-vm-tools
Version: 2010.06.16-268169-3
Severity: normal
After the last upgrade of the system the network do not start.
The error appears in the networking startup script execution is:
eth0: vmxnet_init_ring alloc_page failed.
SIOCSIFFLAGS: Cannot allocate memory
with the old
Package: mdadm
Version: 3.0.3-2
Severity: normal
I suggest the following line into the /etc/cron.d/mdadm file:
57 0 * * 0 root if [ -x /usr/share/mdadm/checkarray ] [ $(date +\%d) -le 7
];then /usr/share/mdadm/checkarray --cron --all --quiet;fi
If the test is false the exit status is false
Package: open-vm-source
Version: 2010.04.25-253928-1
Severity: grave
Justification: renders package unusable
open-vm module compiling fails with:
~# M=open-vm;m-a update;m-a clean $M;m-a prepare $M;m-a -t build $M
...
# Installing the modules
set -e; for MODULE in pvscsi vmblock vmci vmhgfs
: $network
# X-Stop-After: $network
# Default-Start:S
Guido Bozzetto
-- System Information:
Debian Release: squeeze/sid
APT prefers testing-proposed-updates
APT policy: (990, 'testing-proposed-updates'), (990, 'testing'), (500,
'unstable
, Guido Bozzetto.
-- Package-specific info:
-- /proc/cmdline
BOOT_IMAGE=(hd0,1)/vmlinuz root=UUID=773e7969-3634-4445-98cd-c3aebd7e2784 ro
-- /proc/filesystems
ext4
ext2
ext3
-- lsmod
Module Size Used by
sha256_generic 8644 4
ppdev
Package: libpam-cracklib
Severity: normal
Restarting cron:
/etc/init.d/cron restart
solve the problem.
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (560, 'testing'), (545, 'testing-proposed-updates'), (540,
'testing'), (460, 'stable'), (445,
Package: open-vm-tools
Version: 2009.12.16-217847-1
Severity: important
At system start-up the open-vm-tools daemon don't start while the
vm modules are correctly loaded.
After some test I observed that without X the open-vm-tools don't work:
server:~# /etc/init.d/open-vm-tools restart
Stopping
Package: open-vm-source
Version: 2009.10.15-201664-1
Severity: important
Justification: fails to build from source
It is not possible to make the modules:
# m-a update
# m-a clean
# m-a a-i open-vm
then fails with the following messages:
...
make[4]: Entering directory
Package: libpam-cracklib
Version: 1.1.0-4
Severity: minor
After the packages upgrade appears on auth.log file the following messages:
Sep 27 04:15:01 debian CRON[30595]: PAM unable to
dlopen(/lib/security/pam_cracklib.so): /lib/libpam.so.0: version
`LIBPAM_EXTENSION_1.1' not found (required by
into another terminal and manually do:
server:~# ipmasq
and the installation script correctly finish.
Thank you, Guido Bozzetto.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (560, 'testing'), (550, 'testing'), (540,
'testing-proposed
then set $dir to virtual homedir
#
if ( $opt{'vpopmail'} ) {
@@ -2117,6 +2118,7 @@
}
chomp($dir);
}
+}
# don't do this if we weren't passed a directory
if ($dir) {
I hope this is usefull.
Thank you, Guido Bozzetto.
-- System Information:
Debian
:2.3.2-3
Thanks, Guido Bozzetto.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
On domenica 04 maggio 2008, alle 09:38, Marc Haber wrote:
tags #475983 wontfix
thanks
On Mon, Apr 14, 2008 at 11:06:14AM +0200, Guido Bozzetto wrote:
I suggest the following changes to the rule 31_aide_bind9 to
automatically create the correct rules with bind9 running into a chroot
{
# channel file-queries {
# file /var/log/bind/queries.log versions 5 size 256m;
# };
# category queries {
# file-queries;
# };
# };
Thank you for your attention,
Guido Bozzetto.
-- System Information:
Debian Release
-trunk1_i386.deb
astro:~$ uname -a
Linux astro 2.6.24-trunk-amd64 #1 SMP Fri Feb 8 15:55:21 CET 2008 x86_64
GNU/Linux
astro:~$ uptime
11:01:48 up 8 min, 2 users, load average: 0.14, 0.33, 0.26
Thank you, Guido Bozzetto.
--
Guido Bozzetto - Systems Network
2.6.24-1-amd64 #1
RIP:
Thank you for your attention, Guido Bozzetto.
-- Package-specific info:
** Version:
Linux version 2.6.24-1-686 (Debian 2.6.24-2) ([EMAIL PROTECTED]) (gcc version
4.1.3 20080114 (prerelease) (Debian 4.1.2-19)) #1 SMP Thu Jan 31 20:35:50 UTC
2008
On giovedì 07 febbraio 2008, alle 14:40, maximilian attems wrote:
[ please keep bug report on cc, cool thanks :) ]
On Thu, Feb 07, 2008 at 02:16:44PM +0100, Guido Bozzetto wrote:
On giovedì 07 febbraio 2008, alle 11:16, maximilian attems wrote:
[..]
can you please try?
linux-image
On giovedì 07 febbraio 2008, alle 15:11, maximilian attems wrote:
On Thu, Feb 07, 2008 at 03:05:35PM +0100, Guido Bozzetto wrote:
linux-image-2.6.24-trunk-amd64_2.6.24-trunk1~snapshot.10302_i386.deb
thanks for your quick tests, have git15 build from yesterday
http://photon.itp.tuwien.ac.at
Package: fail2ban
Version: 0.8.1-3
Severity: wishlist
Tags: patch
The iptables actions don't log the dropped packets. It is important to
know the dropped packets. To log packets without adding to iptables
new matches I added a new chain that log the packets before discarding
them.
-- System
Package: ipmasq
Version: 4.0.8-4
Severity: wishlist
Tags: patch
The example rule to make ipmasq working with IP-ACcountig, ipac or
ipac-ng, is dated. In attachment there is the updated solution.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (560,
. The attached file (ipmasq rule) solve the problem.
Thank you, Guido Bozzetto.
-- System Information:
Debian Release: lenny/sid
APT prefers testing
APT policy: (560, 'testing'), (550, 'testing'), (540,
'testing-proposed-updates'), (260, 'stable'), (250, 'stable'), (240
Package: fail2ban
Version: 0.8.1-3
Severity: normal
Tags: patch
The failregex don't match the incorrect password event : USER ...
(Login failed). Also the failregex don't math the root login attempts
SECURITY VIOLATION. I also added a general proftpd's authentication
error Maximum login attempts.
Package: fail2ban
Version: 0.8.1-3
Severity: normal
Tags: patch
The ipmasq package can destroy all the chains. When shutdown ipmasq the
netfilter rules are dropped. The proposed rule for ipmasq restart
fail2ban when the ipmasq start if the fail2ban is running.
The rule is a file named
Package: fail2ban
Version: 0.8.1-3
Severity: wishlist
The xinetd daemon recognize some wrong conditions:
- deny_from and only_from directives to limit source IP
- tcp wrappers limitations
so is simply to recognize attacks on the host.
The attached files are:
jail.local= jail
Package: ipmasq
Version: 4.0.8-4
Followup-For: Bug #438580
The proposed scripts for netfilter:
/etc/ipmasq/rules/A03flush.rul
/etc/ipmasq/ipmasq-down/A03flush.rul
are wrong in the sense that flush and set default policy on all
available tables and not only on kernel's loaded tables.
The side
Package: fail2ban
Version: 0.8.1-2
Severity: wishlist
The filters:
/etc/fail2ban/filter.d/sshd.conf
/etc/fail2ban/filter.d/sshd-ddos.conf
don't trigger the IP addresses blocked by the /etc/hosts.deny file.
I think is desirable that fail2ban identify these attempts.
I've added the following
Package: ipac-ng
Version: 1.31-4+b1
Followup-For: Bug #420958
I confirm that also on unstable package there is the problem with UDP or
TCP protocol specification.
Correctly work the following:
Incoming Total System|ipac~o|eth0|all
ICMP Incoming Total System|ipac~o|eth0|icmp
while don't
Package: fail2ban
Version: 0.6.1-1
Followup-For: Bug #363391
A working solution is to add LC_ALL=C to /etc/default/fail2ban
configuration file:
echo LC_ALL=C /etc/default/fail2ban
-- System Information:
Debian Release: 3.1
APT prefers testing
APT policy: (150, 'testing')
Architecture: i386
Package: ipac-ng
Version: 1.31-1
Severity: important
The configuration files supplied with the package are wrong. At the
startup and every 10 minutes there is the following message:
admin:~# /etc/init.d/ipac-ng start
Starting IP Accounting: Error in config file near line 8: syntax error
33 matches
Mail list logo