Your message dated Wed, 14 Nov 2007 21:17:05 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#436904: fixed in tiger 1:3.2.2-1
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: tiger
Version: 1:3.2.1-35
Severity: minor

Hello,

check_apache says that my apache is not bound to a specific IP address,
but it is.
  
  # /usr/lib/tiger/scripts/check_apache
  Configuring...
  Will try to check using config for 'i686' running Linux 2.6.21-2-k7...
  --CONFIG-- [con005c] Using configuration files for Linux 2.6.21-2-k7. Using
             configuration files for generic Linux 2.
  # Checking apache configuration files...
  /usr/bin/cut: invalid byte or field list
  Try `/usr/bin/cut --help' for more information.
  --WARN-- [apa001w]
           The Apache server is not configured to be bound to an specific IP 
address.
  
  
  # netstat -anp | grep apache
  tcp        0      0 127.0.0.1:80            0.0.0.0:*               LISTEN    
 7010/apache
  unix  3      [ ]         STREAM     VERBUNDEN     66126    8547/apache
  
  
  # grep -i listen /etc/apache/httpd.conf | grep -v "^#"
  Listen 127.0.0.1:80


Trying to debug this I applied the attached patch to your check_apache,
which gives me the following output:

  /home/martin/temp# bash check_apache
  Configuring...
  Will try to check using config for 'i686' running Linux 2.6.21-2-k7...
  --CONFIG-- [con005c] Using configuration files for Linux 2.6.21-2-k7. Using
             configuration files for generic Linux 2.
  # Checking apache configuration files...
  + '[' -f /etc/apache/httpd.conf ']'
  + /bin/grep '^Listen' /etc/apache/httpd.conf
  + read listen ipaddr
  ++ echo 127.0.0.1:80
  ++ /usr/bin/cut -d : -f 2
  + port=80
  ++ echo 127.0.0.1:80
  ++ /bin/sed -e 's/:.*$//'
  + ipaddr=127.0.0.1
  + echo 127.0.0.1 80
  127.0.0.1 80
  + read listen ipaddr
  + echo
  
  + '[' -z '' -o -z '' ']'
  + message WARN apa001w 'The Apache server is not configured to be bound to an 
specific IP address.'
  [...]

It seems that:
1) Someone has mixed d and f in the cut command
2) The variables port and ipaddr are reseted by leaving the while loop


Thanks,
Martin



-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (900, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.21-2-k7
Locale: [EMAIL PROTECTED], [EMAIL PROTECTED] (charmap=ISO-8859-15)

Versions of packages tiger depends on:
ii  binutils                    2.17-3       The GNU assembler, linker and bina
ii  coreutils                   5.97-5.3     The GNU core utilities
ii  debconf [debconf-2.0]       1.5.11       Debian configuration management sy
ii  diff                        2.8.1-11     File comparison utilities
ii  libc6                       2.3.6.ds1-13 GNU C Library: Shared libraries
ii  net-tools                   1.60-17      The NET-3 networking toolkit

Versions of packages tiger recommends:
pn  chkrootkit                    <none>     (no description available)
ii  exim4-daemon-light [mail-tran 4.63-17    lightweight exim MTA (v4) daemon
pn  john                          <none>     (no description available)

-- debconf information:
* tiger/mail_rcpt: martin
  tiger/remove_mess: true
* tiger/policy_adapt:
--- /usr/lib/tiger/scripts/check_apache	2006-11-30 23:11:58.000000000 +0100
+++ check_apache	2007-08-09 13:02:04.000000000 +0200
@@ -87,24 +87,30 @@
 haveallcmds GREP AWK CAT SED CUT || exit 1
 haveallfiles APACHECONFDIR BASEDIR WORKDIR || exit 1
 
+set -x
 
 # First check if Apache is bound to use only an IP address
 [ -f $APACHECONFDIR/httpd.conf ] && {
 	$GREP ^Listen $APACHECONFDIR/httpd.conf |
 	while read listen ipaddr
 	do
-		port=`echo $ipaddr | $CUT -f : -d 2`
+		port=`echo $ipaddr | $CUT -d : -f 2`
 		ipaddr=`echo $ipaddr | $SED -e 's/:.*$//'`
+		echo $ipaddr $port
 	done
 	# TODO: this check should warn only if this is a multihomed host
 	# (we probably need to check this in other places so a utils function
 	# 'amImultihome' might be useful)
+	echo $ipaddr $port
 	if [ -z "$port" -o -z "$ipaddr" ]; then
 		message WARN apa001w "The Apache server is not configured to be bound to an specific IP address."
 	else 
 		message INFO apa001w "The Apache server is configured to listen only on address $ipaddr port $port."
 	fi
 }
+
+exit 0
+
 # Now check options
 # we need to do this for all possible configuration files
 # Options that might be a securityrisk are FollowSymlinks, Indexes,

--- End Message ---
--- Begin Message ---
Source: tiger
Source-Version: 1:3.2.2-1

We believe that the bug you reported is fixed in the latest version of
tiger, which is due to be installed in the Debian FTP archive:

tiger-otheros_3.2.2-1_i386.deb
  to pool/main/t/tiger/tiger-otheros_3.2.2-1_i386.deb
tiger_3.2.2-1.diff.gz
  to pool/main/t/tiger/tiger_3.2.2-1.diff.gz
tiger_3.2.2-1.dsc
  to pool/main/t/tiger/tiger_3.2.2-1.dsc
tiger_3.2.2-1_i386.deb
  to pool/main/t/tiger/tiger_3.2.2-1_i386.deb
tiger_3.2.2.orig.tar.gz
  to pool/main/t/tiger/tiger_3.2.2.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> (supplier of updated tiger 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Thu, 08 Nov 2007 02:20:09 +0100
Source: tiger
Binary: tiger tiger-otheros
Architecture: source i386
Version: 1:3.2.2-1
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]>
Description: 
 tiger      - Report system security vulnerabilities
 tiger-otheros - Scripts to run Tiger in other operating systems
Closes: 411534 418440 436904 440372 448975 449439 450479
Changes: 
 tiger (1:3.2.2-1) unstable; urgency=low
 .
   * New upstream release
   * Remove debian/ dir from upstream's tarball to prevent FTBFS
     (Closes: #450479)
   * Fix scripts:
     - scripts/check_crontabs, scripts/check_apache, scripts/check_xinetd:
       Change message calls so that they can be filtered (Closes: #411534)
     - scripts/check_apache: Fix the way the configuration file is handled
       to obtain the IP address and port (Closes: 436904)
     - systems/Linux/2/gen_cron: Handles properly the case when the special
       @daily,@reboot, etc. definitions are used instead of real times. Also
       fix bug deailing with variables in crontab contents (Closes: 418440)
   * Add 'fuse' to the list of valid filesystems (Closes: #449439)
   * Add Dependency on bsdmainutils to get the COLUMN command (Closes: 448975)
   * Add Portuguese translation, thanks LuA-sa LourenA§o (Closes: 440372)
   * Modify update-advisories to skip directories with 'data' in the name
   * Update the advisories list
Files: 
 9eb5a9485273cd33be071cc3b7883477 624 admin optional tiger_3.2.2-1.dsc
 71dc7d6ca6734b4fc565bb4ccd8d5eb1 1049327 admin optional tiger_3.2.2.orig.tar.gz
 a31d42970900ef05bee2bd1f60e29cc0 105357 admin optional tiger_3.2.2-1.diff.gz
 a14cdb607743358b6a06b7cb0bc32caf 584044 admin optional tiger_3.2.2-1_i386.deb
 28443d460f50b546850a276fb7fe0051 483742 admin optional 
tiger-otheros_3.2.2-1_i386.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFHMnSzsandgtyBSwkRAuc/AJ0b9LZMWMYUWfj0UryFU0FYy+VnDACfci4X
wdfp5PwuzYiW9kQyQQY5lTA=
=aoWy
-----END PGP SIGNATURE-----



--- End Message ---

Reply via email to