Your message dated Thu, 28 May 2009 00:02:04 +0000
with message-id <[email protected]>
and subject line Bug#530050: fixed in bastille 1:3.0.9-11
has caused the Debian Bug report #530050,
regarding bastille: bashism in /bin/sh script
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
530050: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=530050
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: bastille
Severity: important
Version: 1:3.0.9-10
User: [email protected]
Usertags: goal-dash
Hello maintainer,
While performing an archive wide checkbashisms (from the 'devscripts' package)
check I've found your package containing a /bin/sh script making use
of a bashism.
checkbashisms' output:
> possible bashism in ./usr/sbin/bastille line 118 (unsafe echo with
> backslash):
> echo "NOTE: The system is in its pre-bastilled state.\n"
> possible bashism in ./usr/share/Bastille/bastille-tmpdir.sh line 115
> ($RANDOM):
> RAND="${RANDOM}"
> possible bashism in ./usr/share/Bastille/bastille-tmpdir-defense.sh line
> 110 ($RANDOM):
> RAND="${RANDOM}"
Not using bash (or a Debian Policy conformant shell interpreter which doesn't
provide such an extra feature) as /bin/sh is likely to lead to errors or
unexpected behaviours.
Please be aware that although bash is currently the default /bin/sh there was
a release goal for Lenny to make dash the default /bin/sh[1], and has been
proposed for squeeze as well[2].
If you want more information about dash as /bin/sh, you can read:
http://lists.debian.org/debian-release/2008/01/msg00189.html
For more information supporting this goal please refer to Debian Policy,
section 10.4, at:
http://www.debian.org/doc/debian-policy/ch-files.html#s-scripts
Hints about how to fix bashisms:
Sometimes these bugs are already fixed in Ubuntu, look at the PTS.
If not already fixed you can read:
https://wiki.ubuntu.com/DashAsBinSh
If you still don't know how to fix the bashisms don't hesitate to reply to
this email, or tag the bug as 'help'.
[1]http://release.debian.org/lenny/goals.txt
[2]http://lists.debian.org/debian-release/2009/04/msg00133.html
Thank you,
Raphael Geissert
--- End Message ---
--- Begin Message ---
Source: bastille
Source-Version: 1:3.0.9-11
We believe that the bug you reported is fixed in the latest version of
bastille, which is due to be installed in the Debian FTP archive:
bastille_3.0.9-11.diff.gz
to pool/main/b/bastille/bastille_3.0.9-11.diff.gz
bastille_3.0.9-11.dsc
to pool/main/b/bastille/bastille_3.0.9-11.dsc
bastille_3.0.9-11_all.deb
to pool/main/b/bastille/bastille_3.0.9-11_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <[email protected]> (supplier of updated bastille
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 28 May 2009 01:46:11 +0200
Source: bastille
Binary: bastille
Architecture: source all
Version: 1:3.0.9-11
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <[email protected]>
Changed-By: Javier Fernandez-Sanguino Pen~a <[email protected]>
Description:
bastille - Security hardening tool
Closes: 530050
Changes:
bastille (1:3.0.9-11) unstable; urgency=low
.
* Fix bashims in script (Closes: #530050)
- bin/bastille: replace "\n" in echo with a new echo call so that another
line is printed.
- bastille-tmpdir.sh and bastille-tmpdir-defense.sh : make them bash
scripts. This is not really necessary since the scripts already use
/dev/urandom
if available instead of $RANDOM but that way we will not get false
positives
for people looking for bashisms.
Checksums-Sha1:
6af78e3f9c79df93eb91957b06e5c7c7e25399b0 1004 bastille_3.0.9-11.dsc
2111f68f0330a61bcbf6018cfc0f93497aee36af 38636 bastille_3.0.9-11.diff.gz
7289dab6e7c1d00db631f32c03115404fcdc3b95 467154 bastille_3.0.9-11_all.deb
Checksums-Sha256:
9a1f40cfdb09ba0fe2098143eb1cbc5ec01358c6329939881f1a44b8f039e361 1004
bastille_3.0.9-11.dsc
26e9dc1aa5ad4de644a5b3db04daa525fba7d76c7efb9d79b49609194398aed6 38636
bastille_3.0.9-11.diff.gz
2f91564440a70eb33fae6ecfce06b16ed651d880c5372f0fe1902230fc7ff52e 467154
bastille_3.0.9-11_all.deb
Files:
3cb38235aaaea3a4681df913d260401c 1004 admin optional bastille_3.0.9-11.dsc
9617aea928c5c09140e07897331d762c 38636 admin optional bastille_3.0.9-11.diff.gz
896537e5fc215a9a1b1e84c4ad5a4e02 467154 admin optional
bastille_3.0.9-11_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFKHdFXsandgtyBSwkRAtBtAJ42/KcjTcttBCxvVIzgoM+5YNSxGgCfSRwu
bD46LrA7SvipuW2kVn/BJ8w=
=rU7A
-----END PGP SIGNATURE-----
--- End Message ---
