Bug#561477: marked as done (please improve the debconf question about web server)

Sun, 24 Jan 2010 13:54:54 -0800 

Your message dated Sun, 24 Jan 2010 21:35:50 +0000
with message-id <[email protected]>
and subject line Bug#561477: fixed in cacti 0.8.7e-2
has caused the Debian Bug report #561477,
regarding please improve the debconf question about web server
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
561477: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=561477
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: cacti
Version: 0.8.7e-1.1
Severity: grave
Tags: security
Justification: user security hole

I've noticed in the past that cacti RE-adds the symbolic link conf.d/cacti.conf
on every upgrade even if the source file was *manually* removed by the sysadmin.
This is done to restrict the access to 'cacti' on each virtual web site (the
default behaviour in Debian).

The first problem is that it creates access to restricted data (for those that
kept the /etc/cacti/apache.conf configuration file).

The second problem is that 'apache2' fails to start at boot from the same reason
if fails to reload on cacti postinstall:
| Not replacing deleted config file /etc/cacti/apache.conf
| apache2: Syntax error on line 278 of /etc/apache2/apache2.conf: Could not
|   open configuration file /etc/apache2/conf.d/cacti.conf: No such file or
|   directory
| failed!
| invoke-rc.d: initscript apache2, action "reload" failed.

As it can be seen postinstall already has a check for the existence of the 
config
file /etc/cacti/apache.conf. Please add the same check for creating the symlink.

Thanks

-- System Information:
Debian Release: 5.0.3
  APT prefers stable
  APT policy: (990, 'stable'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.26-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages cacti depends on:
ii  apache2            2.2.9-10+lenny6       Apache HTTP Server metapackage
ii  apache2-mpm-prefor 2.2.9-10+lenny6       Apache HTTP Server - traditional n
ii  dbconfig-common    1.8.39                common framework for packaging dat
ii  debconf [debconf-2 1.5.24                Debian configuration management sy
ii  libapache2-mod-php 5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti
ii  libphp-adodb       5.05-1                The ADOdb database abstraction lay
ii  mysql-client-5.0 [ 5.0.51a-24+lenny2     MySQL database client binaries
ii  php5               5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti
ii  php5-cli           5.2.6.dfsg.1-1+lenny4 command-line interpreter for the p
ii  php5-mysql         5.2.6.dfsg.1-1+lenny4 MySQL module for php5
ii  php5-snmp          5.2.6.dfsg.1-1+lenny4 SNMP module for php5
ii  rrdtool            1.3.1-4               Time-series data storage and displ
ii  snmp               5.4.1~dfsg-12         SNMP (Simple Network Management Pr
ii  ucf                3.0016                Update Configuration File: preserv

Versions of packages cacti recommends:
ii  iputils-ping           3:20071127-1      Tools to test the reachability of 
ii  logrotate              3.7.1-5           Log rotation utility
ii  mysql-server           5.0.51a-24+lenny2 MySQL database server (metapackage
ii  mysql-server-5.0 [mysq 5.0.51a-24+lenny2 MySQL database server binaries

Versions of packages cacti suggests:
pn  php5-ldap                     <none>     (no description available)

-- debconf information:
  cacti/db/app-user: cacti
  cacti/mysql/admin-user: root
  cacti/upgrade-backup: true
  cacti/install-error: abort
* cacti/webserver: Apache2
  cacti/internal/reconfiguring: false
  cacti/mysql/method: unix socket
  cacti/remote/host:
  cacti/upgrade-error: abort
  cacti/dbconfig-upgrade: true
  cacti/internal/skip-preseed: false
  cacti/remote/newhost:
  cacti/purge: false
  cacti/passwords-do-not-match:
  cacti/dbconfig-remove:
* cacti/dbconfig-install: true
  cacti/missing-db-package-error: abort
  cacti/database-type: mysql
  cacti/remove-error: abort
  cacti/db/dbname: cacti
  cacti/remote/port:
  cacti/dbconfig-reinstall: false

--- End Message ---
--- Begin Message --- 
Source: cacti
Source-Version: 0.8.7e-2

We believe that the bug you reported is fixed in the latest version of
cacti, which is due to be installed in the Debian FTP archive:

cacti_0.8.7e-2.diff.gz
  to main/c/cacti/cacti_0.8.7e-2.diff.gz
cacti_0.8.7e-2.dsc
  to main/c/cacti/cacti_0.8.7e-2.dsc
cacti_0.8.7e-2_all.deb
  to main/c/cacti/cacti_0.8.7e-2_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Sean Finney <[email protected]> (supplier of updated cacti package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Sun, 24 Jan 2010 21:39:46 +0100
Source: cacti
Binary: cacti
Architecture: source all
Version: 0.8.7e-2
Distribution: unstable
Urgency: low
Maintainer: Sean Finney <[email protected]>
Changed-By: Sean Finney <[email protected]>
Description: 
 cacti      - Frontend to rrdtool for monitoring systems and services
Closes: 548447 561477 563955
Changes: 
 cacti (0.8.7e-2) unstable; urgency=low
 .
   * Import 2 new "official" patches from upstream
   * Italian debconf translation
     - thanks to Alessandro De Zorzi <[email protected]> (Closes: #548447)
   * Fix for "Undefined index: local_data_id in graphs_new.php"
     - new debian patch 563955_undefined_index_local_data_id.patch
     - thanks to Teodor MICU <[email protected]> (Closes: #563955)
   * Fix for "must not RE-add /etc/apache2/conf.d/cacti.conf link on upgrade"
     - thanks to Patrick Schoenfeld <[email protected]> (Closes: #561477)
   * Bump debhelper compatibility level to 5
Checksums-Sha1: 
 d64f126303b48c24e287620e3798fa98fe51fbcf 1105 cacti_0.8.7e-2.dsc
 bfc88298e149f1762a59a69c57d6455ff7f8ab44 42806 cacti_0.8.7e-2.diff.gz
 5a342da499277a83541b10d14bd15e6cffc76396 2090752 cacti_0.8.7e-2_all.deb
Checksums-Sha256: 
 f032feb006552a6091429249d50ebe6a4e00cfcec945bca849f764a57c6868fe 1105 
cacti_0.8.7e-2.dsc
 21433c40ebe67ef1c99f848a29bf2a0a9a6f91ce73491ca3e4989cecaaf2cb34 42806 
cacti_0.8.7e-2.diff.gz
 77cda3b1d97d9ba4b13b027e476fc1f0f06f23c84a567d8678de8ae8a538aff6 2090752 
cacti_0.8.7e-2_all.deb
Files: 
 5ce00f3729ce21b772c32402017cfcb3 1105 web extra cacti_0.8.7e-2.dsc
 50541354c4461f935c06ef18667cb12e 42806 web extra cacti_0.8.7e-2.diff.gz
 d59dcb2fb442362616e1b4db20e71dbd 2090752 web extra cacti_0.8.7e-2_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iD8DBQFLXLKOynjLPm522B0RAjmxAJ4739sbGqpLm6OSbk9OE6j3aa6e1gCcCFrV
uGgZUbh5cwdam++y+sIvjSs=
=aAoa
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to