Bug#632072: marked as done ("shorewall6 load" does not source configuration file in the current directory)

Sun, 10 Jul 2011 20:21:21 -0700 

Your message dated Mon, 11 Jul 2011 03:18:22 +0000
with message-id <[email protected]>
and subject line Bug#632072: fixed in shorewall6 4.4.21-1
has caused the Debian Bug report #632072,
regarding "shorewall6 load" does not source configuration file in the current 
directory
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
632072: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=632072
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: shorewall6
Version: 4.4.19.4-1
Severity: normal

I am trying to use shorewall6 and shorewall6-lite combination to manage
configuration of several servers from one place (I believe that shorewall
for IPv4 have the same problem).

I have been using the following manual on the shorewall site:

http://www.shorewall.net/CompiledPrograms.html#Lite

I have the following folder structure:

antonm@algol:~/work/shorewall6/server.tld$ pwd
/home/antonm/work/shorewall6/server.tld
antonm@algol:~/work/shorewall6/server.tld$ ls
capabilities  interfaces  policy  README.txt  rules  shorewall6.conf
zones

Per documentaion I have copied shorewall6.conf to server.tld export
directory and made some local modifications per documentation plus I
made changes to RSH_COMMAND and RCP_COMMAND, so it will work as non-root
user on remote system.

But when I run shorewall6 load from the server.tld export directory
I do not see shorewall6 script sourcing the shorewall6.conf file in
current directory:

antonm@algol:~/work/shorewall6/server.tld$ pwd
/home/antonm/work/shorewall6/server.tld
antonm@algol:~/work/shorewall6/server.tld$ ls
shorewall6.conf
antonm@algol:~/work/sysadmin/oshec/shorewall6/mail.oshec.org$ strace -e
open /sbin/shorewall6 load server.tld
open("/etc/ld.so.cache", O_RDONLY)      = 3
open("/lib/x86_64-linux-gnu/libc.so.6", O_RDONLY) = 3
open("/sbin/shorewall6", O_RDONLY)      = 3
open("/usr/share/shorewall6/lib.base", O_RDONLY) = 3
open("/usr/share/shorewall6/lib.common", O_RDONLY) = 3
open("/usr/share/shorewall6/lib.cli", O_RDONLY) = 3
--- SIGCHLD (Child exited) @ 0 (0) ---
--- SIGCHLD (Child exited) @ 0 (0) ---
--- SIGCHLD (Child exited) @ 0 (0) ---
open("/usr/share/shorewall6/configpath", O_RDONLY) = 3
--- SIGCHLD (Child exited) @ 0 (0) ---
--- SIGCHLD (Child exited) @ 0 (0) ---
open("/etc/shorewall6/shorewall6.conf", O_RDONLY) = 3
--- SIGCHLD (Child exited) @ 0 (0) ---
--- SIGCHLD (Child exited) @ 0 (0) ---
--- SIGCHLD (Child exited) @ 0 (0) ---
[email protected]'s password:

Strace shows that no open is done for file in current directory and also
ssh command is executed as root even that in local shorewall6.conf I
have:

RSH_COMMAND='ssh ${system} "sudo ${command}"'

It used shorewall6.conf from /etc/shorewall6 while the documentation
says that:

  The CONFIG_PATH variable is treated as follows:

    The value of CONFIG_PATH in /etc/shorewall/shorewall.conf is ignored
    when compiling for export (the -e option in given) and when the load or
    reload command is being executed (see below).

    The value of CONFIG_PATH in the shorewall.conf file in the export
    directory is used to search for configuration files during compilation
    of that configuration.

I do not see that it opends shorewall6.conf in current directory at all
even that I use "load" command. This breaks ability to have custom
configuration for exported directories as per the docs.

Thanks.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (990, 'testing'), (500, 'unstable'), (150, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.38-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=ru_RU.UTF-8, LC_CTYPE=ru_RU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages shorewall6 depends on:
ii  debconf [debconf-2.0]         1.5.39     Debian configuration management sy
ii  iproute                       20110315-1 networking and traffic control too
ii  iptables                      1.4.10-1   administration tools for packet fi
ii  libio-socket-inet6-perl       2.65-1.1   Object interface for AF_INET6 doma
ii  shorewall                     4.4.19.4-1 Shoreline Firewall, netfilter conf

shorewall6 recommends no packages.

Versions of packages shorewall6 suggests:
ii  linux-image-2.6. 2.6.36-1~experimental.1 Linux 2.6.36 for 64-bit PCs
ii  linux-image-2.6. 2.6.37-1                Linux 2.6.37 for 64-bit PCs
ii  linux-image-2.6. 2.6.38-1                Linux 2.6.38 for 64-bit PCs
ii  linux-image-2.6. 2.6.38-5                Linux 2.6.38 for 64-bit PCs
ii  linux-image-2.6. 2.6.39-2                Linux 2.6.39 for 64-bit PCs
ii  make             3.81-8.1                An utility for Directing compilati
pn  shorewall-doc    <none>                  (no description available)

-- debconf information:
  shorewall6/major_release:
  shorewall6/dont_restart:
  shorewall6/invalid_config:

--- End Message ---
--- Begin Message --- 
Source: shorewall6
Source-Version: 4.4.21-1

We believe that the bug you reported is fixed in the latest version of
shorewall6, which is due to be installed in the Debian FTP archive:

shorewall6_4.4.21-1.debian.tar.gz
  to main/s/shorewall6/shorewall6_4.4.21-1.debian.tar.gz
shorewall6_4.4.21-1.dsc
  to main/s/shorewall6/shorewall6_4.4.21-1.dsc
shorewall6_4.4.21-1_all.deb
  to main/s/shorewall6/shorewall6_4.4.21-1_all.deb
shorewall6_4.4.21.orig.tar.gz
  to main/s/shorewall6/shorewall6_4.4.21.orig.tar.gz



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Roberto C. Sanchez <[email protected]> (supplier of updated shorewall6 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 10 Jul 2011 22:04:20 -0400
Source: shorewall6
Binary: shorewall6
Architecture: source all
Version: 4.4.21-1
Distribution: unstable
Urgency: low
Maintainer: Roberto C. Sanchez <[email protected]>
Changed-By: Roberto C. Sanchez <[email protected]>
Description: 
 shorewall6 - Shoreline Firewall (IPv6 version), netfilter configurator
Closes: 632072
Changes: 
 shorewall6 (4.4.21-1) unstable; urgency=low
 .
   * New Upstream Version (Closes: #632072)
   * Ship *.annotated config files in /usr/share/doc/shorewall/default-config
     to support the new 'shorewall update' command
Checksums-Sha1: 
 bb1b4a87dcba5ca228ba87620b876fdadd069c29 1868 shorewall6_4.4.21-1.dsc
 845f63821b30631dde8ed9a84f62b16da3677273 362133 shorewall6_4.4.21.orig.tar.gz
 e1eb20f3e24bef8423d05365cde4a5107c70b1c8 34258 
shorewall6_4.4.21-1.debian.tar.gz
 fcde18d8b1c763020f8ff9c2e62aaa50bac91baa 408054 shorewall6_4.4.21-1_all.deb
Checksums-Sha256: 
 0a30b4eef3f2d385533a62f53073930ce20dcacd7118646b4392e227f0064bc9 1868 
shorewall6_4.4.21-1.dsc
 5c6af8c851efef337430e2f7e4501e1d77afc20406b22c3f248dd7e198778a0c 362133 
shorewall6_4.4.21.orig.tar.gz
 b24f8a64cf57db4fbe4269d0159697a617ac6c909155b00a003bffdcbcf2b8f2 34258 
shorewall6_4.4.21-1.debian.tar.gz
 5abcd9c6c1d476cc80236f381c0ae7dc9ab4debb706bef7d384fdefdca0da895 408054 
shorewall6_4.4.21-1_all.deb
Files: 
 12e243c1d467f4d782bc042fa78f2384 1868 net optional shorewall6_4.4.21-1.dsc
 36e8425bb5c9f6b95d5aa535abd131b3 362133 net optional 
shorewall6_4.4.21.orig.tar.gz
 08ab4c4717ca3440e46f3072f399df90 34258 net optional 
shorewall6_4.4.21-1.debian.tar.gz
 3c2c92d35d0cc8590384704af81d52c5 408054 net optional 
shorewall6_4.4.21-1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJOGmldAAoJECzXeF7dp7IPb/QP/AjiSogNkYki9JYzuSnGPKdK
m2hrMiRZqX83ksdlx9LOiJMUgnrnuV98aGcYXmMSTdEsvy9m7myKLmHJt7bRlrlP
dgJTPTsxZYEDon4LMCGzDwY7+cZB5x7qlhac2lIN3GeBz1yNQ7Ltizw519YoSnWE
U688zDHuOXtjvJ8bm3EExuHn7L4TzIPpzriUrALiaJA2HJahgYbWV7wRw+667HWr
5EVnHukWimIxBqprSTsq2gfh3Ng3rPVwUZrx7mQl0pJj5wUMpfjG5OYsPiOp/nnA
OyVNDX5ppDcAKSEK8GFjDE1DDx0RSzSJuif8YMFnLDzgtQpVO+affuRYSo8XFUT4
/p1ZQRalunzZhzNBQxCTilHyA43r/RTMTaiR/pHwvio6PhVQurhYwz1GHJ9DEp0R
crdsHMBvcoYPtJuAdGnmwK0eEyTMaqC+6l6luLCXKhKuU4KrSFgr5OkjBt4J55O4
dIQv8QciT/e/1CXw0SoGt+cxn6k81F2yIA7GWMkIA6kdpNWP3EJ51YkaJ4ZR6mgC
8XFgxJOohJ1kqRohoyhi/yrMgkKDzyNXkMwyAZSSq9oeYDIuzyfdW8WJBf+9sKIw
7MwBbEAS2bHXV5fzjoRLtlv9vadeU1Tqh0AAPIRwIlhoX7TtqNvtOwo6WEEJeLHg
N1586jgKeQWuVoeHRURv
=/AYg
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to