Package: tinc
Version: 1.1~pre12-1
Severity: serious
Justification: Policy 10.4
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
The if-pre-up script fails hard when executing with dash or mksh as
/bin/sh because the following line yields a failure exit status:
[ -z "$IF_TINC_NET" ] && exit 0
dash and mksh (correctly) fail due to set -e after sourcing
/etc/default/tinc, i.e. the next time $? is checked.
bash does not fail (which might be a serious bug in bash).
The bug can be fixed by turning the check around:
[ -n "$IF_TINC_NET" ] || exit 0
- -- System Information:
Debian Release: stretch/sid
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.6.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages tinc depends on:
ii libc6 2.23-4
ii liblzo2-2 2.08-1.2
ii libncurses5 6.0+20160625-1
ii libreadline6 6.3-8+b4
ii libssl1.0.2 1.0.2h-1
ii libtinfo5 6.0+20160625-1
ii zlib1g 1:1.2.8.dfsg-2+b1
tinc recommends no packages.
tinc suggests no packages.
- -- Configuration Files:
/etc/network/if-pre-up.d/tinc changed:
set -e
[ -n "$IF_TINC_NET" ] || exit 0
. /etc/default/tinc
setlimits() {
while [ $# -gt 0 ]; do
parm=$1 ; shift
if [ -n "$1" -a "${1#-}" = "$1" ]; then
value=$1 ; shift
ulimit $parm $value
else
ulimit $parm
fi
done
}
test -n "$LIMITS" && setlimits $LIMITS
[ -n "$IF_TINC_CONFIG" ] && EXTRA="$EXTRA -c $IF_TINC_CONFIG"
[ -n "$IF_TINC_DEBUG" ] && EXTRA="$EXTRA -d$IF_TINC_DEBUG"
[ -n "$IF_TINC_MLOCK" ] && EXTRA="$EXTRA --mlock"
[ -n "$IF_TINC_LOGFILE" ] && EXTRA="$EXTRA --logfile=$IF_TINC_LOGFILE"
[ -n "$IF_TINC_CHROOT" ] && EXTRA="$EXTRA --chroot"
[ -n "$IF_TINC_USER" ] && EXTRA="$EXTRA --user=$IF_TINC_USER"
/usr/sbin/tincd -n "$IF_TINC_NET" -o "Interface=$IFACE" $EXTRA
sleep 0.1
i=0;
while [ ! -f "/var/run/tinc.$IF_TINC_NET.pid" ] ; do
if [ $i = '30' ] ; then
echo 'Failed to start tinc daemon!'
exit 1
fi
sleep 0.1
i=$(($i+1))
done
exit 0
- -- no debconf information
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJOBAEBCAA4BQJXmmqMMRpodHRwczovL3d3dy5kb21pbmlrLWdlb3JnZS5kZS9n
cGctcG9saWN5LnR4dC5hc2MACgkQt5o8FqDE8patdg//cA65CM7CrBL6WIqlujzC
p18EantS8xJUMzB1mZsoBZWZSHuhCnlgtmQxki3rXTV1m8yQ7xCBktZ7zJBwWXeH
aLN6TH4ESEsSCkpzONXHx7NGB6Lp/0j0WJJIeG3hPWkaGZ/MPr9D2WQWk1LQP1mq
3H7Pp3GK2uhxDbH8wJvIOKMEI+JPrZOGaj69JzN8snu0nYCry+OLJ3KK5jeAd1qh
sqHcb2TpsINa0u94p8tuqmgvKEE4f1r5iApu4+ArnFbonNNOMLitlAPAwk7NwcBh
K8juWa96NhxTZzUwiCmWSKJebQAXjT4TsC88Pztry/hUqVad6lU3PDFqtpHwhrYS
MfkvqThZo7fIAFXQxcEFWVICt81+SGyeO0Si/EQ3SgCdUSGMrvk8Bwc4lRXh/Q3R
vn3m+wSt3U0Ycvao5g8bJ3J16782dPdp8QoKhk6jk9kFUzGJvnX1EB0AKAQRsIny
x3Jj2aZbozhUen6PuEGBfkTc80InOl4erMnt43coiMzCEtmA+GLyoromFHFaSVju
hCeWJ48109Ll4ZuIEYFkTaPPCZTXywWArrGTC9ct3nkIvbKUC4Wb1gg24Tvrqbb1
Da1ZtLpy9u02Mh1B9oHWECY5i7WPWXQ4LQF0rPmeovKUHTN8pWnghQlEvQjEp7oV
IAEa7HUyjx5fgf+fVPe+4nI=
=MKxs
-----END PGP SIGNATURE-----
