Bug#837944: ocserv should use standalone systemd config to avoid hardcode port

Thu, 15 Sep 2016 11:39:25 -0700 

Package: ocserv
Version: 0.11.4-1+b1
Severity: important

Dear Maintainer,

*** Reporter, please consider answering these questions, where appropriate ***

   * What led up to the situation?
   * What exactly did you do (or not do) that was effective (or
     ineffective)?
   * What was the outcome of this action?
   * What outcome did you expect instead?

*** End of the template - remove these template lines ***

The currect packed ocserv uses socket-activated systemd config[1] from
upstream.

These config hardcoded the port number (443), ignoring the port number
configured in /etc/ocserv/ocserv.conf, and will be overwritten every
time the package upgrades. So if the user manually changed the port
number, and have another service occupied port 443, upgrade will fail.

Upstream also provided another systemd config, standalone[2], which
doesn't have this problem and will honor the port defined in
/etc/ocserv/ocserv.conf

I think this package should use the standalone version of systemd config
instead.

[1] https://github.com/mtmiller/ocserv/tree/master/doc/systemd/socket-activated
[2] https://github.com/mtmiller/ocserv/tree/master/doc/systemd/standalone


-- System Information:
Debian Release: stretch/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.7.0-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ocserv depends on:
ii  dbus                 1.10.10-1
ii  init-system-helpers  1.44
ii  libc6                2.24-2
ii  libev4               1:4.22-1
ii  libgnutls30          3.5.4-2
ii  libgssapi-krb5-2     1.14.3+dfsg-2
ii  libhttp-parser2.1    2.1-2
ii  liblz4-1             0.0~r131-2
ii  libnettle6           3.2-1
ii  libnl-3-200          3.2.27-1
ii  libnl-route-3-200    3.2.27-1
ii  liboath0             2.6.1-1
ii  libopts25            1:5.18.10-4
ii  libpam0g             1.1.8-3.3
ii  libpcl1              1.6-1
ii  libprotobuf-c1       1.2.1-1+b1
ii  libradcli4           1.2.6-3
ii  libreadline6         6.3-8+b4
ii  libseccomp2          2.3.1-2
ii  libsystemd0          231-6
ii  libtalloc2           2.1.7-1
ii  libtasn1-6           4.9-4
ii  libwrap0             7.6.q-25
ii  ssl-cert             1.0.38

Versions of packages ocserv recommends:
ii  ca-certificates  20160104

ocserv suggests no packages.

-- Configuration Files:
/etc/ocserv/ocserv.conf changed [not included]

-- no debconf information

Reply via email to