Package: tripwire Version: 2.3.1.2.0-3 Severity: normal Upgrading tripwire on my Sarge box failed. I traced the postinst script, which fails at this stage:
+ echo 'Generating site key (this may take several minutes)...' Generating site key (this may take several minutes)... + echo ************** + sleep 2 + /usr/sbin/twadmin -m G -S '' + echo ************** This is because the variable $SITEKEYFILE is used, but it was never defined. The same applies to the $LOCALKEYFILE variable, later in the script. If I define both variables at the begin of /var/lib/dpkg/info/tripwire.postinst, the upgrade works well: SITEKEYFILE=/etc/tripwire/site.key LOCALKEYFILE=/etc/tripwire/$(hostname)-local.key Another question: are the passwords stored into the debconf database? If yes, how much secure are them? -- System Information: Debian Release: 3.1 APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages tripwire depends on: ii debconf 1.4.30.11 Debian configuration management sy ii exim4 4.44-2 metapackage to ease exim MTA (v4) ii exim4-daemon-light [mail-tr 4.44-2 lightweight exim MTA (v4) daemon ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libgcc1 1:3.4.3-6 GCC support library ii libstdc++5 1:3.3.5-8 The GNU Standard C++ Library v3 -- debconf information: * tripwire/local-passphrase: (password omitted) * tripwire/site-passphrase: (password omitted) * tripwire/local-passphrase-again: (password omitted) * tripwire/site-passphrase-again: (password omitted) * tripwire/rebuild-config: true tripwire/email-report: tripwire/broken-passphrase: * tripwire/installed: tripwire/site-passphrase-incorrect: false * tripwire/use-localkey: true tripwire/change-in-default-policy: * tripwire/use-sitekey: true tripwire/upgrade: true * tripwire/rebuild-policy: true tripwire/local-passphrase-incorrect: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
