Package: portmap Version: 5-9 Severity: normal Tags: patch I really don't understand why the debconf 'medium' note was removed from portmap. The default installation of any Debian system leaves the portmap service installed by default when it is actually needed (in most cases) for FAM. Most system administrators and developers of derived distributions would probably appreciate the ability to have portmap listening to localhost only and the removal of the debconf note prevents this from happening.
Without a debconf note there is no way they can preseed this information in the debian-installer or even, have base-config pre-configure this if the user selects a 'Desktop task' and no other packages. Please reinstate both the debconf note and all the translations. If users have an issue with this option, then set the default to 'do anything, keep listening to every address' and that will prevent #280026, #280128, or #280553 from coming back. Atached is a patch that fixes this issue by introducing a 'boolean' debconf question (default => listen only to the loopback interface, false => listen to all interfaces). I've readded the po translations available (although they are fuzzy and the translators should be asked to review them) and updated the spanish translation myself. The default setting is 'false' for backwards-compatibility. I've tested the patch through configuration and reconfiguration and it works fine. Building some more intelligence into the script (like looking for the current status of the RPC services through rpcinfo and setting the answer to true or false based on the status) could be implemented in the long run. But for the moment I believe this would suffice. Please add this to the package, if you do you can probably also close (or downgrade) bug #286301. Notice that this is not the same bug (as the user is asking for the default behaviour I implemented to be 'true'). However, as I said, improving the config script it could probably be possible to fix that one too. Regards Javier
diff -Nru portmap-5/debian/changelog portmap-5.debconf/debian/changelog --- portmap-5/debian/changelog 2005-03-23 22:33:38.000000000 +0100 +++ portmap-5.debconf/debian/changelog 2005-03-23 22:33:20.000000000 +0100 @@ -1,3 +1,12 @@ +portmap (5-10) unstable; urgency=low + + * Re-added the debconf configuration, although the default for this is now + to have portamp listening in all interfaces. The debconf setting + allows system administrators, base-config and cdd developers to preseed + this value to 'true' (link only to the loopback interface) if needed. + + -- Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Wed, 23 Mar 2005 22:23:28 +0100 + portmap (5-9) unstable; urgency=high * The following patch was applied to portmap.c: diff -Nru portmap-5/debian/config portmap-5.debconf/debian/config --- portmap-5/debian/config 1970-01-01 01:00:00.000000000 +0100 +++ portmap-5.debconf/debian/config 2005-03-23 23:05:26.000000000 +0100 @@ -0,0 +1,19 @@ +#!/bin/sh -e +# config script for portmap + +action=$1 +version=$2 + +# Source debconf library. +. /usr/share/debconf/confmodule + +if [ "$action" = "configure" ] || [ "$action" = "reconfigure" ]; then + db_input medium portmap/loopback || true + db_go || true +fi + +db_go + +#DEBHELPER# + +exit 0 diff -Nru portmap-5/debian/default portmap-5.debconf/debian/default --- portmap-5/debian/default 2005-03-23 22:33:38.000000000 +0100 +++ portmap-5.debconf/debian/default 2005-03-23 22:23:05.000000000 +0100 @@ -1,2 +1,11 @@ +# Portmap default file +# Note: if you manually edit it, portmap configuration +# scripts will avoid modifying it if running +# 'dpkg-reconfigure portmap' + # By default listen on all interfaces +# If you want it to listen only on the loopback interface +# uncomment the following line (it will be uncommented +# automatically if you configure this through debconf) #OPTIONS="-i 127.0.0.1" + diff -Nru portmap-5/debian/po/es.po portmap-5.debconf/debian/po/es.po --- portmap-5/debian/po/es.po 1970-01-01 01:00:00.000000000 +0100 +++ portmap-5.debconf/debian/po/es.po 2005-03-23 22:30:26.000000000 +0100 @@ -0,0 +1,81 @@ +# +# portmap debconf translation to Spanish +# Copyright (C) 2005 Software in the Public Interest +# This file is distributed under the same license as the portmap package. +# +# Changes: +# - Initial translation +# Anibal Monsalve Salazar <[EMAIL PROTECTED]> +# - Revision: +# Jose Carlos Garcia Sogo <[EMAIL PROTECTED]>, 2004 +# Javier Fernandez-Sanguino Pe�a <[EMAIL PROTECTED]>, 2005 +# +# +# Traductores, si no conoce el formato PO, merece la pena leer la +# documentaci�n de gettext, especialmente las secciones dedicadas a este +# formato, por ejemplo ejecutando: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Equipo de traducci�n al espa�ol, por favor, lean antes de traducir +# los siguientes documentos: +# +# - El proyecto de traducci�n de Debian al espa�ol +# http://www.debian.org/intl/spanish/coordinacion +# especialmente las notas de traducci�n en +# http://www.debian.org/intl/spanish/notas +# +# - La gu�a de traducci�n de po's de debconf: +# /usr/share/doc/po-debconf/README-trans +# o http://www.debian.org/intl/l10n/po-debconf/README-trans +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2005-03-23 22:30+0100\n" +"Last-Translator: Javier Fernandez-Sanguino Pea <[EMAIL PROTECTED]>\n" +"Language-Team: Debian Spanish <[email protected]>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=UTF-8\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "DeberÃa «portmap» enlazarse a la dirección de la interfaz de red local?" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "La configuración por omisión de «portmap» hace que este escuche en todas las direcciones IP disponibles. Sin embargo, si no está utilizando servicios RPC para conectarse a servidores remotos (como NFS o NIS) puede enlazar éste a la dirección de IP local 127.0.0.1." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RCP services." +msgstr "Esto permitirá que los servicios RPC locales (como FAM) funcionen correctamente mientras que impedirá que otros sistemas remotos accedan a sus servicios RPC." + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "Puede cambiar esta configuración editando la lÃnea OPTIONS en «/etc/default/portmap». Si no se especifica la opción -i, el programa se enlazará a todas las interfaces de red disponibles." + +#~ msgid "" +#~ "This portmap version binds to the loopback IP address 127.0.0.1 by " +#~ "default." +#~ msgstr "" +#~ "Esta versión de portmap se enlaza por defecto a la dirección IP 127.0.0.1 " +#~ "de la interfaz de red local." diff -Nru portmap-5/debian/po/ja.po portmap-5.debconf/debian/po/ja.po --- portmap-5/debian/po/ja.po 1970-01-01 01:00:00.000000000 +0100 +++ portmap-5.debconf/debian/po/ja.po 2005-03-23 22:28:32.000000000 +0100 @@ -0,0 +1,68 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2004-11-10 16:14+0900\n" +"Last-Translator: Kenshi Muto <[EMAIL PROTECTED]>\n" +"Language-Team: Japanese <[email protected]>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=EUC-JP\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +#, fuzzy +msgid "Should portmap be bound to the loopback address?" +msgstr "portmap �ϥǥե���Ȥǥ롼�ץХå����ɥ쥹��Х���ɤ��ޤ�" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RCP services." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +#, fuzzy +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"���Υǥե����������ѹ��������Ȥ��ˤϡ�/etc/default/portmap �ե������ " +"OPTIONS �Ԥ��Խ����Ƥ���������ñ�� -i ���ץ�������ꤷ�ʤ��褦�ˤ���ȡ���" +"�٤ƤΥ��󥿡��ե�������Х���ɤ���褦�ˤʤ�ޤ���" + +#~ msgid "" +#~ "This portmap version binds to the loopback IP address 127.0.0.1 by " +#~ "default." +#~ msgstr "" +#~ "���� portmap �ϡ��ǥե���Ȥǥ롼�ץХå� IP ���ɥ쥹 127.0.0.1 ������" +#~ "���ޤ���" diff -Nru portmap-5/debian/po/POTFILES.in portmap-5.debconf/debian/po/POTFILES.in --- portmap-5/debian/po/POTFILES.in 1970-01-01 01:00:00.000000000 +0100 +++ portmap-5.debconf/debian/po/POTFILES.in 2004-11-10 13:07:04.000000000 +0100 @@ -0,0 +1 @@ +[type: gettext/rfc822deb] templates diff -Nru portmap-5/debian/po/pt_BR.po portmap-5.debconf/debian/po/pt_BR.po --- portmap-5/debian/po/pt_BR.po 1970-01-01 01:00:00.000000000 +0100 +++ portmap-5.debconf/debian/po/pt_BR.po 2005-03-23 22:28:32.000000000 +0100 @@ -0,0 +1,68 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +msgid "" +msgstr "" +"Project-Id-Version: portmap\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: 2004-11-08 21:24-0300\n" +"Last-Translator: Andr� Lu�s Lopes <[EMAIL PROTECTED]>\n" +"Language-Team: Debian-BR Project <[email protected]>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=ISO-8859-1\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +#, fuzzy +msgid "Should portmap be bound to the loopback address?" +msgstr "O portmap ouve no endere�o de loopback por padr�o" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RCP services." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +#, fuzzy +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" +"Caso voc� queira mudar essa configura��o padr�o, edite a linha OPTIONS no " +"arquivo /etc/default/portmap. Caso voc� apenas n�o especifique a op��o -i o " +"portmap ir� ouvir em todas as interfaces de rede." + +#~ msgid "" +#~ "This portmap version binds to the loopback IP address 127.0.0.1 by " +#~ "default." +#~ msgstr "" +#~ "Esta vers�o do portmap ouve no endere�o IP de loopback 127.0.0.1 por " +#~ "padr�o." diff -Nru portmap-5/debian/po/templates.pot portmap-5.debconf/debian/po/templates.pot --- portmap-5/debian/po/templates.pot 1970-01-01 01:00:00.000000000 +0100 +++ portmap-5.debconf/debian/po/templates.pot 2005-03-23 22:28:32.000000000 +0100 @@ -0,0 +1,57 @@ +# +# Translators, if you are not familiar with the PO format, gettext +# documentation is worth reading, especially sections dedicated to +# this format, e.g. by running: +# info -n '(gettext)PO Files' +# info -n '(gettext)Header Entry' +# +# Some information specific to po-debconf are available at +# /usr/share/doc/po-debconf/README-trans +# or http://www.debian.org/intl/l10n/po-debconf/README-trans +# +# Developers do not need to manually edit POT or PO files. +# +#, fuzzy +msgid "" +msgstr "" +"Project-Id-Version: PACKAGE VERSION\n" +"Report-Msgid-Bugs-To: \n" +"POT-Creation-Date: 2005-03-23 22:28+0100\n" +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" +"Last-Translator: FULL NAME <[EMAIL PROTECTED]>\n" +"Language-Team: LANGUAGE <[EMAIL PROTECTED]>\n" +"MIME-Version: 1.0\n" +"Content-Type: text/plain; charset=CHARSET\n" +"Content-Transfer-Encoding: 8bit\n" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "Should portmap be bound to the loopback address?" +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"Portmap by default listens to all IP addresses. However, if you are not " +"using RPC services that connect to remote servers (like NFS or NIS) you can " +"safely bind it to the loopback IP address 127.0.0.1." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"This will allow RPC local services (like FAM) to work properly while " +"preventing remote systems from accessing your RCP services." +msgstr "" + +#. Type: boolean +#. Description +#: ../templates:4 +msgid "" +"You can change this configuration also by editing the OPTIONS line in the /" +"etc/default/portmap file. If you just don't specify the -i option it will " +"bind to all interfaces." +msgstr "" diff -Nru portmap-5/debian/postinst portmap-5.debconf/debian/postinst --- portmap-5/debian/postinst 2005-03-23 22:33:38.000000000 +0100 +++ portmap-5.debconf/debian/postinst 2005-03-23 23:22:23.000000000 +0100 @@ -1,13 +1,63 @@ #!/bin/sh - set -e if [ "$1" = "configure" ] && [ -n "$2" ] && dpkg --compare-versions "$2" lt 5-3; then - err=$(update-rc.d -f portmap remove 2>&1 > /dev/null) || { - echo "$err" >&2 - exit 1 - } + err=$(update-rc.d -f portmap remove 2>&1 > /dev/null) || { + echo "$err" >&2 + exit 1 + } fi +# Start configuration +if [ "$1" = configure ] || [ "$1" = reconfigure ] ; then + . /usr/share/debconf/confmodule + + db_get portmap/loopback + CONFFILE=/etc/default/portmap + + portmap_changed=0 + + if [ "$RET" = true ]; then + if ! grep ^OPTIONS $CONFFILE >/dev/null 2>&1 ; then + cat $CONFFILE | + sed -e 's/^#OPTIONS="-i 127.0.0.1"/OPTIONS="-i 127.0.0.1"/' >$CONFFILE.new + set +e + diff $CONFFILE $CONFFILE.new >/dev/null 2>&1 + portmap_changed=$? + set -e + mv $CONFFILE.new $CONFFILE + else + if ! grep "^OPTIONS=\"-i 127.0.0.1\"" $CONFFILE >/dev/null 2>&1 ; then + echo "Portmap options have already been configured in $CONFFILE" + echo "This script will not modify it, please edit this file manually." + fi + fi + fi + if [ "$RET" = false ]; then +# Just reverse the change above in case a user wants to go from 'true' +# to 'false' at some point. + if grep ^OPTIONS $CONFFILE >/dev/null 2>&1 ; then + cat $CONFFILE | + sed -e 's/^OPTIONS="-i 127.0.0.1"/#OPTIONS="-i 127.0.0.1"/' >$CONFFILE.new + set +e + diff $CONFFILE $CONFFILE.new >/dev/null 2>&1 + portmap_changed=$? + set -e + mv $CONFFILE.new $CONFFILE + fi + fi + +#if [ "$portmap_changed" -eq 1 ] ; then +# Do something is settings changed? We might want to +# check which RCP services are out there and restart them too... +#fi + + db_stop +fi +# End of configuration + #DEBHELPER# + +exit 0 + diff -Nru portmap-5/debian/templates portmap-5.debconf/debian/templates --- portmap-5/debian/templates 1970-01-01 01:00:00.000000000 +0100 +++ portmap-5.debconf/debian/templates 2005-03-23 22:28:30.000000000 +0100 @@ -0,0 +1,14 @@ +Template: portmap/loopback +Type: boolean +Default: false +_Description: Should portmap be bound to the loopback address? + Portmap by default listens to all IP addresses. However, if you are + not using RPC services that connect to remote servers (like NFS or NIS) + you can safely bind it to the loopback IP address 127.0.0.1. + . + This will allow RPC local services (like FAM) to work properly while + preventing remote systems from accessing your RCP services. + . + You can change this configuration also by editing the OPTIONS + line in the /etc/default/portmap file. If you just don't specify + the -i option it will bind to all interfaces.
signature.asc
Description: Digital signature
