Your message dated Sat, 21 Mar 2009 22:32:03 +0000
with message-id <e1ll9jx-0001es...@ries.debian.org>
and subject line Bug#520435: fixed in bastille 1:3.0.9-9
has caused the Debian Bug report #520435,
regarding bastille: undefined subroutine &Bastille::API::ActionLog
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
520435: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=520435
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: bastille
Version: 1:3.0.9-8
Severity: grave
Justification: renders package unusable
InteractiveBastille crashes silently after the last screen, where the
contributors are displayed. bastille -b gives the following error message:
NOTE: Bastille is now locking down your system in accordance with your
answers in the "config" file. Please be patient as some modules
may take a number of minutes, depending on the speed of your
machine.
NOTE: Executing Firewall Specific Configuration
Undefined subroutine &Bastille::API::ActionLog called at
/usr/lib/Bastille/Debian_API.pm line 37.
Compilation failed in require at /usr/sbin/BastilleBackEnd line 133.
As far as I can see, ActionLog really isn't defined anywhere.
I upgraded bastille to the squeeze version because of bug #510884. Could this
be a dependency problem?
Here's /etc/Bastille/config:
# Q: Would you like to enforce password aging? [Y]
AccountSecurity.passwdage="N"
# Q: Should Bastille disable clear-text r-protocols that use IP-based
authentication? [Y]
AccountSecurity.protectrhost="Y"
# Q: Should we disallow root login on tty's 1-6? [N]
AccountSecurity.rootttylogins="N"
# Q: Would you like to deactivate the Apache web server? [Y]
Apache.apacheoff="Y"
# Q: Would you like to bind the Web server to listen only to the localhost? [N]
Apache.bindapachelocal="Y"
# Q: Would you like to password-protect the GRUB prompt? [N]
BootSecurity.protectgrub="N"
# Q: Would you like to disable CTRL-ALT-DELETE rebooting? [N]
BootSecurity.secureinittab="N"
# Q: Should we restrict console access to a small group of user accounts? [N]
ConfigureMiscPAM.consolelogin="N"
# Q: Would you like to put limits on system resource usage? [N]
ConfigureMiscPAM.limitsconf="Y"
# Q: Would you like to set more restrictive permissions on the administration
utilities? [N]
FilePermissions.generalperms_1_1="Y"
# Q: Would you like to disable SUID status for mount/umount?
FilePermissions.suidmount="N"
# Q: Would you like to disable SUID status for ping? [Y]
FilePermissions.suidping="N"
# Q: Would you like to disable SUID status for printing utilities? [N]
FilePermissions.suidprint="N"
# Q: Do you need the advanced networking options?
Firewall.ip_advnetwork="Y"
# Q: Should Bastille run the firewall and enable it at boot time? [N]
Firewall.ip_enable_firewall="Y"
# Q: Would you like to run the packet filtering script? [N]
Firewall.ip_intro="Y"
# Q: Interfaces for DHCP queries: [ ]
Firewall.ip_s_dhcpiface=" "
# Q: DNS servers: [0.0.0.0/0]
Firewall.ip_s_dns="0.0.0.0/0"
# Q: ICMP allowed types: [destination-unreachable echo-reply time-exceeded]
Firewall.ip_s_icmpallowed="destination-unreachable echo-reply time-exceeded
echo.request"
# Q: ICMP services to audit: [ ]
Firewall.ip_s_icmpaudit=" "
# Q: ICMP types to disallow outbound: [destination-unreachable time-exceeded]
Firewall.ip_s_icmpout="destination-unreachable time-exceeded"
# Q: Internal interfaces: [ ]
Firewall.ip_s_internaliface="eth0"
# Q: TCP service names or port numbers to allow on private interfaces: [ ]
Firewall.ip_s_internaltcp="ssh"
# Q: UDP service names or port numbers to allow on private interfaces: [ ]
Firewall.ip_s_internaludp="ntp"
# Q: Masqueraded networks: [ ]
Firewall.ip_s_ipmasq="192.168.1.0/24"
# Q: Kernel modules to masquerade: [ftp raudio vdolive]
Firewall.ip_s_kernelmasq="ftp"
# Q: NTP servers to query: [ ]
Firewall.ip_s_ntpsrv=" "
# Q: Force passive mode? [N]
Firewall.ip_s_passiveftp="Y"
# Q: Public interfaces: [eth+ ppp+ slip+]
Firewall.ip_s_publiciface="wlan+ ra+ ppp+ slip+"
# Q: TCP service names or port numbers to allow on public interfaces:[ ]
Firewall.ip_s_publictcp="ssh gnutella-svc"
# Q: UDP service names or port numbers to allow on public interfaces:[ ]
Firewall.ip_s_publicudp=" "
# Q: Reject method: [DENY]
Firewall.ip_s_rejectmethod="DENY"
# Q: Enable source address verification? [Y]
Firewall.ip_s_srcaddr="Y"
# Q: TCP services to audit: [telnet ftp imap pop3 finger sunrpc exec login
linuxconf ssh]
Firewall.ip_s_tcpaudit="telnet ftp imap pop3 finger sunrpc exec login linuxconf
ssh"
# Q: TCP services to block: [2049 2065:2090 6000:6020 7100]
Firewall.ip_s_tcpblock="2049 2065:2090 6000:6020 7100"
# Q: Trusted interface names: [lo]
Firewall.ip_s_trustiface="lo"
# Q: UDP services to audit: [31337]
Firewall.ip_s_udpaudit="31337"
# Q: UDP services to block: [2049 6770]
Firewall.ip_s_udpblock="2049 6770"
# Q: Would you like to set up process accounting? [N]
Logging.pacct="N"
# Q: Would you like to disable acpid and/or apmd? [Y]
MiscellaneousDaemons.apmd="N"
# Q: Would you like to disable GPM? [Y]
MiscellaneousDaemons.gpm="N"
# Q: Would you like to deactivate NFS and Samba? [Y]
MiscellaneousDaemons.remotefs="Y"
# Q: Alert on all new packets?
PSAD.psad_alert_all="Y"
# Q: psad check interval: [15]
PSAD.psad_check_interval="15"
# Q: Would you like to setup psad?
PSAD.psad_config="Y"
# Q: Danger Levels: [5 50 1000 5000 10000]
PSAD.psad_danger_levels="5 50 1000 5000 10000"
# Q: Email addresses: [r...@localhost]
PSAD.psad_email_alert_addresses="r...@localhost"
# Q: Email alert danger level: [1]
PSAD.psad_email_alert_danger_level="2"
# Q: Should Bastille enable psad at boot time? [N]
PSAD.psad_enable_at_boot="Y"
# Q: Enable automatic blocking of scanning IPs?
PSAD.psad_enable_auto_ids="N"
# Q: Enable scan persistence?
PSAD.psad_enable_persistence="N"
# Q: Port range scan threshold: [1]
PSAD.psad_port_range_scan_threshold="2"
# Q: Scan timeout: [3600]
PSAD.psad_scan_timeout="3600"
# Q: Show all scan signatures?
PSAD.psad_show_all_signatures="N"
# Q: Would you like to disable printing? [N]
Printing.printing="Y"
# Q: Would you like to disable printing? [N]
Printing.printing_cups="N"
# Q: Would you like to display "Authorized Use" messages at log-in time? [Y]
SecureInetd.banners="N"
# Q: Should Bastille ensure inetd's FTP service does not run on this system?
[y]
SecureInetd.deactivate_ftp="Y"
# Q: Should Bastille ensure the telnet service does not run on this system? [y]
SecureInetd.deactivate_telnet="Y"
# Q: Do you want to stop sendmail from running in daemon mode? [Y]
Sendmail.sendmaildaemon="Y"
# Q: Would you like to install TMPDIR/TMP scripts? [N]
TMPDIR.tmpdir="N"
-- System Information:
Debian Release: 5.0
APT prefers stable
APT policy: (990, 'stable'), (500, 'oldstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: lang=de...@utf-8, lc_ctype=de...@utf-8 (charmap=UTF-8) (ignored: LC_ALL
set to de_DE.UTF-8)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
Source: bastille
Source-Version: 1:3.0.9-9
We believe that the bug you reported is fixed in the latest version of
bastille, which is due to be installed in the Debian FTP archive:
bastille_3.0.9-9.diff.gz
to pool/main/b/bastille/bastille_3.0.9-9.diff.gz
bastille_3.0.9-9.dsc
to pool/main/b/bastille/bastille_3.0.9-9.dsc
bastille_3.0.9-9_all.deb
to pool/main/b/bastille/bastille_3.0.9-9_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 520...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <j...@debian.org> (supplier of updated bastille
package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Sat, 21 Mar 2009 23:25:46 +0100
Source: bastille
Binary: bastille
Architecture: source all
Version: 1:3.0.9-9
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <j...@debian.org>
Changed-By: Javier Fernandez-Sanguino Pen~a <j...@debian.org>
Description:
bastille - Security hardening tool
Closes: 520435
Changes:
bastille (1:3.0.9-9) unstable; urgency=low
.
* Fix Bastille/Debian.pm: replace calls to ActionLog with B_log (Closes:
#520435)
Checksums-Sha1:
86a46876765a4ce0afc1b16b61a853f82fef8eb6 1000 bastille_3.0.9-9.dsc
83460571f79e2a67a75635e7ad1cc5a77134c509 38117 bastille_3.0.9-9.diff.gz
15b672beaef6e2d936aa9317b0f691da3fdb6d0f 466848 bastille_3.0.9-9_all.deb
Checksums-Sha256:
f86ff899108f57851b30b3484af50db37943d76195f1f8cc1fc133cec16e2bd7 1000
bastille_3.0.9-9.dsc
e11d691cd788fde42f86fb68ea148b34a764dc41b9b78586850b54fccfd5399a 38117
bastille_3.0.9-9.diff.gz
c898abb1934f1c4b7f1578d66f3fc19098655d6a77924c16c2764a5ad95ef3dc 466848
bastille_3.0.9-9_all.deb
Files:
e53521486cda36e2cb89307e1147fcbb 1000 admin optional bastille_3.0.9-9.dsc
25733a970550144e3e04d4e13bb7db14 38117 admin optional bastille_3.0.9-9.diff.gz
eb50ce3aeb184b5aefcf4e28dab0c01b 466848 admin optional bastille_3.0.9-9_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFJxWmmsandgtyBSwkRAg3SAJ0Qqc6hR2G6eMd2Tg6TsoZSPAyZPgCeIdSj
Joja2TuZO4Yr8xsrEGv90FU=
=EHQc
-----END PGP SIGNATURE-----
--- End Message ---
