Bug#611661: Bundled plugins using Xinha allow malicious file uploads
On 13-May-12 21:25, Moritz Mühlenhoff wrote: On Sun, May 13, 2012 at 06:04:03PM +0100, Steve McIntyre wrote: On Tue, Mar 08, 2011 at 10:37:13PM +0100, Moritz Muehlenhoff wrote: Looking at other bugs and security tracker issues in serendipity, I'd be tempted to remove it from Debian anyway... I suggested the same some time ago and Thijs (added to CC) said that removing it from testing would be the first step (which we did back then). Thijs, what's your take on dropping s9y for Wheezy? Cheers, Moritz Hi, #611661 has been pending upload for a while. Yeah, maybe I should've pinged Thijs sooner. I am committing a fix for #650937 now. I'm currently trying to find out what to do to fix the latest one. BFN -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#616530: samba: aptitude safe-upgrade post-installation script error
Package: samba Version: 2:3.2.5-4lenny14 Severity: important Here's the output of aptitude safe-upgrade Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initializing package states... Done Reading task descriptions... Done The following packages will be upgraded: libapache2-svn libavahi-client3 libavahi-common-data libavahi-common3 libavahi-glib1 libcups2 libcupsimage2 libsmbclient libsvn1 libwbclient0 logwatch samba samba-common smbclient smbfs subversion 16 packages upgraded, 0 newly installed, 0 to remove and 1 not upgraded. Need to get 0B/19.6MB of archives. After unpacking 264kB will be freed. Do you want to continue? [Y/n/?] Writing extended state information... Done Reading changelogs... Preconfiguring packages ... (Reading database ... 145224 files and directories currently installed.) Preparing to replace subversion 1.5.1dfsg1-5 (using .../subversion_1.5.1dfsg1-6_i386.deb) ... Unpacking replacement subversion ... Preparing to replace libsvn1 1.5.1dfsg1-5 (using .../libsvn1_1.5.1dfsg1-6_i386.deb) ... Unpacking replacement libsvn1 ... Preparing to replace libapache2-svn 1.5.1dfsg1-5 (using .../libapache2-svn_1.5.1dfsg1-6_i386.deb) ... Unpacking replacement libapache2-svn ... Preparing to replace libavahi-common-data 0.6.23-3lenny2 (using .../libavahi-common-data_0.6.23-3lenny3_i386.deb) ... Unpacking replacement libavahi-common-data ... Preparing to replace libavahi-common3 0.6.23-3lenny2 (using .../libavahi-common3_0.6.23-3lenny3_i386.deb) ... Unpacking replacement libavahi-common3 ... Preparing to replace libavahi-client3 0.6.23-3lenny2 (using .../libavahi-client3_0.6.23-3lenny3_i386.deb) ... Unpacking replacement libavahi-client3 ... Preparing to replace libavahi-glib1 0.6.23-3lenny2 (using .../libavahi-glib1_0.6.23-3lenny3_i386.deb) ... Unpacking replacement libavahi-glib1 ... Preparing to replace libcups2 1.3.8-1+lenny8 (using .../libcups2_1.3.8-1+lenny9_i386.deb) ... Unpacking replacement libcups2 ... Preparing to replace libcupsimage2 1.3.8-1+lenny8 (using .../libcupsimage2_1.3.8-1+lenny9_i386.deb) ... Unpacking replacement libcupsimage2 ... Preparing to replace libwbclient0 2:3.2.5-4lenny13 (using .../libwbclient0_2%3a3.2.5-4lenny14_i386.deb) ... Unpacking replacement libwbclient0 ... Preparing to replace libsmbclient 2:3.2.5-4lenny13 (using .../libsmbclient_2%3a3.2.5-4lenny14_i386.deb) ... Unpacking replacement libsmbclient ... Preparing to replace logwatch 7.3.6.cvs20080702-2 (using .../logwatch_7.3.6.cvs20080702-2lenny1_all.deb) ... Unpacking replacement logwatch ... Preparing to replace smbfs 2:3.2.5-4lenny13 (using .../smbfs_2%3a3.2.5-4lenny14_i386.deb) ... Unpacking replacement smbfs ... Preparing to replace smbclient 2:3.2.5-4lenny13 (using .../smbclient_2%3a3.2.5-4lenny14_i386.deb) ... Unpacking replacement smbclient ... Preparing to replace samba 2:3.2.5-4lenny13 (using .../samba_2%3a3.2.5-4lenny14_i386.deb) ... Stopping Samba daemons: nmbd smbd. Unpacking replacement samba ... Preparing to replace samba-common 2:3.2.5-4lenny13 (using .../samba-common_2%3a3.2.5-4lenny14_i386.deb) ... Unpacking replacement samba-common ... Processing triggers for man-db ... Setting up libsvn1 (1.5.1dfsg1-6) ... Setting up subversion (1.5.1dfsg1-6) ... Setting up libapache2-svn (1.5.1dfsg1-6) ... Considering dependency dav for dav_svn: Module dav already enabled Module dav_svn already enabled Setting up libavahi-common-data (0.6.23-3lenny3) ... Setting up libavahi-common3 (0.6.23-3lenny3) ... Setting up libavahi-client3 (0.6.23-3lenny3) ... Setting up libavahi-glib1 (0.6.23-3lenny3) ... Setting up libcups2 (1.3.8-1+lenny9) ... Setting up libcupsimage2 (1.3.8-1+lenny9) ... Setting up libwbclient0 (2:3.2.5-4lenny14) ... Setting up libsmbclient (2:3.2.5-4lenny14) ... Setting up logwatch (7.3.6.cvs20080702-2lenny1) ... Setting up samba-common (2:3.2.5-4lenny14) ... sed: cannot rename /etc/samba//sedIsdnbk: Operation not permitted dpkg: error processing samba-common (--configure): subprocess post-installation script returned error exit status 4 dpkg: dependency problems prevent configuration of smbfs: smbfs depends on samba-common (= 2:3.2.5-4lenny14); however: Package samba-common is not configured yet. dpkg: error processing smbfs (--configure): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of smbclient: smbclient depends on samba-common (= 2:3.2.5-4lenny14); however: Package samba-common is not configured yet. dpkg: error processing smbclient (--configure): dependency problems - leaving unconfigured dpkg: dependency problems prevent configuration of samba: samba depends on samba-common (= 2:3.2.5-4lenny14); however: Package samba-common is not configured yet. dpkg: error processing samba (--configure): dependency problems - leaving unconfigured Errors were encountered while processing: samba-common smbfs smbclient samba [ Rootkit Hunter
Bug#597373: phpbb3: fails to uninstall
retitle 597373 failed upgrade from 3.0.2 leaves package in inconsistent state thanks Do you happen to have the messages from the failed upgrade? I believe you should submit that as another bug. Now (one of?) the repercussions of that seems to be that the new release's prerm script is kept even when upgrade fails. We will investigate that. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#595594: (no subject)
tags 595594 +pending thanks Ok, our own database functions now exit even more gracefully on failure. The previous fix (586759) seemed to address a similar issue but only when dbconfig itself was failing, not the DB behind. Greets, JM For reference, here's the link to the full discussion about this matter: https://secure.a-eskwadraat.nl/archive/phpbb-l/2010-September/000736.html -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#594905: serendipity: xss security issue
Package: serendipity Version: 1.5.3-1 Severity: normal Tags: security patch http://blog.s9y.org/archives/223-Serendipity-1.5.4-released.html http://www.htbridge.ch/advisory/xss_vulnerability_in_serendipity.html -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#564556: [pkg-lighttpd] Bug#564556: Bug#564556: lighttpd still unusable by default
On 30-Aug-10 18:51, Olaf van der Spek wrote: If you want, that your new build gets uploaded to Debian by a sponsor, you have to build and check your package+changes+diff and after that upload the whole to any space with the .dsc etc. A sponsor should not be necessary, as Lighttpd has three uploaders: Krzysztof Krzyżaniak (eloy) (u), Torsten Marek (u), Pierre Habouzit (u) Oh well, uploader != uploader [0] [1] [0] http://www.debian.org/doc/debian-policy/ch-controlfields.html#s-f-Uploaders [1] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=581011 Just my 2c. Greetings, -- JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#586759: fails to install
Technically, the failure is trigged by the set -e of the maintainer script, since dbc_go fails. This is by no means a failure of the phpbb3 package, only a consequence of the failure of dbconfig-common. As far as debconf is concerned, people use db_go || true -- I have seen no such call for dbc_go, however s9y uses an if-construct to achieve the same goal, I believe. However, in this case, I wonder why dbconfig-common failed -- there should be a question if it is supposed to be used at all for that package, which probably is what the bug reporter intended to (not) do, and if properly answered with No it would not have been used and therefore not have produced any errors -- not sure how piuparts handles the part of configuring the package for test. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534462: default and all sites
On 6/7/2010 12:57 AM, Luigi Gangitano wrote: Hi J.M., unlike the 'all' directory which holds a repository of global configuration, the 'default' directory is not a special one for drupal (once you've correctly configured all the virtual hosts) and can be safely removed. This should fix your issue. That might be true, however the solution would at best be temporary: a reinstall/upgrade of the package would recreate the directory. What about including a more intelligent check (see if the default site is used) along the lines of: [ `basename $site` = default ] grep -q \$dbuser=\'\' $site/dbconfig.php 2/dev/null continue; -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#583197: Setting up phpbb3 (3.0.7-PL1-1) ...
retitle 583197 maintainer script does not correctly handle remote DB severity 583197 important tags 583197 +pending thanks Hi, thanks for trying out the new release. I have now fixed that problem in SVN. To make it work right now, you can go to /var/lib/dpkg/info/phpbb3.config and remove the set -e at the top. It's a hack but it will get you up and running again. Then run dpkg --configure --pending Greetings, JM On 5/26/2010 11:06 AM, Scott Smith wrote: Package: phpbb3 Version: 3.0.7-PL1-1 Severity: normal Setting up phpbb3 (3.0.7-PL1-1) ... ERROR 1146 (42S02) at line 1: Table 'phpbb3.phpbb_users' doesn't exist dpkg: error processing phpbb3 (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: phpbb3 I recently update phpb3 and this is the error I received after upgrade. This upgrade was applied to an already working/functional installation of phpbb3. -- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-trunk-486 Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages phpbb3 depends on: ii apache2-mpm-prefork [httpd] 2.2.15-5 Apache HTTP Server - traditional n ii dbconfig-common 1.8.46 common framework for packaging dat ii debconf [debconf-2.0] 1.5.32 Debian configuration management sy ii libapache2-mod-php5 5.3.2-1server-side, HTML-embedded scripti ii mysql-client-5.1 [mysql-clien 5.1.47-1 MySQL database client binaries ii php5 5.3.2-1server-side, HTML-embedded scripti ii php5-cli 5.3.2-1command-line interpreter for the p ii php5-gd 5.3.2-1GD module for php5 ii php5-mysql5.3.2-1MySQL module for php5 ii ucf 3.0025 Update Configuration File: preserv Versions of packages phpbb3 recommends: pn php5-imagick none (no description available) ii postfix [mail-transport-agent 2.7.0-1High-performance mail transport ag Versions of packages phpbb3 suggests: ii mysql-server 5.1.47-1 MySQL database server (metapackage ii mysql-server-5.1 [mysql-serve 5.1.47-1 MySQL database server binaries and pn phpbb3-l10n none (no description available) -- Configuration Files: /etc/phpbb3/apache.conf changed [not included] -- debconf information: phpbb3/admin-pass-ask: phpbb3/db/basepath: * phpbb3/db/app-user: phpbb3 phpbb3/admin-pass-mismatch: phpbb3/dbconfig-reinstall: false * phpbb3/db/dbname: phpbb3 phpbb3/install-error: retry phpbb3/upgrade-backup: true * phpbb3/dbconfig-install: true * phpbb3/mysql/method: tcp/ip phpbb3/remote/newhost: mysql.scott.serveftp.com phpbb3/pgsql/manualconf: phpbb3/dbconfig-remove: phpbb3/internal/reconfiguring: false phpbb3/pgsql/authmethod-user: phpbb3/upgrade-error: abort phpbb3/pgsql/authmethod-admin: ident phpbb3/pgsql/method: unix socket phpbb3/database-type: mysql * phpbb3/mysql/admin-user: root * phpbb3/remote/host: mysql.scott.serveftp.com * phpbb3/httpd: apache2 phpbb3/remove-error: abort phpbb3/admin-pass-requirements: phpbb3/dbconfig-upgrade: true phpbb3/purge: false phpbb3/missing-db-package-error: abort phpbb3/pgsql/changeconf: false phpbb3/internal/skip-preseed: false phpbb3/admin-pass-generated: phpbb3/pgsql/admin-user: postgres * phpbb3/remote/port: 3306 phpbb3/pgsql/no-empty-passwords: phpbb3/passwords-do-not-match: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#564926: ping
ping -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#565542: (no subject)
Hmm, I have no problem with this... Server: smokeping 2.3.6-3 @ Debian/Lenny Client: FF3.6.3 (Win32) Anyway, since this isn't security-related, I guess a fix for Lenny (if still reqd) will not be possible. JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#582430: /etc/cron.d/drupal6 causes mails from cron after package is removed
On 5/20/2010 8:06 PM, Richard Atterer wrote: [ -x /usr/share/drupal6/scripts/cron.sh ] /usr/share/drupal6/scripts/cron.sh if test -x /usr/share/drupal6/scripts/cron.sh; then /usr/share/drupal6/scripts/cron.sh; fi To me, these two lines look like they do exactly the same thing. Can you explain what is supposed to be the difference? Regards JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#582430: /etc/cron.d/drupal6 causes mails from cron after package is removed
Alright I'm convinced. $ [ -x bla ] echo bla $ echo $? 1 $ if test -x bla; then echo bla; fi $ echo $? 0 Never mind ^^ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#581400: new upstream release
Package: cakephp Severity: wishlist Just wanted to draw your attention to the fact that not only the 1.2.x series has been updated, but that 1.3.0 stable is out. Thx JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541740: marked as done (serendipity: please don't ship/use embedded copies of PEAR modules)
reopen 541740 tags 541740 - fixed thanks Actually, this is not yet fixed. We had made all the preparations in SVN and the new packages are on their way. The changelog was already updated, that is why this bug was closed by the upload, which did not yet contain the links to the (still unavailable) packages. Will be fixed soon. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#581011: Maintainer/Uploaders nomenclature
Package: debian-policy Version: 3.8.4.0 Severity: wishlist I was always wondering (concerning 5.6.2/5.6.3): 1) The Maintainer field can contain only ONE contributor, whereas there may be several to the package. 2) The Uploaders field can contain several people, whereas - technically - there can be only one uploader. Furthermore, having the Uploaders field is redundant anyhow, since the actual DD/DM who uploaded can be found from his/her signature. Uploaders might also just be the wrong description. Either it should be called Contributors, since it often contains the actual contributors (that's even what policy says) and - sometimes - even not the actual uploader. In addition to point 2) above, it might as well be dropped, if Maintainer was allowed to contain several people. Sometimes it simply contains a group anyhow (like the PHP people at alioth and such). Since neither the Maintainer nor Uploaders field actually needs to contain any DD/DM all this becomes even more strange. I'm not sure why all of this is that way. It just seems to have evolved that way - for whatever reasons and I'm just saying that it seems not very logical. ;-) JM PS. I don't know what the actual request here is. I'm sure nothing here can be straightened out over night. Just keep these few bits as comments in case you would be working on this anytime in the future. Also feel free to discuss ;) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#502563: cannot install language packs
The next version will again feature a special l10n package. For now, you can just install the language pack you like by extracting it manually to /usr/share/phpbb3/www/language/, if necessary. Cheers JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#579144: multisite
Package: serendipity Severity: wishlist Owner: jmr...@iip.lu Investigate multi-blog from single install setup à la http://www.s9y.org/41.html -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#578960: no longer working after purge+install
Package: dbconfig-common
Version: 1.8.46
Severity: important
When dbconfig-common is purged and reinstalled, it is no longer
working. Instead, one gets:
dbconfig-common not yet setup, deferring configuration.
I have reproduced this in a chroot environment:
debootstrap squeeze
mount -o bind /proc /local/debootstrap/squeeze-chroot/proc/
mount -o bind /dev /local/debootstrap/squeeze-chroot/dev/
schroot -c squeeze -u root
aptitude update \
aptitude install less debconf-utils dbconfig-common apache2 \
php5-cli php5-gd \
postgresql php5-pgsql phppgadmin \
mysql-server php5-mysql phpmyadmin \
sqlite php5-sqlite
aptitude install {phpbb3,serendipity,...} = no prob.
NOW:
aptitude purge dbconfig-common
aptitude install dbconfig-common
aptitude install {phpbb3,serendipity,...}
= /etc/dbconfig-common/{phpbb3,serendipity,...} = no data
(no database info is queried when dbc_go is run inside maintainer
scripts since the error mentioned above occurs)
dpkg-reconfigure {phpbb3,serendipity,...}
also doesn't show any dbconfig-common configuration dialog.
Other debconf dialogs are working alright.
Thanks and regards,
JM
PS. Actually I install s9y using dpkg -i /serendipity-1.4. since
it's only in unstable but that doesn't matter here.
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#577924: (no subject)
This ITP already exists. ;) http://bugs.debian.org/574964 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#578835: multidb/multisite support
Package: dbconfig-common Version: 1.8.39 Severity: wishlist Hi there, in order not to be forgotten I'm creating this report in BTS. I copy the description of the feature we are talking about from http://lists.alioth.debian.org/pipermail/dbconfig-common-devel/2010-March/thread.html -- a discussion that somehow stalled. By multisite I mean: many sites can use the package, because each site uses an alias to the same codebase but different databases to fuel the application. Greetings JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#576839: postgreyreport doesn't output anything
Package: postgrey Version: 1.31-3.2 Severity: normal When I do: # postgreyreport /var/log/mail.log # The result is nothing, as you see. Here are a few lines from my maillog: Apr 6 21:51:42 abc postgrey[5171]: action=pass, reason=client AWL, client_name=xxx, client_address=xxx, sender=xxx, recipient=xxx Apr 6 21:54:06 abc postgrey[5171]: action=greylist, reason=early-retry (173s missing), client_name=unknown, client_address=, sender=xxx, recipient=xxx Apr 6 21:54:06 abc postfix/smtpd[11739]: NOQUEUE: reject: RCPT from unknown[xxx]: 451 4.2.0 xxx: Recipient address rejected: Greylisted, see http://postgrey.schweikert.ch/help/xxx.html; from=xxx to=xxx proto=ESMTP helo=mail.localhost.local Apr 6 21:54:50 abc postgrey[5171]: action=greylist, reason=new, client_name=unknown, client_address=xxx, sender=xxx, recipient=xxx Regards JM -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable'), (50, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages postgrey depends on: ii adduser 3.110 add and remove users and groups ii libberkeleydb-perl 0.34-1+b1 use Berkeley DB 4 databases from P ii libnet-dns-perl 0.63-2 Perform DNS queries from a Perl sc ii libnet-server-perl 0.97-1 An extensible, general perl server ii perl 5.10.0-19lenny2 Larry Wall's Practical Extraction ii ucf 3.0016 Update Configuration File: preserv Versions of packages postgrey recommends: ii libdigest-sha1-perl 2.11-2+b1 NIST SHA-1 message digest algorith pn libnet-rblclient-perl none (no description available) ii libparse-syslog-perl 1.10-1 Perl module for parsing syslog ent ii postfix 2.5.5-1.1 High-performance mail transport ag postgrey suggests no packages. -- debconf information: postgrey/1.13-5_move-db: postgrey/1.13-5_old-config: postgrey/1.14-1_lookup-by-subnet: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#576884: websvn: Strange output in template with MultiViews
Package: websvn Version: 2.3.0-1 Severity: normal Tags: fixed-upstream In case 2.3.1 will not make it into testing please consider patching the following issue http://websvn.tigris.org/issues/show_bug.cgi?id=284 I'm not sure if the patch attached there is the actual patch though. I have unsuccessfully tried to find out in which revision of http://websvn.tigris.org/svn/websvn/trunk it was fixed. -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable'), (50, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages websvn depends on: ii apache22.2.9-10+lenny6 Apache HTTP Server metapackage ii apache2-mpm-prefor 2.2.9-10+lenny6 Apache HTTP Server - traditional n ii debconf [debconf-2 1.5.24Debian configuration management sy ii libapache2-mod-php 5.2.6.dfsg.1-1+lenny8 server-side, HTML-embedded scripti ii php-geshi 1.0.7.22-1+lenny1 Generic Syntax Highlighter ii php5 5.2.6.dfsg.1-1+lenny8 server-side, HTML-embedded scripti ii php5-cgi 5.2.6.dfsg.1-1+lenny8 server-side, HTML-embedded scripti ii po-debconf 1.0.15manage translated Debconf template ii subversion 1.5.1dfsg1-4 Advanced version control system ii ucf3.0016Update Configuration File: preserv Versions of packages websvn recommends: pn enscript none (no description available) websvn suggests no packages. -- debconf information: * websvn/configuration: true * websvn/parentpath: /local/svn * websvn/repositories: s9y * websvn/permissions: * websvn/webservers: apache2 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#575694: pending?
Why is the pending tag set? Is there a fix somewhere? :-) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#574648: Information requested
Did you also reinstall the database, i.e. remove db and user and populate the db again from scratch? On 3/25/2010 8:41 AM, Ednardo Lobo wrote: After reinstall everything seems ok. :-) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#574648: (no subject)
Can you send a dump of your current DB with which it is not working? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#574648: (no subject)
tags 574648 +unreproducible thanks I cannot reproduce that on a plain Lenny (or Squeeze) install. Can you provide a link to the phpinfo() screen? Have you made any special settings in PHP? Can you purge everything and reinstall the package and see if there are errors during installation? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541740: ITP: php-net-dnsbl -- Checks if a given Host or URL is listed on a DNSBL or SURBL
Package: wnpp Severity: wishlist Checks if a given Host or URL is listed on an DNS-based Blackhole List (DNSBL, Real-time Blackhole List or RBL) or Spam URI Realtime Blocklist (SURBL) This package is required to fully debianize serendipity. Having this package available would close #541740. License: PHP License URL: http://pear.php.net/package/Net_DNSBL -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#574964: ITP: php-text-wiki -- Transforms Wiki and BBCode markup into XHTML, LaTeX or plain text markup
Package: wnpp Severity: wishlist This is the base engine for all of the Text_Wiki sub-classes. The text transformation is done in 2 steps. The chosen parser uses markup rules to tokenize the tags and content. Renderers output the tokens and text into the requested format. The tokenized form replaces the tags by a protected byte value associated to an index in an options table. This form shares up to 50 rules by all parsers and renderers. The package is intented for versatile transformers as well as converters. Text_Wiki is delivered with its own parser, which is used by Yawiki or Horde's Wicked and three basic renderers: XHTML , LaTeX and plain text. Strong sanitizing of XHTML is default. This package is required to fully debianize serendipity. Having this package available would be part of closing #541740. License: LGPL License 2.1 URL: http://pear.php.net/package/Text_Wiki -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541740: (no subject)
Original Message Date: Mon, 22 Mar 2010 15:28:32 +0100 From: J.M.Roth jmr...@iip.lu To: 442...@bugs.debian.org, cont...@bugs.debian.org owner 442351 ! thanks Nothing is happening here, so I am taking over. This package is required to fully debianize serendipity. Having this package available would help to close #541740. License: PHP License 3.01 (Is that a problem?) URL: http://pear.php.net/package/XML_RPC -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#442351: (no subject)
owner 442351 ! thanks Nothing is happening here, so I am taking over. This package is required to fully debianize serendipity. Having this package available would help to close #541740. License: PHP License 3.01 (Is that a problem?) URL: http://pear.php.net/package/XML_RPC -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541740: ITP: php-onyxrss -- uses PHP's built-in XML extension to quickly and accurately parse ALL versions of RSS including 2.0
Package: wnpp Severity: wishlist Free, open source php parser that minimizes bandwidth usage. Great programming and wonderfully documented! Uses object oriented programming and PHP's built in XML extension to quickly and accurately parse ALL versions of RSS including 2.0. Many other parsers use regular expressions to find specific data within files, and are thus are limited to specific versions of RSS and are non-extensible. To keep the server load low, feeds to be parsed can be kept in a mySQL database on your own server with the format implied in the SQL statement. Pages will be served up without any server-side processing, and a cron job and be set up to call your page with the PHP code in it at desired intervals. All parsed results can be exported to an external file, so the parser doesn't have to get called everytime someone calls the page. Requires PHP's built-in XML extension available by default on all recent versions of PHP. This package is required to fully debianize serendipity. Having this package available would be part of closing #541740. License: GPL This is an older library but it seems to be still in use here and there. URL: http://web.archive.org/web/20030402143013/http://www.readinged.com/onyx/rss/ URL: http://wikkawiki.org/downloads/onyx-rss.zip -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#442351: (no subject)
On 3/22/2010 5:09 PM, Elizabeth Krumbach wrote: I was able to get the source that Yann was working on and am now working on it in the php team's svn repo: http://svn.debian.org/wsvn/pkg-php/pear/php-xml-rpc/#_pear_php-xml-rpc_ We could use help with testing Looks ok to me. BTW 1.5.3 is out, so one might run dh-make-pear again ;-) You might also want to add links: /usr/share/php/docs/php-xml-rpc - /usr/share/doc/php-xml-rpc I would if I had write access to that repository. Who should I contact? How far is an upload away? JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#570659: (no subject)
I'd love to be of assistance here. Just a note: the link to VCS (browse/wsvn) in PTS is invalid. (https://aphrodite.kinkhorst.nl/wsvn/debian/serendipity/) I'll start to familiarize myself with the packaging of the app. Regards, JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#574648: (no subject)
I do not see any Administration Control Panel link in your forum. Did you remove it? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#574551: support other webservers (lighttpd)
Package: phpbb3 Version: 3.0.2-4 Severity: wishlist Owner: da...@tilapin.org The question was raised whether other webservers (than apache2) should be supported. Just wanted to put that in the queue. I believe David volunteered ;-) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#574571: order of execution of things
Package: dbconfig-common
Version: 1.8.45
Severity: wishlist
Tags: patch
Sometimes, I feel more flexibility is needed concerning:
- the order of execution of scripts/data
- the order of execution of elements therein
I.e. for now it is hardcoded that scripts are run first and then data
snippets are applied. What if I need to do the inverse?
Furthermure, for an upgrade to one version I can only specify one file
that would have to contain all the snippets. I'd opt for a conf.d-style
approach.
For the first wish, I wouldn't know right know how to fix.
For the second wish I am attaching an idea of a patch for the script files.
Oh maybe one could even generalize this $(find) to go over all the files
in the data/scripts directories, sort them and then execute/apply them
one after the other in whatever order they occur. That would solve both
problems and one could even
- apply data
- run a script
- apply more data
- run more scripts
- ...
(Might be less transparent though.)
Regards,
JM
--- /usr/share/dbconfig-common/dpkg/postinst.orig 2010-03-19
03:45:42.0 +
+++ /usr/share/dbconfig-common/dpkg/postinst2010-03-19 03:57:09.0
+
@@ -282,19 +282,19 @@
vers=$1
sqlfile=$dbc_share/data/$dbc_basepackage/upgrade/$dbc_dbtype/$vers
admsqlfile=$dbc_share/data/$dbc_basepackage/upgrade-dbadmin/$dbc_dbtype/$vers
-
scriptfile=$dbc_share/scripts/$dbc_basepackage/upgrade/$dbc_dbtype/$vers
+ scriptfilepath=$dbc_share/scripts/$dbc_basepackage/upgrade/$dbc_dbtype
# now go through script updates
- if [ -f $scriptfile ]; then
- dbc_logline applying upgrade script for $dbc_oldversion -
$vers
+ for scriptfile in $(find $scriptfilepath -name $vers* -type f |
sort); do
+ dbc_logline applying upgrade script for $dbc_oldversion -
$vers: ${scriptfile#$scriptfilepath/}
# XXX $*
if ! sh -c $scriptfile $*; then
dbc_error=$scriptfile exited with non-zero status
dbc_upgrade_error processing $scriptfile
[ $dbc_tried_again ] return 0
fi
- fi
+ done
_dbc_asuser=
if [ -f $admsqlfile ]; then
Bug#573629: duply: new upstream version (watch file broken)
On 3/13/2010 11:05 AM, Joachim Wiedorn wrote: Hello, J.M.Roth jmroth+deb...@iip.lu wrote: Let me just reiterate the hint from #573603 that a new upstream version is available. ;) I am already working on the update. Relax, for now it was no problem for me to install/update this single script manually ;) I just don't like it myself when people file many bugs/wishes in one report so I created this one separately. Oh and by the way, your watch file is broken: -http://sf.net/duply/duply_(.*)\.tgz +https://sourceforge.net/projects/ftplicity/duply_(.*)\.tgz I have already seen that the project still have the name ftplicity. But because auf general difficulties with sourceforge addresses I must use the following line for the watch file: http://sf.net/ftplicity/duply_(.*)\.tgz Why is that? There is a redirect that goes to sourceforge.net in any case. Also, in any case, it should then be http://sf.net/projects/ftplicity/duply_(.*)\.tgz (/projects) is missing in the URL you mention. Am I missing something here? Greetings JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#573603: duply: loosen the version of the duplicity dependency
Package: duply Version: 1.5.1.5-1 Severity: wishlist I was wondering if you could loosen the dependency on duplicity (= 0.5.06) a little. I am using duply 1.5.1.4 on lenny (i.e. duplicity 0.4.11) and it works just fine. Like that I could at least have one less manually installed app on my box. :) Greetings, JM -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#573603: duply: loosen the version of the duplicity dependency
Thanks for the quick reply. In fact, the current duply version (1.5.2 *hint* *hint*) says to use at least v0.4.4RC4 of duplicity (see its duplicity_version_check() function). So I guess that should be safe for lenny (duplicity 0.4.11). No need for backports here. ;) Thanks. On 3/12/2010 10:38 PM, Joachim Wiedorn wrote: Hello, J.M.Roth jmroth+deb...@iip.lu wrote: I was wondering if you could loosen the dependency on duplicity (= 0.5.06) a little. I am using duply 1.5.1.4 on lenny (i.e. duplicity 0.4.11) and it works just fine. Like that I could at least have one less manually installed app on my box. :) Thanks for your test. Because I create the package of duply for use in testing=squeeze and sid I must use up to date packages of duplicity. (Duplicity 0.4.11 was released in May 2008). If I define a more loosen dependeny as you want it could be there are some incompatiblities which we don't see now. On the other side I can hope that popularity of older duplicity versions will decline in a short time. So I will set the older version as dependency. Fondest regards, Joachim Wiedorn -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#573629: duply: new upstream version (watch file broken)
Package: duply Version: 1.5.1.5-1 Severity: minor Let me just reiterate the hint from #573603 that a new upstream version is available. ;) Oh and by the way, your watch file is broken: -http://sf.net/duply/duply_(.*)\.tgz +https://sourceforge.net/projects/ftplicity/duply_(.*)\.tgz JM -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#573631: devscripts: [uscan] man page diverges from actual behavior
Package: devscripts Version: 2.10.35lenny7 Severity: minor The man page says: # The filename is found by taking the last component of the URL and # removing everything after any '?'. If this would not make a usable # filename, use filenamemangle. For example, # A href=http://foo.bar.org/download/?path=download=foo-0.1.1.tar.gz; # could be handled as: # opts=filenamemangle=s/.*=(.*)/$1/ \ # http://foo.bar.org/download/\?path=download=foo-(.*)\.tar\.gz However: -- In debian/watch, processing watchfile line: http://www.phpbb.com/downloads/olympus.php .*phpBB-(3\..*?)\.tar\.bz2.* -- Found the following matching hrefs: http://www.ohloh.net/p/phpbb/download?filename=phpBB-3.0.7-PL1.tar.bz2 Newest version on remote site is 3.0.7-PL1, local version is 3.0.7-PL1 = Package is up to date So this also works without filenamemangle, i.e. the described behavior that everything after the query string delimiter is initially stripped is not true, and using filenamemangle becomes unnecessary. -- Package-specific info: --- /etc/devscripts.conf --- --- ~/.devscripts --- Not present -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages devscripts depends on: ii dpkg-dev 1.14.29 Debian package development tools ii libc62.7-18lenny2GNU C Library: Shared libraries ii perl 5.10.0-19lenny2 Larry Wall's Practical Extraction Versions of packages devscripts recommends: ii at3.1.10.2 Delayed job execution and batch pr ii curl 7.18.2-8lenny3 Get a file from an HTTP, HTTPS or ii cvs 1:1.12.13-12 Concurrent Versions System ii dctrl-tools 2.13.1 Command-line tools to process Debi ii debian-keyring2009.01.18 GnuPG (and obsolete PGP) keys of D ii debian-maintainers1.52 GPG keys of Debian maintainers ii dput 0.9.2.32 Debian package upload tool ii equivs2.0.7-0.1 Circumvent Debian package dependen ii fakeroot 1.11 Gives a fake root environment ii git-core 1:1.5.6.5-3+lenny3 fast, scalable, distributed revisi ii gnupg 1.4.9-3+lenny1 GNU privacy guard - a free PGP rep ii iceweasel [www-browse 3.0.6-3lightweight web browser based on M ii libauthen-sasl-perl 2.12-1 Authen::SASL - SASL Authentication pn libcrypt-ssleay-perl none (no description available) ii libparse-debcontrol-p 2.005-2Easy OO parsing of Debian control- pn libsoap-lite-perl none (no description available) pn libterm-size-perl none (no description available) ii libtimedate-perl 1.1600-9 Time and date functions for Perl ii liburi-perl 1.35.dfsg.1-1 Manipulates and accesses URI strin ii libwww-perl 5.813-1WWW client/server library for Perl pn libyaml-syck-perl none (no description available) ii lintian 1.24.2.1+lenny1Debian package checker ii lsb-release 3.2-20 Linux Standard Base version report ii lynx-cur [www-browser 2.8.7dev9-2.1 Text-mode WWW Browser with NLS sup ii mailutils [mailx] 1:1.2+dfsg1-4 GNU mailutils utilities for handli ii man-db2.5.2-4on-line manual pager ii openssh-client [ssh-c 1:5.1p1-5 secure shell client, an rlogin/rsh ii patch 2.5.9-5Apply a diff file to an original ii patchutils0.2.31-4 Utilities to work with patches ii strace4.5.17+cvs080723-2 A system call tracer ii subversion1.5.1dfsg1-4 Advanced version control system ii unzip 5.52-12De-archiver for .zip files ii w3m [www-browser] 0.5.2-2+b1 WWW browsable pager with excellent ii wdiff 0.5-18 Compares two files word by word ii wget 1.11.4-2+lenny1retrieves files from the web Versions of packages devscripts suggests: ii build-essential 11.4 Informational list of build-essent pn cvs-buildpackage none (no description available) pn devscripts-el none (no description available) ii gnuplot 4.2.2-1.2 A command-line driven interactive pn libfile-desktopentry-perl none (no description available) pn libnet-smtp-ssl-perl none (no description available) ii mutt 1.5.18-6 text-based mailreader supporting M pn svn-buildpackage
Bug#573051: wontfix?
#affects 573069 + 573051 block 573051 by 573069 thanks Here's the other bug report I was talking about. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=573069 removal of postgres database and user not working So I guess at least purging the package with postgres will not work for now. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#573051: phpbb3: postgresql support is not working
Package: phpbb3 Version: 3.0.2-4 Severity: important After a myriad of warnings and hints the database import fails with ERROR: START value (1) cannot be less than MINVALUE (100) -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages phpbb3 depends on: ii apache22.2.9-10+lenny6 Apache HTTP Server metapackage ii apache2-mpm-prefor 2.2.9-10+lenny6 Apache HTTP Server - traditional n ii dbconfig-common1.8.39common framework for packaging dat ii debconf [debconf-2 1.5.24Debian configuration management sy ii libapache2-mod-php 5.2.6.dfsg.1-1+lenny6 server-side, HTML-embedded scripti ii mysql-client 5.0.51a-24+lenny3 MySQL database client (metapackage ii mysql-client-5.0 [ 5.0.51a-24+lenny3 MySQL database client binaries ii php5 5.2.6.dfsg.1-1+lenny6 server-side, HTML-embedded scripti ii php5-cgi 5.2.6.dfsg.1-1+lenny6 server-side, HTML-embedded scripti ii php5-mysql 5.2.6.dfsg.1-1+lenny6 MySQL module for php5 ii sqlite 2.8.17-4 command line interface for SQLite Versions of packages phpbb3 recommends: ii php5-gd5.2.6.dfsg.1-1+lenny6 GD module for php5 pn php5-imagick | php none(no description available) ii postfix [mail-tran 2.5.5-1.1 High-performance mail transport ag Versions of packages phpbb3 suggests: ii mysql-server 5.0.51a-24+lenny3 MySQL database server (metapackage ii mysql-server-5.0 [mysq 5.0.51a-24+lenny3 MySQL database server binaries -- debconf information: phpbb3/mysql/app-pass: (password omitted) phpbb3/app-password-confirm: (password omitted) phpbb3/password-confirm: (password omitted) phpbb3/pgsql/admin-pass: (password omitted) phpbb3/mysql/admin-pass: (password omitted) phpbb3/pgsql/app-pass: (password omitted) phpbb3/db/basepath: phpbb3/db/app-user: phpbb3/dbconfig-reinstall: false phpbb3/db/dbname: phpbb3/install-error: abort phpbb3/upgrade-backup: true * phpbb3/dbconfig-install: false phpbb3/mysql/method: unix socket phpbb3/remote/newhost: phpbb3/pgsql/manualconf: phpbb3/dbconfig-remove: phpbb3/internal/reconfiguring: false phpbb3/pgsql/authmethod-user: phpbb3/upgrade-error: abort phpbb3/pgsql/authmethod-admin: ident phpbb3/pgsql/method: unix socket phpbb3/database-type: phpbb3/mysql/admin-user: root phpbb3/remote/host: * phpbb3/httpd: apache2 phpbb3/remove-error: abort phpbb3/dbconfig-upgrade: true phpbb3/purge: false phpbb3/missing-db-package-error: abort phpbb3/pgsql/changeconf: false phpbb3/internal/skip-preseed: true phpbb3/pgsql/admin-user: postgres phpbb3/remote/port: phpbb3/pgsql/no-empty-passwords: phpbb3/passwords-do-not-match: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#573069: dbconfig-common: removal of postgres database and user not working
Package: dbconfig-common Version: 1.8.45 Severity: important Tags: patch dbconfig-common, when in pgsql mode, does not correctly drop databases and users because it uses command line parameter -q to dropdb and dropuser, respectively, which does not exist. in fact, such an action always results in failure. -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/dash Versions of packages dbconfig-common depends on: ii debconf [debconf-2.0] 1.5.28 Debian configuration management sy ii ucf 3.0025 Update Configuration File: preserv dbconfig-common recommends no packages. Versions of packages dbconfig-common suggests: ii mysql-client-5.1 [virtual-mys 5.1.41-3 MySQL database client binaries ii postgresql-client-8.4 [postgr 8.4.2-2+b1 front-end programs for PostgreSQL -- debconf information: dbconfig-common/password-confirm: (password omitted) dbconfig-common/mysql/admin-pass: (password omitted) dbconfig-common/mysql/app-pass: (password omitted) dbconfig-common/pgsql/admin-pass: (password omitted) dbconfig-common/pgsql/app-pass: (password omitted) dbconfig-common/app-password-confirm: (password omitted) dbconfig-common/internal/reconfiguring: false dbconfig-common/dbconfig-upgrade: true dbconfig-common/remote-questions-default: false dbconfig-common/passwords-do-not-match: dbconfig-common/pgsql/authmethod-admin: ident dbconfig-common/db/basepath: dbconfig-common/pgsql/revertconf: false dbconfig-common/install-error: abort dbconfig-common/remove-error: abort dbconfig-common/internal/skip-preseed: false dbconfig-common/db/dbname: dbconfig-common/pgsql/no-empty-passwords: dbconfig-common/mysql/method: unix socket dbconfig-common/remember-admin-pass: false dbconfig-common/pgsql/admin-user: postgres dbconfig-common/mysql/admin-user: root dbconfig-common/dbconfig-reinstall: false dbconfig-common/remote/host: dbconfig-common/pgsql/manualconf: dbconfig-common/pgsql/changeconf: false dbconfig-common/remote/newhost: dbconfig-common/dbconfig-install: true dbconfig-common/pgsql/method: unix socket dbconfig-common/pgsql/authmethod-user: dbconfig-common/upgrade-error: abort dbconfig-common/database-type: dbconfig-common/dbconfig-remove: true dbconfig-common/missing-db-package-error: abort dbconfig-common/db/app-user: dbconfig-common/pgsql/no-user-choose-other-method: dbconfig-common/remote/port: dbconfig-common/upgrade-backup: true dbconfig-common/purge: false --- /usr/share/dbconfig-common/internal/pgsql.orig 2010-03-08 16:31:42.0 + +++ /usr/share/dbconfig-common/internal/pgsql 2010-03-08 16:40:10.0 + @@ -129,8 +129,8 @@ _dbc_psql_cmd_setup if [ $dbc_ssl ]; then PGSSLMODE=require; fi extra=`_dbc_psql_cmd_args` - _dbc_debug su -s /bin/sh $localuser -c \env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' dropdb -q $extra $*\ 21 - dbc_error=`su -s /bin/sh $localuser -c env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' dropdb -q $extra $* 21` || retval=$? + _dbc_debug su -s /bin/sh $localuser -c \env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' dropdb $extra $*\ 21 + dbc_error=`su -s /bin/sh $localuser -c env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' dropdb $extra $* 21` || retval=$? _dbc_psql_cmd_cleanup return $retval } @@ -161,8 +161,8 @@ _dbc_psql_cmd_setup if [ $dbc_ssl ]; then PGSSLMODE=require; fi extra=`_dbc_psql_cmd_args` - _dbc_debug su -s /bin/sh $localuser -c \env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' dropuser -q $extra $*\ 21 - dbc_error=`su -s /bin/sh $localuser -c env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' dropuser -q $extra $* 21` || retval=$? + _dbc_debug su -s /bin/sh $localuser -c \env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' dropuser $extra $*\ 21 + dbc_error=`su -s /bin/sh $localuser -c env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' dropuser $extra $* 21` || retval=$? _dbc_psql_cmd_cleanup return $retval }
Bug#573051: (no subject)
I have narrowed this down to ALTER SEQUENCE phpbb_users_seq MINVALUE 100 RESTART WITH 100; in the postgres schema. This was added in SVN r441, see also #497721. There are also other problems using pgsql that I am investigating - if necessary I'll explain this in another bug report. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#571787: phpbb3: cookies and automatic login do not work with php 5.3 (patch available)
Yep, it's clear that everything after r8679 (which is 3.0.2) is probably not in the Debian package. Since this fix is in r9728/9 = 3.0.6 this bug and #524361 probably belong together. BTW I asked if manpower was needed for this package in #570660, but there is no answer (yet?). On 2/28/2010 12:35 AM, Jim Paris wrote: Package: phpbb3 Version: 3.0.2-4 Severity: normal Tags: patch Hi, Persistent/automatic logins were not working for me on a brand new install. After debugging, it turns out that request_var() in functions.php does not return cookie contents. I searched around and found this explanation: http://www.phpbb.com/community/viewtopic.php?f=46t=1725065start=0 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#570660: (no subject)
Hi, I'm one of the guys who is quite active on the BTS (not only) as far as phpbb is concerned. Sometimes I'm complaining, sometimes I'm complaining and patching. As far as phpbb is concerned I'd be willing to do even more, however I am currently not (officially) involved with Debian. But maybe that can change. Now you know who I am. Best regards, J.M.Roth -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#570459: drush: default config
Package: drush Version: 2.0-6~bpo50+1 Severity: wishlist Tags: patch Drush should have a (Debian) default config that does not make it necessary to give the path to the drupal installation using -r each time. On Debian this would be /usr/share/drupal6/. Anyone who wants to override that could still use the -r parameter. I am attaching /etc/drush/drushrc.php that would fix this issue. -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages drush depends on: ii php5-cli 5.2.6.dfsg.1-1+lenny4 command-line interpreter for the p Versions of packages drush recommends: ii php5-mysql 5.2.6.dfsg.1-1+lenny4 MySQL module for php5 ii wget 1.11.4-2+lenny1 retrieves files from the web Versions of packages drush suggests: ii cvs1:1.12.13-12 Concurrent Versions System ii mysql-client 5.0.51a-24+lenny3 MySQL database client (metapackage ii mysql-client-5.0 [mysq 5.0.51a-24+lenny3 MySQL database client binaries ii subversion 1.5.1dfsg1-4 Advanced version control system -- no debconf information ?php // default drupal 6 directory in debian, use -r to override // also read /usr/share/doc/drush/examples/example.drushrc.php to harness // the full power of this file $options['r'] = '/usr/share/drupal6/'; ?
Bug#570011: phpbb3: weak captcha attracts spambots
Package: phpbb3
Version: 3.0.2-4
Severity: important
Tags: security patch
I had only recently upgraded to phpbb3 when spambots started arriving.
The (default) captcha is very weak.
The GD captcha crack celebrates its first anniversary these days.
In the supplied database scheme, the user_registration setting is even 0 which
means no activation necessary. tststs ;-)
I provide a patch for that, and I also provide a patch that modifies the
default GD captcha settings GD CAPTCHA background noise {x,y}-axis, and
foremost the patch also activates the GD captcha. One would have to make the
php*-gd packages a dependency though (currently: recommendation). The webserver
would also need to be reloaded on upgrade, although I believe it doesn't even
get reloaded on install.
Anyway, all of that still is no real solution. I'll be looking for a better
captcha to integrate.
Unfortunately also possibility to force user posts put in queue if post count
is lower than an admin defined value is only in v3.0.3 and higher.
v3.0.6 has a completely new API for captchas, which longer necessarily are
images with certain strings in them.
Not sure if it would be worth backporting that and how much work that would
be...
-- System Information:
Debian Release: 5.0.4
APT prefers stable
APT policy: (500, 'stable')
Architecture: i386 (i686)
Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/bash
Versions of packages phpbb3 depends on:
ii apache22.2.9-10+lenny6 Apache HTTP Server metapackage
ii apache2-mpm-prefor 2.2.9-10+lenny6 Apache HTTP Server - traditional n
ii dbconfig-common1.8.39common framework for packaging dat
ii debconf [debconf-2 1.5.24Debian configuration management sy
ii libapache2-mod-php 5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti
ii mysql-client 5.0.51a-24+lenny3 MySQL database client (metapackage
ii mysql-client-5.0 [ 5.0.51a-24+lenny3 MySQL database client binaries
ii php5 5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti
ii php5-cgi 5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti
ii php5-mysql 5.2.6.dfsg.1-1+lenny4 MySQL module for php5
Versions of packages phpbb3 recommends:
ii php5-gd5.2.6.dfsg.1-1+lenny4 GD module for php5
pn php5-imagick | php none(no description available)
ii postfix [mail-tran 2.5.5-1.1 High-performance mail transport ag
Versions of packages phpbb3 suggests:
ii mysql-server 5.0.51a-24+lenny3 MySQL database server (metapackage
ii mysql-server-5.0 [mysq 5.0.51a-24+lenny3 MySQL database server binaries
-- debconf information:
phpbb3/mysql/app-pass: (password omitted)
phpbb3/app-password-confirm: (password omitted)
phpbb3/password-confirm: (password omitted)
phpbb3/pgsql/admin-pass: (password omitted)
phpbb3/mysql/admin-pass: (password omitted)
phpbb3/pgsql/app-pass: (password omitted)
phpbb3/db/basepath:
phpbb3/db/app-user:
phpbb3/dbconfig-reinstall: false
phpbb3/db/dbname:
phpbb3/install-error: abort
phpbb3/upgrade-backup: true
* phpbb3/dbconfig-install: false
phpbb3/mysql/method: unix socket
phpbb3/remote/newhost:
phpbb3/pgsql/manualconf:
phpbb3/dbconfig-remove:
phpbb3/internal/reconfiguring: false
phpbb3/pgsql/authmethod-user:
phpbb3/upgrade-error: abort
phpbb3/pgsql/authmethod-admin: ident
phpbb3/pgsql/method: unix socket
phpbb3/database-type:
phpbb3/mysql/admin-user: root
phpbb3/remote/host:
* phpbb3/httpd: apache2
phpbb3/remove-error: abort
phpbb3/dbconfig-upgrade: true
phpbb3/purge: false
phpbb3/missing-db-package-error: abort
phpbb3/pgsql/changeconf: false
phpbb3/internal/skip-preseed: true
phpbb3/pgsql/admin-user: postgres
phpbb3/remote/port:
phpbb3/pgsql/no-empty-passwords:
phpbb3/passwords-do-not-match:
diff -ur deb/control deb.mod/control
--- deb/control 2010-02-15 21:23:54.0 +0100
+++ deb.mod/control 2010-02-15 21:26:45.0 +0100
@@ -3,8 +3,8 @@
Architecture: all
Maintainer: Jeroen van Wolffelaar jer...@wolffelaar.nl
Installed-Size: 9968
-Depends: libapache2-mod-php5 | libapache-mod-php5 | php5-cgi | php5 | libapache2-mod-php4 | libapache-mod-php4 | php4-cgi | php4, php5-mysql | php5-pgsql | php5-odbc | php5-sybase | php4-mysql | php4-pgsql | php4-odbc | php4-sybase, apache2 | httpd, debconf | debconf-2.0, dbconfig-common, mysql-client | postgresql-client | sqlite
-Recommends: exim4 | mail-transport-agent, php5-imagick | php4-imagick, php5-gd | php4-gd
+Depends: libapache2-mod-php5 | libapache-mod-php5 | php5-cgi | php5 | libapache2-mod-php4 | libapache-mod-php4 | php4-cgi | php4, php5-mysql | php5-pgsql | php5-odbc | php5-sybase | php4-mysql | php4-pgsql | php4-odbc | php4-sybase, apache2 | httpd, debconf | debconf-2.0, dbconfig-common, mysql-client | postgresql-client | sqlite, php5-gd | php4-gd
Bug#569911: /usr/share/doc/phpbb3/README.templates (outdated fix links)
Package: phpbb3 Version: 3.0.2-4 Severity: minor Tags: patch /usr/share/phpbb3/styles/README = /usr/share/doc/phpbb3/README.templates is outdated and should not be linked in /etc/phpbb3/styles because it is not a style. First, I believe /etc/phpbb3/styles/README should be removed: There is nowhere else a symlink in /etc pointing to /usr/share/doc, effectively breaking open_basedir settings in PHP that might just include /usr/share/phpbb3, /var/*/phpbb3/, and /etc/phpbb3/. Second, I propose new text for said file: The directory /usr/share/phpbb3/styles/ is exclusively for packages supplying styles (themes) for phpbb3. prosilver and subsilver2 are distributed by the 'phpbb3' package itself. The phpbb3 packaging will take a look in /etc/phpbb3/styles/ what templates are available, so that you can add your own templates in /etc (as symlink to somewhere else, or just the template itself). Template packages should put their template in /usr/share/phpbb3/styles/, and make a symlink from /etc/phpbb3/styles/. An important consequence is that just adding a template to /usr/share/phpbb3/styles/ alone _will not work_. JM -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages phpbb3 depends on: ii apache2 2.2.9-10+lenny6Apache HTTP Server metapackage ii apache2-mpm-prefo 2.2.9-10+lenny6Apache HTTP Server - traditional n ii dbconfig-common 1.8.39 common framework for packaging dat ii debconf [debconf- 1.5.24 Debian configuration management sy ii libapache2-mod-ph 5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti ii mysql-client 5.0.51a-24+lenny2+spu1 MySQL database client (metapackage ii mysql-client-5.0 5.0.51a-24+lenny2+spu1 MySQL database client binaries ii php5 5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti ii php5-cgi 5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti ii php5-mysql5.2.6.dfsg.1-1+lenny4 MySQL module for php5 Versions of packages phpbb3 recommends: ii php5-gd5.2.6.dfsg.1-1+lenny4 GD module for php5 pn php5-imagick | php none(no description available) ii postfix [mail-tran 2.5.5-1.1 High-performance mail transport ag Versions of packages phpbb3 suggests: ii mysql-server 5.0.51a-24+lenny2+spu1 MySQL database server (metapackage ii mysql-server-5.0 5.0.51a-24+lenny2+spu1 MySQL database server binaries -- debconf information: phpbb3/mysql/app-pass: (password omitted) phpbb3/app-password-confirm: (password omitted) phpbb3/password-confirm: (password omitted) phpbb3/pgsql/admin-pass: (password omitted) phpbb3/mysql/admin-pass: (password omitted) phpbb3/pgsql/app-pass: (password omitted) phpbb3/db/basepath: phpbb3/db/app-user: phpbb3/dbconfig-reinstall: false phpbb3/db/dbname: phpbb3/install-error: abort phpbb3/upgrade-backup: true * phpbb3/dbconfig-install: false phpbb3/mysql/method: unix socket phpbb3/remote/newhost: phpbb3/pgsql/manualconf: phpbb3/dbconfig-remove: phpbb3/internal/reconfiguring: false phpbb3/pgsql/authmethod-user: phpbb3/upgrade-error: abort phpbb3/pgsql/authmethod-admin: ident phpbb3/pgsql/method: unix socket phpbb3/database-type: phpbb3/mysql/admin-user: root phpbb3/remote/host: * phpbb3/httpd: apache2 phpbb3/remove-error: abort phpbb3/dbconfig-upgrade: true phpbb3/purge: false phpbb3/missing-db-package-error: abort phpbb3/pgsql/changeconf: false phpbb3/internal/skip-preseed: true phpbb3/pgsql/admin-user: postgres phpbb3/remote/port: phpbb3/pgsql/no-empty-passwords: phpbb3/passwords-do-not-match: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/20100215005013.26715.37693.report...@mark5.iip.lu
Bug#514864: (no subject)
retitle 514864 ucf/debconf warning message on install/dist-upgrade thanks I also got this while installing a fresh copy of phpbb3. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/4b774863.7090...@iip.lu
Bug#568641: Messages 40 and 45
Please note that message 45 comes *before* message 40 for all of this to make sense. :-\ -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#568641: ntop: access.log is writeable by everyone
On 2/9/2010 8:45 AM, Ola Lundqvist wrote: On Mon, Feb 08, 2010 at 11:24:52PM +0100, J.M.Roth wrote: On 2/8/2010 11:13 PM, Ola Lundqvist wrote: drwxr-xr-x 2 ntop root 4096 2010-01-27 11:18 . drwxr-xr-x 12 root root 4096 2010-01-27 11:17 .. -rw-rw-rw- 1 root root0 2010-01-27 11:18 access.log Not good. However I do not think postinst is good enough. We must change the umask instead so that it is created correctly. But umask would just change permissions like chmod. Even when others could no longer read/write to the file due to changes to the umask, the ntop user also wouldn't be able to anymore. More can't be accomplished by playing with the umask. Yes, but what happens in the following case: 1) Someone install the package 2) Run ntop (log created) 3) Clean log files 4) Run ntop again (with -A) Now logfiles are there still with writeable access log. Your solution only works on upgrade (or did I completely misunderstood you?) When setting the correct permissions (u=rx,g=rxs,o= with ownership ntop:ntop) on the directory, the permissions will always be ok: - the directory will not be accessible by anyone else than ntop, - the contained files will have appropriate rights to be read/written by ntop. (I dislike the fact that they still are o=rw, but that doesn't matter in that case) If you remove the directory altogether, ntop will no longer start: Starting network top daemon: ERR: logging directory /var/log/ntop does not exist will not start network top daemon! I'm not sure what happens on an upgrade. Is postinst run on upgrade? If it is, then permissions would be correct afterwards. JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#568641: ntop: access.log is writeable by everyone
On 2/9/2010 9:13 PM, Ola Lundqvist wrote: When setting the correct permissions (u=rx,g=rxs,o= with ownership ntop:ntop) on the directory, the permissions will always be ok: - the directory will not be accessible by anyone else than ntop, - the contained files will have appropriate rights to be read/written by ntop. (I dislike the fact that they still are o=rw, but that doesn't matter in that case) I thought the complaint in the first place was that it was o=rw? Yes, I looked for a solution that would make - the files not accessible to everyone - still readable/writeable to ntop We may of course give a correct umask to ntop, but if files are owned by root and have no permission for other, they will not be writeable by user ntop, no matter what the umask. Let's take the example of the /var/log/clamav, which would be an example for correct permissions: drwxr-xr-x 2 clamav clamav 4096 Feb 7 21:44 . drwxr-xr-x 34 root root 57344 Feb 9 00:04 .. -rw-r- 1 clamav adm 4483 Feb 9 21:19 clamav.log -rw-r- is probably achieved by setting a correct umask, and clamav adm is achieved by either - telling the daemon how to correctly create those files (which ntop seems not to be able to), or - make them automatically belong to the right user by using setgid on the directory (since ntop seems not to be able to do so itself) If you remove the directory altogether, ntop will no longer start: Starting network top daemon: ERR: logging directory /var/log/ntop does not exist will not start network top daemon! What I ment was to remove the files, only. Not the dir. They will again be created rw-rw-rw root:root when ntop is next run. I'm not sure what happens on an upgrade. Is postinst run on upgrade? If it is, then permissions would be correct afterwards. Postinst is run on upgrade, yes. My issue is if someone do not upgrade. :-) The fresh install case was the case that I was talking about all along. And if postinst is run on upgrade then the upgrade case will not be an issue. JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#568641: ntop: access.log is writeable by everyone
On 2/8/2010 7:54 AM, Ola Lundqvist wrote: /var/log/access.log is writeable by everyone. The following would fix that: The file or the directory? My file has the following permission: drwxr-xr-x 2 ntop root 89 May 10 2009 . drwxr-xr-x 15 root root4096 Feb 8 01:21 .. -rw--- 1 ntop ntop 0 May 10 2009 access.log -rw--- 1 ntop ntop 1495082 May 8 2009 access.log.1.gz -rw--- 1 ntop ntop 263209 May 6 2009 access.log.2.gz -rw--- 1 ntop ntop 50469 Nov 12 2006 access.log.3.gz Maybe you did that yourself sometime in the past? After installation (not upgrade) on two independent Lenny systems: - aptitude install ntop - ntop -A - /etc/init.d/ntop start my log directory looks like this: drwxr-xr-x 2 ntop root 4096 2010-01-27 11:18 . drwxr-xr-x 12 root root 4096 2010-01-27 11:17 .. -rw-rw-rw- 1 root root0 2010-01-27 11:18 access.log + chown -Rf $USER: /var/log/ntop Why changing this? Why the ':' character? To make the group of the directory the primary group of the user (i.e. ntop) we just chowned to. +# content of log dir inherits group permission +chmod g+s,o= /var/log/ntop Why do you want to inherit the root group permissions? Because the files need to be writeable to ntop. After the above, files will belong to group ntop (like the directory). So ntop will be able to access (read/write) them. JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#568626: ntop: postrm is a mess
Hi, On 2/8/2010 8:03 AM, Ola Lundqvist wrote: First, postrm does not check for the possible location of the init.cfg file in /var/lib/ntop/ = fixed True and intentional. With the debian package /etc/ntop/init.cfg is the place where it should be. However, after a new installation there is no (default) one there. Second, there is no ntop/createuser entry in debconf, as none is added in the config file = check removed True. But it has been so in the past. It is still there to make transitions possible. However it has not been there for quite some time, so it could potentially be removed. But the way you propose would cause users to be removed always which is not good. if [ $1 = purge ] ; then The whole case /is/ about ntop being purged... # source debconf library -if [ -f /usr/share/debconf/confmodule ] ; then + if [ -f /usr/share/debconf/confmodule ]; then . /usr/share/debconf/confmodule -fi + fi - INIT=/etc/ntop/init.cfg - if [ -f $INIT ] ; then + for f in /var/lib/ntop/init.cfg /etc/ntop/init.cfg; do +if [ -f $f ]; then + INIT=$f +fi + done + if [ -n $INIT ]; then # parse config file for user -if [ -f $INIT ] ; then . $INIT -fi What happens if there are no /var/lib/ntop/init.cfg /etc/ntop/init.cfg files? Then the installation would break. I do not like this one. The user would not be removed in that case. That is no different from what would have happened before when there was no /etc/ntop/init.cfg (which there was not on a new install). Also, as a sidenote, in the current postrm the check is done twice: INIT=/etc/ntop/init.cfg if [ -f $INIT ] ; then # parse config file for user if [ -f $INIT ] ; then . $INIT fi I fail to see why. The inclusion of /var/lib/ntop/init.cfg can be argued but the if [ -f $INIT ] ; then line should really be there! But it is in the form of if [ -f $f ]; then INIT=$f combined with if [ -n $INIT ]; then which is in the end the same as if [ -f $INIT ]; then... # remove user if grep -q ^$USER: /etc/passwd; then - db_get ntop/createuser - CREATEUSER=$RET - if [ $CREATEUSER = true ]; then -deluser $USER; - fi + deluser $USER fi fi This is old code that should be removed by now. It is a transition for old systems where this was available. So if the user was created it should also be removed. Shouldn't it be removed anyhow on purge? But considering your argument we had maybe better say: db_get ntop/createuser CREATUSER=$RET db_get ntop/user DEBCONFUSER=$RET if [ $CREATEUSER = true -o $DEBCONFUSER = $USER ]; then deluser $USER ... The space between the ] and the ; character is actually needed sometimes. Maybe not in Debian but I keep that rule so I know it always work. Ok. Magic ;-) JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#568641: ntop: access.log is writeable by everyone
On 2/8/2010 11:13 PM, Ola Lundqvist wrote: drwxr-xr-x 2 ntop root 4096 2010-01-27 11:18 . drwxr-xr-x 12 root root 4096 2010-01-27 11:17 .. -rw-rw-rw- 1 root root0 2010-01-27 11:18 access.log Not good. However I do not think postinst is good enough. We must change the umask instead so that it is created correctly. But umask would just change permissions like chmod. Even when others could no longer read/write to the file due to changes to the umask, the ntop user also wouldn't be able to anymore. More can't be accomplished by playing with the umask. I'll see if I can find the place where the file is created so we can have proper permissions at that time. AFAICS the file is created by ntop at runtime if it is not there before. It is thus given the permissions by the operating system. Therefore I had tuned the directory permissions. JM PS. Maybe it works fine at a second glance because logrotate correctly uses create 640 ntop adm, however the initial install is not fine. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#568626: ntop: postrm is a mess
First, postrm does not check for the possible location of the init.cfg file in /var/lib/ntop/ = fixed True and intentional. With the debian package /etc/ntop/init.cfg is the place where it should be. However, after a new installation there is no (default) one there. It isn't? I must have missed that one then. # ls -l /etc/ntop total 4568 -rw-r--r-- 1 root root 2342693 May 9 2003 AS-list.txt -rw-r--r-- 1 root root 87090 May 8 2006 etter.finger.os -rw-r--r-- 1 root root1977 Jan 2 2002 ntop-cert.pem -rw-r--r-- 1 root root 1215373 Dec 1 2004 oui.txt -rw-r--r-- 1 root root 997574 Feb 16 2004 p2c.opt.table -rw-r--r-- 1 root root 382 Aug 6 2008 protocol.list -rw-r--r-- 1 root root2998 Apr 24 2003 specialMAC.txt Second, there is no ntop/createuser entry in debconf, as none is added in the config file = check removed True. But it has been so in the past. It is still there to make transitions possible. However it has not been there for quite some time, so it could potentially be removed. But the way you propose would cause users to be removed always which is not good. if [ $1 = purge ] ; then The whole case /is/ about ntop being purged... Yes, but this would violate it anyway. Assume that someone have created a user ntop before the package is installed. Then that is broken afterwards. Yeah... well... is it possible NOT to create a user for ntop at installation time? If that is not the case (i.e. one always has to create a user) then one should check at install time if the user already exists and warn that it might be purged on uninstall. What happens if there are no /var/lib/ntop/init.cfg /etc/ntop/init.cfg files? Then the installation would break. I do not like this one. The user would not be removed in that case. User? Yeah, the user ntop -- postrm after the patch would look like: if [ $1 = purge ] ; then # source debconf library if [ -f /usr/share/debconf/confmodule ]; then . /usr/share/debconf/confmodule fi for f in /var/lib/ntop/init.cfg /etc/ntop/init.cfg; do if [ -f $f ]; then INIT=$f fi done if [ -n $INIT ]; then # parse config file for user . $INIT # remove user if grep -q ^$USER: /etc/passwd; then deluser $USER fi fi # Remove init.cfg file and dir if [ -d /etc/ntop ]; then rm -rf /etc/ntop fi # remove stored data if [ -d /var/lib/ntop ]; then rm -rf /var/lib/ntop fi if [ -d /var/log/ntop ]; then rm -rf /var/log/ntop fi db_purge update-rc.d -f ntop remove /dev/null fi i.e. if none of the config files was there, the deluser command finally would not be executed, as in the original script. JM -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#568626: ntop: postrm is a mess
Package: ntop Version: 3:3.3-11+b2 Severity: normal Tags: patch First, postrm does not check for the possible location of the init.cfg file in /var/lib/ntop/ = fixed Second, there is no ntop/createuser entry in debconf, as none is added in the config file = check removed Also done some cosmetic changes like indenting etc. --- postrm 2010-02-06 11:13:56.0 +0100 +++ postrm.new 2010-02-06 11:26:30.0 +0100 @@ -3,37 +3,35 @@ if [ $1 = purge ] ; then # source debconf library -if [ -f /usr/share/debconf/confmodule ] ; then + if [ -f /usr/share/debconf/confmodule ]; then . /usr/share/debconf/confmodule -fi + fi - INIT=/etc/ntop/init.cfg - if [ -f $INIT ] ; then + for f in /var/lib/ntop/init.cfg /etc/ntop/init.cfg; do +if [ -f $f ]; then + INIT=$f +fi + done + if [ -n $INIT ]; then # parse config file for user -if [ -f $INIT ] ; then . $INIT -fi # remove user if grep -q ^$USER: /etc/passwd; then - db_get ntop/createuser - CREATEUSER=$RET - if [ $CREATEUSER = true ]; then -deluser $USER; - fi + deluser $USER fi fi # Remove init.cfg file and dir - if [ -d /etc/ntop ] ; then -rm -rf /etc/ntop; + if [ -d /etc/ntop ]; then +rm -rf /etc/ntop fi # remove stored data - if [ -d /var/lib/ntop ] ; then -rm -rf /var/lib/ntop; + if [ -d /var/lib/ntop ]; then +rm -rf /var/lib/ntop fi - if [ -d /var/log/ntop ] ; then -rm -rf /var/log/ntop; + if [ -d /var/log/ntop ]; then +rm -rf /var/log/ntop fi db_purge -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages ntop depends on: ii adduser 3.110add and remove users and groups ii debconf [debconf-2. 1.5.24 Debian configuration management sy ii libc6 2.7-18lenny2 GNU C Library: Shared libraries ii libcairo2 1.6.4-7 The Cairo 2D vector graphics libra ii libfontconfig1 2.6.0-3 generic font configuration library ii libfreetype62.3.7-2+lenny1 FreeType 2 font engine, shared lib ii libgdbm31.8.3-3 GNU dbm database routines (runtime ii libglib2.0-02.16.6-3 The GLib library of C routines ii libpango1.0-0 1.20.5-5 Layout and rendering of internatio ii libpcap0.8 0.9.8-5 system interface for user-level pa ii libpixman-1-0 0.10.0-2 pixel-manipulation library for X a ii libpng12-0 1.2.27-2+lenny2 PNG library - runtime ii librrd4 1.3.1-4 Time-series data storage and displ ii libssl0.9.8 0.9.8g-15+lenny6 SSL shared libraries ii libx11-62:1.1.5-2X11 client-side library ii libxcb-render-util0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-render0 1.1-1.2 X C Binding, render extension ii libxcb1 1.1-1.2 X C Binding ii libxml2 2.6.32.dfsg-5+lenny1 GNOME XML library ii libxrender1 1:0.9.4-2X Rendering Extension client libra ii zlib1g 1:1.2.3.3.dfsg-12compression library - runtime ntop recommends no packages. Versions of packages ntop suggests: ii graphviz 2.20.2-3 rich set of graph drawing tools ii gsfonts 1:8.11+urwcyr1.0.7~pre44-3 Fonts for the Ghostscript interpre -- debconf information: * ntop/interfaces: eth0 * ntop/user: ntop -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#568641: ntop: access.log is writeable by everyone
Package: ntop Version: 3:3.3-11+b2 Severity: normal Tags: patch, security /var/log/access.log is writeable by everyone. The following would fix that: --- postinst2008-08-06 17:55:17.0 +0200 +++ postinst.new2010-02-06 14:07:59.0 +0100 @@ -35,14 +35,17 @@ adduser --system --group --home /var/lib/ntop $USER fi -# make status dir owned by user if grep -q ^$USER: /etc/passwd; then +# make status dir owned by user chown -Rf $USER /var/lib/ntop - chown -Rf $USER /var/log/ntop +# make log dir owned by user and group + chown -Rf $USER: /var/log/ntop fi fi -chmod o-rx /var/lib/ntop +chmod o= /var/lib/ntop +# content of log dir inherits group permission +chmod g+s,o= /var/log/ntop echo USER=\$USER\ $INITCFG echo INTERFACES=\$INTERFACES\ $INITCFG -- System Information: Debian Release: 5.0.4 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages ntop depends on: ii adduser 3.110add and remove users and groups ii debconf [debconf-2. 1.5.24 Debian configuration management sy ii libc6 2.7-18lenny2 GNU C Library: Shared libraries ii libcairo2 1.6.4-7 The Cairo 2D vector graphics libra ii libfontconfig1 2.6.0-3 generic font configuration library ii libfreetype62.3.7-2+lenny1 FreeType 2 font engine, shared lib ii libgdbm31.8.3-3 GNU dbm database routines (runtime ii libglib2.0-02.16.6-3 The GLib library of C routines ii libpango1.0-0 1.20.5-5 Layout and rendering of internatio ii libpcap0.8 0.9.8-5 system interface for user-level pa ii libpixman-1-0 0.10.0-2 pixel-manipulation library for X a ii libpng12-0 1.2.27-2+lenny2 PNG library - runtime ii librrd4 1.3.1-4 Time-series data storage and displ ii libssl0.9.8 0.9.8g-15+lenny6 SSL shared libraries ii libx11-62:1.1.5-2X11 client-side library ii libxcb-render-util0 0.2.1+git1-1 utility libraries for X C Binding ii libxcb-render0 1.1-1.2 X C Binding, render extension ii libxcb1 1.1-1.2 X C Binding ii libxml2 2.6.32.dfsg-5+lenny1 GNOME XML library ii libxrender1 1:0.9.4-2X Rendering Extension client libra ii zlib1g 1:1.2.3.3.dfsg-12compression library - runtime ntop recommends no packages. Versions of packages ntop suggests: ii graphviz 2.20.2-3 rich set of graph drawing tools ii gsfonts 1:8.11+urwcyr1.0.7~pre44-3 Fonts for the Ghostscript interpre -- debconf information: * ntop/interfaces: eth0 * ntop/user: ntop -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#561311: (no subject)
sry I forgot to add the redirection to the second and most important
case of the if-statement -.-
--- /root/amavisd-new-cronjob.orig 2010-01-10 06:39:19.0 +0100
+++ /usr/sbin/amavisd-new-cronjob 2010-01-10 06:37:52.0 +0100
@@ -19,20 +19,20 @@
# WATCH OUT FOR PROPER QUOTING LEVEL WHEN CALLING THIS!
do_amavis_cmd() {
if [ $(id -u -n) != ${SUUSER} ]; then
- exec /bin/su - ${SUUSER} -c $*
+ exec /bin/su - ${SUUSER} -c $* /dev/null
else
# to get the same quoting level as the su path
CMD=$*
- exec ${CMD}
+ exec ${CMD} /dev/null
fi
}
case $1 in
sa-sync)
- do_amavis_cmd /usr/bin/sa-learn --sync /dev/null
+ do_amavis_cmd /usr/bin/sa-learn --sync
;;
sa-clean)
- do_amavis_cmd /usr/bin/sa-learn --sync --force-expire
/dev/null
+ do_amavis_cmd /usr/bin/sa-learn --sync --force-expire
;;
*)
echo $0: unknown cron routine $1 2
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#437836: (no subject)
reassign 437836 3.0.2-4 thanks within a few weeks, when Lenny is out of the door So? ;-) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#560157:
I was thinking to another possibility. Maybe I should disable this test by default. I vote for that. Just include a comment about the situation in the config file. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#561419: drupal6: general failures calling cron.php from cron.sh
Package: drupal6 Version: 6.6-3lenny3 Severity: minor In fact, as $base_url is considered optional in settings.php, one might also add --fail to the call to curl (ignore failures, i.e. send no mail to www-data) as failures can happen all the time if - $base_url is not specified (as it is optional), and - the site cannot be found because: one cannot reverse determine which site to call cron.php on, because of the logic (described in settings.php) that determines the site folder used for the given domain. Determining the domain from the site folder can be ambiguous, and in that case is not necessarily localhost as given in cron.sh. (I had the feeling that curl was more quiet before Lenny.) -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages drupal6 depends on: ii apache22.2.9-10+lenny6 Apache HTTP Server metapackage ii apache2-mpm-prefor 2.2.9-10+lenny6 Apache HTTP Server - traditional n ii curl 7.18.2-8lenny3Get a file from an HTTP, HTTPS or ii dbconfig-common1.8.39common framework for packaging dat ii debconf [debconf-2 1.5.24Debian configuration management sy ii libjs-jquery 1.2.6-2 JavaScript library for dynamic web ii mysql-client 5.0.51a-24+lenny2 MySQL database client (metapackage ii mysql-client-5.0 [ 5.0.51a-24+lenny2 MySQL database client binaries ii php5 5.2.6.dfsg.1-1+lenny4 server-side, HTML-embedded scripti ii php5-gd5.2.6.dfsg.1-1+lenny4 GD module for php5 ii php5-mysql 5.2.6.dfsg.1-1+lenny4 MySQL module for php5 ii postfix [mail-tran 2.5.5-1.1 High-performance mail transport ag ii wwwconfig-common 0.1.2 Debian web auto configuration Versions of packages drupal6 recommends: ii mysql-server 5.0.51a-24+lenny2 MySQL database server (metapackage ii mysql-server-5.0 [mysq 5.0.51a-24+lenny2 MySQL database server binaries drupal6 suggests no packages. -- debconf information: drupal6/password-confirm: (password omitted) drupal6/pgsql/app-pass: (password omitted) drupal6/mysql/app-pass: (password omitted) drupal6/pgsql/admin-pass: (password omitted) drupal6/app-password-confirm: (password omitted) drupal6/mysql/admin-pass: (password omitted) drupal6/pgsql/manualconf: drupal6/mysql/method: unix socket drupal6/pgsql/authmethod-user: drupal6/purge: false drupal6/dbconfig-upgrade: true drupal6/install-error: abort drupal6/dbconfig-remove: drupal6/internal/skip-preseed: true drupal6/pgsql/method: unix socket drupal6/upgrade-error: abort drupal6/internal/reconfiguring: false drupal6/db/app-user: drupal6 drupal6/database-type: drupal6/mysql/admin-user: root drupal6/remote/newhost: drupal6/remote/port: drupal6/remove-error: abort drupal6/pgsql/admin-user: postgres drupal6/db/dbname: drupal6 drupal6/pgsql/changeconf: false drupal6/missing-db-package-error: abort drupal6/remote/host: drupal6/db/basepath: drupal6/passwords-do-not-match: drupal6/pgsql/no-empty-passwords: drupal6/upgrade-backup: true drupal6/dbconfig-reinstall: false drupal6/pgsql/authmethod-admin: ident * drupal6/dbconfig-install: false -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534462: (no subject)
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 found 534462 6.6-3lenny3 tags 534462 patch thanks Please find below a patch to address the issue for the default site, including the 'all' site (see #513522). As far as I can see this is not only in etch-backports, but in lenny too. Choose for yourself whether you would like to do it this way or as in #513522. I believe this code is clearer, especially in case one would need to add more exceptions in the future (the if statement in #513522 might become lengthy). - --- cron.sh 2009-08-05 02:52:15.0 +0200 +++ /usr/local/share/drupal6/scripts/cron.sh2009-12-16 02:46:36.0 +0100 @@ -4,6 +4,9 @@ for site in /etc/drupal/6/sites/* ; do BASE_URL= + [ `basename $site` = all ] continue; + [ `basename $site` = default ] continue; + for file in $site/baseurl.php $site/settings.php; do [ -f $file ] BASE_URL=`grep '^$base_url' $file | cut -d' -f2` [ X$BASE_URL != X ] break -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.7 (MingW32) iD8DBQFLKD56iX4Eavd4hCYRAviXAJ9EfGj19wX097/shzC0K8ZpQZkZtgCfbH4Y jrlCp9wUEaTXfpk/NeTN0NI= =2Fk7 -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#487380: (no subject)
I've had similar trouble with libnss-mdns. In my case it was due to the upgrade to Lenny. Using aptitude, it pulled in recommended packages (not sure whether that was disabled before, but hey, maybe aptitude's preferences were changed as it got updated BEFORE the actual upgrade, as recommended by the Lenny Release Notes). Unfortunately, sun-java6-jre (mea culpa) recommended libnss-mdns, which in turn depends on avahi-daemon, so all of that got installed although I don't it. After removing it, make sure to restart crucial services, or better yet, reboot the machine to be safe. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#561311: amavisd-new: cron job sends output every 3 hours although it was not meant to
Package: amavisd-new Version: 1:2.6.1.dfsg-1 Severity: minor The cron job executes correctly at the 18th minute of every 3rd hour but generates output and therefore sends a mail like the following bayes: synced databases from journal in 1 seconds: 1771 unique entries (3738 total entries) In /usr/sbin/amavisd-new-cronjob, everything is redirected to /dev/null so i guess this was not supposed to be maybe it has something to do with the use of su inside of that script anyone into that matter: please check, thanks! -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages amavisd-new depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf-2.0]1.5.24 Debian configuration management sy ii file 4.26-1 Determines file type using magic ii libarchive-zip-perl 1.18-1 Module for manipulation of ZIP arc ii libberkeleydb-perl 0.34-1+b1 use Berkeley DB 4 databases from P ii libcompress-zlib-perl2.012-1 Perl module for creation and manip ii libconvert-tnef-perl 0.17-8 Perl module to read TNEF files ii libconvert-uulib-perl1.11-1 Perl interface to the uulib librar pn libdigest-md5-perl none (no description available) ii libio-stringy-perl 2.110-4 Perl modules for IO from scalars a ii libmailtools-perl2.03-1 Manipulate email in perl programs pn libmime-base64-perl none (no description available) ii libmime-tools-perl 5.427-1 Perl5 modules for MIME-compliant m ii libnet-server-perl 0.97-1 An extensible, general perl server ii libunix-syslog-perl 1.1-2 Perl interface to the UNIX syslog( ii perl [libtime-hires-perl 5.10.0-19lenny2 Larry Wall's Practical Extraction ii perl-modules [libarchive 5.10.0-19lenny2 Core Perl modules amavisd-new recommends no packages. Versions of packages amavisd-new suggests: ii apt-listchanges 2.83package change history notificatio ii arj 3.10.22-6 archiver for .arj files pn cabextract none (no description available) ii clamav 0.95.3+dfsg-1~volatile1 anti-virus utility for Unix - comm ii clamav-daemon0.95.3+dfsg-1~volatile1 anti-virus utility for Unix - scan ii cpio 2.9-13 GNU cpio -- a program to manage ar pn dspamnone (no description available) pn lha none (no description available) ii libauthen-sasl-p 2.12-1 Authen::SASL - SASL Authentication ii libdbi-perl 1.605-1 Perl5 database interface by Tim Bu pn libmail-dkim-per none (no description available) pn libnet-ldap-perl none (no description available) pn lzop none (no description available) pn nomarch none (no description available) ii spamassassin 3.2.5-2+lenny1 Perl-based spam filter using text pn unrarnone (no description available) pn zoo none (no description available) -- debconf information: amavisd-new/outdated_config_style_warning: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#561011: amavis-stats: spam statistics do not graph, rrd error
Package: amavis-stats Version: 0.1.12-10 Severity: important After upgrading to Lenny I noticed that spam statistics would no longer graph. The error on the daily spam stats graph (after a day with no data) is amavis-stats::error: rrd_graph():, but maybe that's normal if there is no data. So the question would be: why is there no data? I removed all rrd files in /var/lib/amavis-stats/ to see whether that would help. It did not. As far as I can see, amavis output on Passed Spam has not changed, except for a size: ... between Hits: ... and queued_as: ... in mail.log -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Shell: /bin/sh linked to /bin/bash Versions of packages amavis-stats depends on: ii adduser 3.110 add and remove users and groups ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy ii librrds-perl 1.3.1-4Time-series data storage and displ ii rrdtool 1.3.1-4Time-series data storage and displ ii wwwconfig-common 0.1.2 Debian web auto configuration Versions of packages amavis-stats recommends: ii amavisd-new [amavis] 1:2.6.1.dfsg-1 Interface between MTA and virus sc amavis-stats suggests no packages. -- debconf information: * amavis-stats/stay_on_purge: false amavis-stats/config_apache: Apache -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#515534: (no subject)
After upgrading to lenny my saslauthd was broken too. I'm attaching the diff between my old defaults file and the one coming with the new version, which I'm using now. --- saslauthd 2009-12-13 03:22:14.0 +0100 +++ sasl.old2007-04-12 02:16:24.0 +0200 @@ -1,19 +1,10 @@ # # Settings for saslauthd daemon -# Please read /usr/share/doc/sasl2-bin/README.Debian for details. # # Should saslauthd run automatically on startup? (default: no) START=yes -# Description of this saslauthd instance. Recommended. -# (suggestion: SASL Authentication Daemon) -DESC=SASL Authentication Daemon - -# Short name of this saslauthd instance. Strongly recommended. -# (suggestion: saslauthd) -NAME=saslauthd - # Which authentication mechanisms should saslauthd use? (default: pam) # # Available options in this Debian package: @@ -39,17 +30,9 @@ # A value of 0 will fork a new process for each connection. THREADS=5 -# Other options (default: -c -m /var/run/saslauthd) -# Note: You MUST specify the -m option or saslauthd won't run! -# -# WARNING: DO NOT SPECIFY THE -d OPTION. -# The -d option will cause saslauthd to run in the foreground instead of as -# a daemon. This will PREVENT YOUR SYSTEM FROM BOOTING PROPERLY. If you wish -# to run saslauthd in debug mode, please run it by hand to be safe. -# -# See /usr/share/doc/sasl2-bin/README.Debian for Debian-specific information. -# See the saslauthd man page and the output of 'saslauthd -h' for general -# information about these options. +# Other options (default: -c) +# See the saslauthd man page for information about these options. # # Example for postfix users: -c -m /var/spool/postfix/var/run/saslauthd -OPTIONS=-c -m /var/run/saslauthd +# Note: See /usr/share/doc/sasl2-bin/README.Debian +OPTIONS=-c So I guess the problem was NAME=... not being there. I have seen no comment/warning about that in apt-listchanges or whatever. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#559278: (no subject)
Severity: important This makes just about 50% of this package useless indeed. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#542695: cannot use crypto loop aes
Package: loop-aes-modules-2.6.26-2-686 Version: 2.6.26+3.2c-6+lenny1 Severity: grave Justification: renders package unusable # aptitude install loop-aes-modules-2.6.26-2-686 # modprobe loop-aes # lsmod | grep loop loop 55372 0 # dmesg | tail -3 [ 4457.015307] loop: module loaded [ 4521.947610] loop: AES key scrubbing enabled [ 4521.948506] loop: loaded (max 8 devices) # losetup -v -e aes /dev/loop0 /dev/md0 Password: 123123123123123123123123123123123123 ioctl: LOOP_SET_STATUS: Invalid argument # losetup -v -e AES256 /dev/loop0 /dev/md0 Password: 123123123123123123123123123123123123 ioctl: LOOP_SET_STATUS: Invalid argument # losetup -v -e aes-256 /dev/loop0 /dev/md0 Password: 123123123123123123123123123123123123 ioctl: LOOP_SET_STATUS: Invalid argument # losetup -v -e aes256 /dev/loop0 /dev/md0 Password: 123123123123123123123123123123123123 ioctl: LOOP_SET_STATUS: Invalid argument Additionally, the nomenclature for loop-aes is not sexy. (The others carry an underscore) /lib/modules/2.6.26-2-686/extra/loop-aes/loop_blowfish.ko /lib/modules/2.6.26-2-686/extra/loop-aes/loop_serpent.ko /lib/modules/2.6.26-2-686/extra/loop-aes/loop_twofish.ko /lib/modules/2.6.26-2-686/extra/loop-aes/loop-aes.ko I've tried the same thing with etchnhalf BTW, without success. In case someone is wondering about cryptoloop: # modprobe cryptoloop FATAL: Error inserting cryptoloop (/lib/modules/2.6.26-2-686/kernel/drivers/block/cryptoloop.ko): Unknown symbol in module, or unknown parameter (see dmesg) # dmesg | tail -2 [ 5144.988320] cryptoloop: disagrees about version of symbol loop_register_transfer [ 5144.988326] cryptoloop: Unknown symbol loop_register_transfer Please tell me I'm doing sth wrong and this is not all broken. -- System Information: Debian Release: 5.0.2 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-2-686 (SMP w/1 CPU core) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages loop-aes-modules-2.6.26-2-686 depends on: ii linux-image-2.6.26-2-686 2.6.26-17lenny2 Linux 2.6.26 image on PPro/Celeron loop-aes-modules-2.6.26-2-686 recommends no packages. loop-aes-modules-2.6.26-2-686 suggests no packages. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#542695: Now I can [Re: Bug#542695: cannot use crypto loop aes]
Max Vozeler wrote: Can you verify that you have the package loop-aes-utils installed? This looks like it is not installed. Alright ;-) Maybe there should be a README or dependency coming with the loop-aes-modules-2.6.26-2-686 package to pull in loop-aes-utils. Also, I suggest to read through the README if you have not already done so. The commands you showed, while they are expected to work, don't match the recommended setup. I guess the whole document http://loop-aes.sourceforge.net/loop-AES.README, especially the examples, are worthwile reading indeed. Thanks and Regards -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#541294: specter: Vanilla install segfaults
Package: specter
Version: 1.4-2+b1
Severity: grave
Justification: renders package unusable
strace start-stop-daemon --start --quiet --exec /usr/sbin/specter -- -d --uid
specter --gid specter
open(/etc/specter.conf, O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=3119, ...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE, MAP_PRIVATE|MAP_ANONYMOUS, -1,
0) = 0xb7f8a000
read(3, #\n# Sample configuration file fo..., 4096) = 3119
_llseek(3, 0, [3119], SEEK_CUR) = 0
--- SIGSEGV (Segmentation fault) @ 0 (0) ---
+++ killed by SIGSEGV +++
Trial-and-error indicates that it does not seem to like --gid specter
(Yes, the group does exist):
# grep specter /etc/group
specter:x:124:
-- System Information:
Debian Release: 4.0
APT prefers oldstable
APT policy: (500, 'oldstable'), (200, 'stable')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.24-etchnhalf.1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages specter depends on:
ii adduser 3.102Add and remove users and groups
ii iptables1.3.6.0debian1-5 administration tools for packet fi
ii libc6 2.3.6.ds1-13etch9+b1 GNU C Library: Shared libraries
specter recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#528990: (no subject)
... none of which is available in any standard release like Lenny or Etch. Thanks for noting the concern though ;-) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#528990: ipset modules?
Why are the ipset userland tools there anyway when there is no kernel support out-of-the-box? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#537773: fail2ban: chains should not be purged after log rotation
Package: fail2ban Version: 0.7.5-2etch1 Severity: important /etc/logrotate.d/fail2ban has the following post-rotate command: invoke-rc.d --quiet fail2ban reload /dev/null This will however purge the chains, even though some entries might have a bantime that is longer than the log rotation period. http://www.fail2ban.org/wiki/index.php/Fail2ban:Community_Portal suggests: logrotate configuration must run 'fail2ban-client set logtarget /var/log/fail2ban.log' instead of 'invoke-rc.d --quiet fail2ban reload' -- System Information: Debian Release: 4.0 APT prefers oldstable APT policy: (500, 'oldstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.24-etchnhalf.1-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages fail2ban depends on: ii iptables1.3.6.0debian1-5 administration tools for packet fi ii lsb-base3.1-23.2etch1Linux Standard Base 3.1 init scrip ii python 2.4.4-2 An interactive high-level object-o ii python-central 0.5.12 register and build utility for Pyt ii python2.4 2.4.4-3+etch2An interactive high-level object-o fail2ban recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#480887: marked as done (stable version outdated and ancient, several security issues)
I did, and ignoring the new releases it shows at the top Security alert. Local file inclusion bug. More info here, fixed release available. [18] (http://bugs.splitbrain.org/index.php?do=detailstask_id=1700) So that is fixed already too? I guess one would simply need to remove these warnings in the packages? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#487769: ipv6 readiness
Openvpn should become ipv6-ready soon. ipv6 is around the corner ;-) Fiddling around with up scripts is not that cool. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#480887: marked as done (stable version outdated and ancient, several security issues)
Mohammed Adnène Trojette wrote: I guess one would simply need to remove these warnings in the packages? These warnings are not in the package. They are grabbed from upstream's website as soon as the package is outdated. Yeah, but then one could do something like described here http://www.dokuwiki.org/update_check: Each message has a unique ID shown in square brackets. Only messages which have a higher ID than the one configured in conf/msg will be shown. Thus one could include the correct conf/msg in the package. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#480887: marked as done (stable version outdated and ancient, several security issues)
Does that mean one can use the setting to hide the warnings at the top of the screen since those problems are actually not there in the Debian-packaged version, i.e. have been patched? -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#526970: (no subject)
Hmmm... I don't know but maybe there is a reason that they want user #1 logged in. Maybe the 1 is of importance. Just a thought. But you're right, in theory user #1 could have been given only authenticated user right whereas someone else has become the admin. Maybe one should ask this question upstream. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#534462: default and all sites
Package: drupal6 Version: 6.6-3~bpo40+1 Priority: wishlist I have several sites in the sites directory and no default site. Therefore the cron script each time it is executed sends me a mail that the default site (which I don't use) is offline. What would be the smartest way to go about this? There certainly are people who do have a default site AND tons of other sites... but also many probably don't have a default site :-\ I know there is (resolved) bug #513522 in the archive, which at least cares about the all site. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#527587: (no subject)
4.5 in etch? You mean the obsolete package that was left from sarge? ;-) Oh well I just went the way from the obsolete 4.5.x to 6.6-3~bpo40+1 (etch). You do not need to upgrade every minor version. (see http://drupal.org/upgrade/) In my case what I had to do was: - 4.5.x - 4.7.x (the latest in the 4.x series) - 4.7.x - 5.18 (the latest in the next major series) - 5.18 - 6.6-3~bpo40+1 Each time you should backup the current database (so that you can try the step at hand again, if it fails, like it did in my case in the second step since it seems 5.18 needs a higher memory_limit for php than the latest 4.x release did). You then just delete /usr/share/drupal and extract the new version there. Of course make sure to backup your site config and themes (they are now elegantly stored in /etc), however they won't all work properly. An adventurous person might try skipping the second step, however it is not recommended. I guess that is what your request was about, since the 5.x was skipped in Debian. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#480887: Info received ((no subject))
I would like to apologize again for calling the package orphaned and for not looking hard enough before complaining. However, one would expect that for Etch there would be some sort of security updates if I look at all the warnings that greet me at the top of the screen each time I use dokuwiki. Just putting a new release in the next available version of the distribution is not good enough for my taste. But thanks anyway :-) -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#480887: (no subject)
Never mind my previous comment. Release 2008-05-05 seems to be in Lenny and is the second most recent release (the most recent one being Release 2009-02-14). See http://www.dokuwiki.org/changes -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#480887: (no subject)
Maybe the better solution would be to declare this package orphaned. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#499191: apache2-suexec-custom: Allow execution of programs owned by root
Ondřej Surý wrote: So the actual item for the wishlist is to be able to specify a user (or more than one) that are considered trusted. Suexec will then allow files owned by either the target user, or by a trusted user, to be executed. Use chattr +i file Ondrej. That much we had already figured out. Alexander Prinsier wrote: Second, you could use chattr +i to prevent users from changing the wrapper. This is somewhat fragile, though, because backup programs usually will not restore the immutable flag. I've tried that approach, and it is indeed fragile. Certainly when I want the cgi script itself to be autogenerated by another script, which takes into account user preferences etc. Currently I do - chattr -i $file - replace $file - chattr +i $file :-| Fortunately though, one can still Alias stuff like PHP forum software etc. in the users' domains in order to keep it in a central location, as only the wrapper has the suexec limitations, but not what is called by the wrapper. As for the CGI scripts, you are right, keeping them in a central place is not currently possible. :-( What I/my control panel do is, there is a central location where these scripts are stored, an the users' cgi-bins are updated from that location. One however has to take precautions (e.g. in the form of cron jobs) to update the users once the central repository gets updated. This is a pity as otherwise the modfcgid/fastcgi+php variant works pretty well and is pretty secure too. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#419571: (no subject)
Since I stumbled across the same problem I wonder where is the relation of this bug to #394136, which was fixed in cryptsetup/2:1.0.4-4? It doesn't work for me, so it is not fixed then? Any workaround? thanks, florian So, what is different here from the bug that Florian mentioned? I also fail to see the difference. Thanks for a short explanation. How can #394136 be fixed and this one (#419571) not be fixed when they both are the same problem? -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#419571: cryptsetup may need to activate more than 1 crpyt partition
Hi, Jonas Meurer wrote: On the other hand, did you actually try to reproduce the bug? I just tried again with expert mode installation and Lenny rc2 debian-installer businesscard image. At release selection I selected 'unstable'. I have not recently tried with the installer, no. The installer of stable has issues anyway with RAID and crypt. http://wiki.debian.org/DebianInstaller/RAIDvsCrypto $ gzip -dc /boot/initrd.img-2.6.25-2-amd64 | cpio -id $ cat conf/conf.d/cryptroot target=hdb1_crypt,source=/dev/hdb1,key=none target=hda2_crypt,source=/dev/hda2,key=none,lvm=debian-root target=hda2_crypt,source=/dev/hda2,key=none,lvm=debian-swap could others try to reproduce it with different setups? I am using an initrd (in stable!) with multiple entries in conf/conf.d/cryptroot as you showed, and it works fine for me, i.e. scripts/local-top/cryptroot works fine. I guess with the release of Lenny (which is soon) this can probably be marked fixed anyhow. Regards, JM -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#486012: raid(mdadm)+luks(crypt)+lvm shutdown
Package: mdadm Version: 2.5.6-9 Severity: important I'm not sure if these should be regarded as two issues. Please let me know. First, we have in /etc/rc[06].d: S50lvm S50mdadm-raid either: - lvm is tried to be stopped first (as L precedes M), or - lvm and mdadm-raid are stopped concurrently :-O Neither is good. Now, when all three (raid-luks-lvm) are used (in that order on top of each other), we have: S48cryptdisks S50lvm S50mdadm-raid S59cryptdisks-early MDs cannot be unmounted before cryptdisks are gone, and cryptdisks cannot go before lvm is gone (Bug #363007 addressed a similar case between lvm and luks, which introduced the cryptdisks-early script.) Suppose we move S50mdadm-raid to S60mdadm-raid, then on shutdown/reboot, we would have: S48cryptdisks S49lvm S59cryptdisks-early S60mdadm-raid which is fine in any case. This collides with S60umountroot, but that is no problem, as we can never really umount root, whether it is on an md-device or not. Of course, this does not work if the MD layer is used somewhere in between (like luks-raid-lvm), but who would want that? ;-) This solution would remedy both problems. That is why I'm reporting this as a bug in mdadm, feel free to change this. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages mdadm depends on: ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip ii makedev2.3.1-83 creates device files in /dev Versions of packages mdadm recommends: ii module-init-tools 3.3-pre4-2 tools for managing Linux kernel mo ii postfix [mail-transport-agent 2.3.8-2+b1 A high-performance mail transport -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#360806: ifupdown: also not executed without hotplug
Package: ifupdown Version: 0.6.8 Followup-For: Bug #360806 i use the following /etc/network/interfaces pre-up and post-down commands to do stuff iface eth0 inet static pre-up /usr/local/sbin/iip_iptables-restore post-down /usr/local/sbin/iip_iptables-save the pre-up script is executed fine the post-down script is not executed at all NOTE: the scripts are fine and have correct permissions ls -l /usr/local/sbin/iip_iptables-* -rwx-- 1 root staff 104 May 21 2007 /usr/local/sbin/iip_iptables-restore -rwx-- 1 root staff 255 Apr 15 20:23 /usr/local/sbin/iip_iptables-save they also work fine when executed manually -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages ifupdown depends on: ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy ii libc6 2.3.6.ds1-13etch5 GNU C Library: Shared libraries ii lsb-base 3.1-23.2etch1 Linux Standard Base 3.1 init scrip ii net-tools 1.60-17 The NET-3 networking toolkit ifupdown recommends no packages. -- debconf information: ifupdown/convert-interfaces: true -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#396708: (no subject)
I believe this won't fix. Even if the docroot of suphp would be modified to include /usr/share and all that lies within (like phpbb2 etc.) still the permissions of those files would be incorrect. The web users would not be allowed to access those files because of their permissions. In such a setup, a central installation of software like phpbb is not possible. I suggest to either use mod-fcgi(d) with apache, and run php as a fastcgi, only the wrapper script will succumb to the suexec restrictions, and if the settings in php.ini are right you may run stuff like phpbb from a central location. Otherwise you will have to copy phpbb and chown it correctly for each user's homedir who wants to use it. Hope this helps. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#391775: (no subject)
I recommend patching using this: http://www.phpbb.com/community/viewtopic.php?t=473222 It effectively reduced the account registration attempts by bots to zero as it replaces the long cracked captcha. Furthermore, it consists of only the addition of 1 (one) code file, several fonts and one tiny modification to the existing code. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#479621: (no subject)
The following change, courtesy of the Ubuntu cacti-0.8.6i package,
fixes the problem:
/usr/share/cacti/include/config.php, line 86:
change:
if (!((is_file($_SERVER[SCRIPT_FILENAME])) (substr_count($_SERVER
[SCRIPT_FILENAME], $_SERVER[PHP_SELF] {
to:
if (!((is_file($_SERVER[SCRIPT_FILENAME])) (substr_count($_SERVER
[SCRIPT_FILENAME], basename($_SERVER[PHP_SELF]) {
Just make sure that if you fix the problem (again), that the fix is in
the spirit of the actual Cacti security advisory.
Currently, I am having a hard time seeing why exactly all these checks
are done. Maybe someone could elaborate? I only read something about XSS
and SQL injection. Why do these fixes prevent that?
Apparently, they have all not been written for the scenario where Cacti
is used via Aliases in Apache.
So instead of just doing something that makes the error disappear (and
potentially again creating security holes) please, someone who has the
insight, take a look.
Thanks for listening.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#479621: cacti: Invalid PHP_SELF path
Package: cacti Version: 0.8.6i-3.3 Severity: important You have inserted a sanity check into /usr/share/cacti/site/include/config.php. However, this breaks at least my (standard) setup as (at least): substr(/usr/share/cacti/site/index.php, /cacti/index.php) = 0 Additionally my DOCUMENT_ROOT of course does not match as cacti is not installed under the document root that my virtual host uses. See also http://forums.cacti.net/about25759.html -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages cacti depends on: ii apache [httpd] 1.3.34-4.1+etch1 versatile, high-performance HTTP s ii apache2 2.2.3-4+etch4Next generation, scalable, extenda ii apache2-mpm-prefork [ht 2.2.3-4+etch4Traditional model for Apache HTTPD ii dbconfig-common 1.8.29+etch1 common framework for packaging dat ii debconf [debconf-2.0] 1.5.11etch1 Debian configuration management sy ii libapache2-mod-php5 5.2.0-8+etch10 server-side, HTML-embedded scripti ii libphp-adodb4.93a-1.1The 'adodb' database abstraction l ii logrotate 3.7.1-3 Log rotation utility ii mysql-client-5.0 [virtu 5.0.32-7etch5mysql database client binaries ii php46:4.4.4-8+etch4 server-side, HTML-embedded scripti ii php4-cli6:4.4.4-8+etch4 command-line interpreter for the p ii php4-mysql 6:4.4.4-8+etch4 MySQL module for php4 ii php4-snmp 6:4.4.4-8+etch4 SNMP module for php4 ii php5-mysql 5.2.0-8+etch10 MySQL module for php5 ii rrdtool 1.2.15-0.3 Time-series data storage and displ ii snmp5.2.3-7etch2 NET SNMP (Simple Network Managemen ii ucf 2.0020 Update Configuration File: preserv Versions of packages cacti recommends: ii iputils-ping 3:20020927-6 Tools to test the reachability of ii mysql-server 5.0.32-7etch5 mysql database server (meta packag ii mysql-server-5.0 [mysql-se 5.0.32-7etch5 mysql database server binaries -- debconf information: cacti/confirm: (password omitted) cacti/password-confirm: (password omitted) cacti/root_password: (password omitted) cacti/app-password-confirm: (password omitted) cacti/mysql/admin-pass: (password omitted) * cacti/password: (password omitted) cacti/mysql/app-pass: (password omitted) * cacti/username: cacti * cacti/db/app-user: iip_cacti * cacti/mysql/admin-user: root * cacti/mysql_server: localhost * cacti/webserver: Apache2 * cacti/mysql/method: tcp/ip * cacti/remote/host: localhost cacti/upgrade-error: abort cacti/dbconfig-upgrade: true cacti/internal/skip-preseed: false * cacti/remote/newhost: localhost cacti/purge: false cacti/upgrade_warning: * cacti/database-type: mysql * cacti/database: cacti cacti/remove-error: abort * cacti/db/dbname: iip_cacti cacti/mismatch: cacti/upgrade-backup: true cacti/install-error: abort cacti/internal/reconfiguring: false cacti/save_rootpw: true cacti/root_mysql: root cacti/passwords-do-not-match: * cacti/no_automagic: cacti/dbconfig-remove: * cacti/dbconfig-install: true cacti/purge_db: true * cacti/remote/port: cacti/dbconfig-reinstall: false -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#412981: (no subject)
AuthBasicAuthoritative off AuthUserFile /dev/null as additional arguments do the trick for me however, this package seems to be no longer in development one might consider taking a look at http://mod-auth.sourceforge.net/docs/mod_authn_pam/ -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#458610: arpalert: daemon setting from config file ignored
Package: arpalert Version: 2.0.3-1 Severity: normal arpalert init script does not consider daemon=false from config file this should probably be checked for and be put into /etc/default/arpalert anyhow -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-5-486 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages arpalert depends on: ii adduser3.102 Add and remove users and groups ii libc6 2.3.6.ds1-13etch4 GNU C Library: Shared libraries ii libpcap0.8 0.9.5-1 System interface for user-level pa arpalert recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#433268: amavisd-new: comment in configuration file is inaccurate
Package: amavisd-new Version: 1:2.4.2-6.1 Severity: minor In /etc/amavis/conf.d/20-debian_defaults it is mentioned: # Leave empty (undef) to add no header $X_HEADER_LINE = Debian $myproduct_name at $mydomain; This is wrong as the amavisd-new source reads $X_HEADER_TAG = 'X-Virus-Scanned' if !defined $X_HEADER_TAG; $X_HEADER_LINE= $myproduct_name at $mydomain if !defined $X_HEADER_LINE; You have to set one of $X_HEADER_LINE or $X_HEADER_TAG to (empty string) for the header to disappear. Undeffing it does not help. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-4-486 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages amavisd-new depends on: ii adduser 3.102 Add and remove users and groups ii debconf [debconf-2.0]1.5.11 Debian configuration management sy ii file 4.17-5etch1 Determines file type using magic ii libarchive-tar-perl 1.30-2 Archive::Tar - manipulate tar file ii libarchive-zip-perl 1.16-1 Module for manipulation of ZIP arc ii libberkeleydb-perl 0.31-1 use Berkeley DB 4 databases from P ii libcompress-zlib-perl1.42-2 Perl module for creation and manip ii libconvert-tnef-perl 0.17-5 Perl module to read TNEF files ii libconvert-uulib-perl1.06-1 Perl interface to the uulib librar pn libdigest-md5-perl none (no description available) ii libio-stringy-perl 2.110-2 Perl5 modules for IO from scalars ii libmailtools-perl1.74-1 Manipulate email in perl programs pn libmime-base64-perl none (no description available) ii libmime-perl 5.420-0.1 Perl5 modules for MIME-compliant m ii libnet-server-perl 0.94-1 An extensible, general perl server ii libunix-syslog-perl 0.100-5 Perl interface to the UNIX syslog( ii perl [libtime-hires-perl]5.8.8-7 Larry Wall's Practical Extraction ii perl-modules [libnet-perl] 5.8.8-7 Core Perl modules ii postfix [mail-transport-agen 2.3.8-2+b1 A high-performance mail transport amavisd-new recommends no packages. -- debconf information: amavisd-new/outdated_config_style_warning: -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#343233: (no subject)
This seems to be fixed in etch. At least I tried it with the new PHP (4.4, I did NOT try 5.x!) So, anyone try the (original) multiboard method with PHP 5? Anyway, I guess this problem was successfully sat out by the maintainer. Grats :) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
