Bug#531666: ferm: postinst script creates not enough symlink to rc script
I'm a bit confused. A host was rebooted yesterday and ferm did not start even with these links: /etc$ ls -l rc*.d/*ferm* lrwxrwxrwx 1 root root 14 Jun 3 09:13 rc0.d/K20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Jun 3 09:13 rc1.d/K20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Jun 3 09:13 rc2.d/S20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Jun 3 09:13 rc3.d/S20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Jun 3 09:13 rc4.d/S20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Jun 3 09:13 rc5.d/S20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Jun 3 09:13 rc6.d/K20ferm -> ../init.d/ferm /etc$ The problem should be more deeper I think first time. Gabor -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#531666: ferm: postinst script creates not enough symlink to rc script
Hi Max, > > However in new installs we got this: > > > > /etc$ ls -l rc*.d/*ferm* > > lrwxrwxrwx 1 root root 14 Mar 13 10:15 rc0.d/S36ferm -> ../init.d/ferm > > lrwxrwxrwx 1 root root 14 Mar 13 10:15 rc6.d/S36ferm -> ../init.d/ferm > > lrwxrwxrwx 1 root root 14 Mar 13 10:15 rcS.d/S41ferm -> ../init.d/ferm > > /etc$ > > > > This may cause that after a normal boot (i.e runlevel=2) iptables are empty. > > The init script probably does not run at all. > > Are you sure this is actually a problem? According to init(8), Yes I'm afraid. > runlevel "S" is initialized on bootup, before entering other > runlevels. There is rcS.d/S41ferm. OK. I just know that after bootup "iptables -L -v" showed empty rules. However it worked well after I reorganized sylinks. Have you any idea why this happened? :-) Actually I have no machine with ferm that I may reboot. (All of them are in production.) Could you insert some diagnostic code into the startup script and test it? I mean something like this: date >> /var/log/ferm.init.log echo -n "Runs as $0 $@ at runlevel " >> /var/log/ferm.init.log who -r >> /var/log/ferm.init.log Regards Gabor -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#531666: ferm: postinst script creates not enough symlink to rc script
On 2009/06/03 09:08, Gabor Kiss wrote: > However in new installs we got this: > > /etc$ ls -l rc*.d/*ferm* > lrwxrwxrwx 1 root root 14 Mar 13 10:15 rc0.d/S36ferm -> ../init.d/ferm > lrwxrwxrwx 1 root root 14 Mar 13 10:15 rc6.d/S36ferm -> ../init.d/ferm > lrwxrwxrwx 1 root root 14 Mar 13 10:15 rcS.d/S41ferm -> ../init.d/ferm > /etc$ > > This may cause that after a normal boot (i.e runlevel=2) iptables are empty. > The init script probably does not run at all. Are you sure this is actually a problem? According to init(8), runlevel "S" is initialized on bootup, before entering other runlevels. There is rcS.d/S41ferm. Max -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#531666: ferm: postinst script creates not enough symlink to rc script
Package: ferm Version: 2.0.3-1 Severity: important ferm.postinst of version 2.0.3-1 contains this: # Automatically added by dh_installinit if [ -x "/etc/init.d/ferm" ]; then update-rc.d ferm start 41 S . start 36 0 6 . >/dev/null Meanwhile the previous version was: # Automatically added by dh_installinit if [ -x "/etc/init.d/ferm" ]; then update-rc.d ferm defaults >/dev/null 1.2.2-1 created the following symlinks after installation: /etc# ls -l rc*.d/*ferm* lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc0.d/K20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc1.d/K20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc2.d/S20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc3.d/S20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc4.d/S20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc5.d/S20ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Apr 28 10:37 rc6.d/K20ferm -> ../init.d/ferm /etc# After a 1.2.2-1 -> 2.0.3-1 upgrade symlinks remain intact, everybody is happy. However in new installs we got this: /etc$ ls -l rc*.d/*ferm* lrwxrwxrwx 1 root root 14 Mar 13 10:15 rc0.d/S36ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Mar 13 10:15 rc6.d/S36ferm -> ../init.d/ferm lrwxrwxrwx 1 root root 14 Mar 13 10:15 rcS.d/S41ferm -> ../init.d/ferm /etc$ This may cause that after a normal boot (i.e runlevel=2) iptables are empty. The init script probably does not run at all. !!! Systems with newly installed ferm are vulnerable. !!! Gabor -- System Information: Debian Release: 5.0.1 APT prefers proposed-updates APT policy: (500, 'proposed-updates'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores) Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/bash -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
