Bug#996875: aide: 31_aide_spamassassin needs update for SpamAssassin 3.4.6
On Mon, Dec 13, 2021 at 08:50:13PM +0100, Marc Haber wrote: > I have committed the change to git. I have written a new rule that is a bit sophisticated which calls dpkg-query to find out which version of spamassassin is installed, mangles the number into the correct format and uses that as input for the proper rules. Things will be in the next upload in the new year. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Bug#996875: aide: 31_aide_spamassassin needs update for SpamAssassin 3.4.6
On Mon, Dec 13, 2021 at 08:50:13PM +0100, Marc Haber wrote: > I have committed the change to git. I have also made it easier to override the Spamassassin Version Number from an earlier configuration file or snippet. That way, local admins can establish local measures to keep up with Spamassassin versioning. Greetings Marc
Bug#996875: aide: 31_aide_spamassassin needs update for SpamAssassin 3.4.6
On Mon, Dec 13, 2021 at 10:08:46PM +0200, Rimas Kudelis wrote: > 2021-12-13 21:50, Marc Haber rašė: > > It would be a good idea if the packages would deliver their own aide > > rules, as they are probably easier to update for the respective package > > maintainers. A file /etc/aide/aide.conf.d/31_spamassassin delivered by > > the spamassassin package will automatically be used by aide. See > > /usr/share/doc/aide-common/README.Debian.gz for details. > > I doubt other package maintainers would want to keep up with (potential) > changes in Aide (or any other packages) either. I guess for them it would be > just as much hassle as it is for you. Package maintainers generally know better about when changes in their packages happen. But I guess that's the same problem like for SELinux policies and AppArmor stuff, people just don't do it. > In case of SpamAssassin, I would suggest to just use a more generic > file/directory mask, which wouldn't be tied to one specific version of > SpamAssassin and wouldn't require you to keep watching for its minor > updates. That would however open up entire namespaces for attackers to use and hude. We're trying hard not to do that. > Also, maybe subscribing to new version notifications of packages for which > you provide Aide configs could be a viable option as well? Sorry. I'll think about that when we have invented the 36 hour day. It's not a problem of being informed, it's a problem of doing the work. Feel free to join and to contribute. The team could really use somebody who has the time and motivation to care about stable. Greetings Marc -- - Marc Haber | "I don't trust Computers. They | Mailadresse im Header Leimen, Germany| lose things."Winona Ryder | Fon: *49 6224 1600402 Nordisch by Nature | How to make an American Quilt | Fax: *49 6224 1600421
Bug#996875: aide: 31_aide_spamassassin needs update for SpamAssassin 3.4.6
tags #996875 confirmed pending thanks On Wed, Oct 20, 2021 at 09:15:00AM +0300, Rimas Kudelis wrote: > SpamAssassin stores its files in a version-dependent subdirectory of > /var/lib/spamassassin. > Currently, 31_aide_spamassassin contains the following line: > @@define SABASE var/lib/spamassassin/3.004002 > > This line targets SpamAssassin 3.4.2 specifically, however, the package has > already been updated to a newer version in several Debian releases: > - buster-backports has 3.4.4 > - bullseye, bookworm and sid has 3.4.6 > - experimental has 4.0.0 (let's ignore this for now) I have committed the change to git. Unfortunately, the Debian aide maintainers not not have the capacity to keep all package rules current in time. Usually, we notice changes in packages after the release, which is too late. It would be a good idea if the packages would deliver their own aide rules, as they are probably easier to update for the respective package maintainers. A file /etc/aide/aide.conf.d/31_spamassassin delivered by the spamassassin package will automatically be used by aide. See /usr/share/doc/aide-common/README.Debian.gz for details. Greetings Marc
Bug#996875: aide: 31_aide_spamassassin needs update for SpamAssassin 3.4.6
Package: aide Version: 0.17.3-4+b2 Severity: normal Dear Maintainer, SpamAssassin stores its files in a version-dependent subdirectory of /var/lib/spamassassin. Currently, 31_aide_spamassassin contains the following line: @@define SABASE var/lib/spamassassin/3.004002 This line targets SpamAssassin 3.4.2 specifically, however, the package has already been updated to a newer version in several Debian releases: - buster-backports has 3.4.4 - bullseye, bookworm and sid has 3.4.6 - experimental has 4.0.0 (let's ignore this for now) This means that the supplied configuration is currently only useful with buster, but doesn't work with buster-backports and post-buster releases. Please update the file accordingly. Thanks and cheers! -- System Information: Debian Release: 11.1 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable-security'), (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 5.10.0-9-amd64 (SMP w/2 CPU threads) Locale: LANG=lt_LT.UTF-8, LC_CTYPE=lt_LT.UTF-8 (charmap=UTF-8), LANGUAGE not set Shell: /bin/sh linked to /usr/bin/bash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled aide depends on no packages. Versions of packages aide recommends: ii aide-common 0.17.3-4 Versions of packages aide suggests: pn figlet -- no debconf information
