Package: release.debian.org Severity: normal User: release.debian....@packages.debian.org Usertags: unblock
Hi, I'd like to request an unblock for fusionforge/5.0.2-4, which is just a cherry-pick of two bugfixes from upstream. The first one is actually a fix for a regression introduced by 5.0.2-3 (#601573), where a check for validity of a variable was done before the variable was defined. The second is a fix for yet another after-effect of the gforge->fusionforge rename: the users used by NSS and the MTA integration were previously gforge_nss and gforge_mta, and they're now fusionforge_nss/mta. Actually, they're ${db_user}_nss and _mta, which amounts to fusionforge_* on new installations but stays gforge_* on upgrades. This patch completes the transition so whatever the value is, it's the same everywhere it's used. This fixes email forwarding (including mailing-lists) and shell authentication (which unbreaks the source control tools that need SSH). Debdiff follows: 7 files changed, 55 insertions(+), 16 deletions(-). Thanks, Roland.
diff -u fusionforge-5.0.2/deb-specific/create-mailing-lists.pl fusionforge-5.0.2/deb-specific/create-mailing-lists.pl --- fusionforge-5.0.2/deb-specific/create-mailing-lists.pl +++ fusionforge-5.0.2/deb-specific/create-mailing-lists.pl @@ -47,12 +47,12 @@ my ($group_list_id, $listname, $user_name, $password, $description, $is_public) ; my ($tmp) ; + ($group_list_id, $listname, $user_name, $password, $description, $is_public)= @array ; next if $listname eq '' ; next if $listname eq '.' ; next if $listname eq '..' ; next if $listname !~ /^[a-z0-9\-_\.]*$/ ; - ($group_list_id, $listname, $user_name, $password, $description, $is_public)= @array ; my $cmd = "/usr/sbin/newlist -q $listname $user_na...@$sys_users_host $password >/dev/null 2>&1" ; #print "cmd = <$cmd>\n" ; system ($cmd) ; @@ -125,12 +125,12 @@ my ($group_list_id, $listname, $user_name, $password, $description, $is_public) ; my ($tmp) ; + ($group_list_id, $listname, $user_name, $password, $description, $is_public)= @array ; next if $listname eq '' ; next if $listname eq '.' ; next if $listname eq '..' ; next if $listname !~ /^[a-z0-9\-_\.]*$/ ; - ($group_list_id, $listname, $user_name, $password, $description, $is_public)= @array ; my $cmd = "/usr/lib/mailman/bin/change_pw -l $listname >/dev/null 2>&1" ; system ($cmd) ; diff -u fusionforge-5.0.2/deb-specific/install-postfix.sh fusionforge-5.0.2/deb-specific/install-postfix.sh --- fusionforge-5.0.2/deb-specific/install-postfix.sh +++ fusionforge-5.0.2/deb-specific/install-postfix.sh @@ -75,8 +75,8 @@ # keep it in an appropriate position, where \"appropriate\" is defined by you. pgsql_gforge_users_hosts = unix:/var/run/postgresql -pgsql_gforge_users_user = gforge_mta -pgsql_gforge_users_password = gforge_mta +pgsql_gforge_users_user = ${sys_dbuser}_mta +pgsql_gforge_users_password = ${sys_dbuser}_mta pgsql_gforge_users_dbname = $sys_dbname pgsql_gforge_users_domain = users.$domain_name pgsql_gforge_users_query = SELECT email FROM mta_users WHERE login = '\''%u'\'' diff -u fusionforge-5.0.2/deb-specific/install-db.sh fusionforge-5.0.2/deb-specific/install-db.sh --- fusionforge-5.0.2/deb-specific/install-db.sh +++ fusionforge-5.0.2/deb-specific/install-db.sh @@ -115,7 +115,7 @@ rm -f $cur cur=$(mktemp /tmp/$pattern) - perl -e "open F, \"${pg_hba_dir}/pg_hba.conf.gforge-new\" or die \$!; undef \$/; \$l=<F>; \$l=~ s/^### BEGIN GFORGE BLOCK -- DO NOT EDIT.*### END GFORGE BLOCK -- DO NOT EDIT\$/### BEGIN GFORGE BLOCK -- DO NOT EDIT\nlocal $db_name $db_user md5\nlocal $db_name gforge_nss trust\nlocal $db_name gforge_mta md5\n### END GFORGE BLOCK -- DO NOT EDIT/ms; print \$l;" > $cur + perl -e "open F, \"${pg_hba_dir}/pg_hba.conf.gforge-new\" or die \$!; undef \$/; \$l=<F>; \$l=~ s/^### BEGIN GFORGE BLOCK -- DO NOT EDIT.*### END GFORGE BLOCK -- DO NOT EDIT\$/### BEGIN GFORGE BLOCK -- DO NOT EDIT\nlocal $db_name $db_user md5\nlocal $db_name ${db_user}_nss trust\nlocal $db_name ${db_user}_mta md5\n### END GFORGE BLOCK -- DO NOT EDIT/ms; print \$l;" > $cur cat $cur > ${pg_hba_dir}/pg_hba.conf.gforge-new rm -f $cur @@ -148,7 +148,7 @@ fi if su -s /bin/sh postgres -c "/usr/bin/psql template1" 1> $tmp1 2> $tmp2 <<-EOF SET LC_MESSAGES = 'C' ; -CREATE USER gforge_nss WITH PASSWORD 'gforge_nss' ; +CREATE USER ${db_user}_nss WITH PASSWORD '${db_user}_nss' ; EOF then rm -f $tmp1 $tmp2 @@ -166,7 +166,7 @@ fi if su -s /bin/sh postgres -c "/usr/bin/psql template1" 1> $tmp1 2> $tmp2 <<-EOF SET LC_MESSAGES = 'C' ; -CREATE USER gforge_mta WITH PASSWORD 'gforge_mta' ; +CREATE USER ${db_user}_mta WITH PASSWORD '${db_user}_mta' ; EOF then rm -f $tmp1 $tmp2 diff -u fusionforge-5.0.2/utils/install-nsspgsql.sh fusionforge-5.0.2/utils/install-nsspgsql.sh --- fusionforge-5.0.2/utils/install-nsspgsql.sh +++ fusionforge-5.0.2/utils/install-nsspgsql.sh @@ -59,7 +59,7 @@ ### NSS Configuration for Gforge #----------------- DB connection -shadowconnectionstring = user=gforge_nss dbname=$db_name +shadowconnectionstring = user=$db_user_nss dbname=$db_name #----------------- NSS queries shadowbyname = SELECT login AS shadow_name, passwd AS shadow_passwd, 14087 AS shadow_lstchg, 0 AS shadow_min, 99999 AS shadow_max, 7 AS shadow_warn, '' AS shadow_inact, '' AS shadow_expire, '' AS shadow_flag FROM nss_passwd WHERE login = \$1 diff -u fusionforge-5.0.2/debian/changelog fusionforge-5.0.2/debian/changelog --- fusionforge-5.0.2/debian/changelog +++ fusionforge-5.0.2/debian/changelog @@ -1,3 +1,12 @@ +fusionforge (5.0.2-4) unstable; urgency=low + + * Fixed logic in create-mailing-lists.pl script, allowing it to actually + run (closes: #601573). + * Also fixed the database credentials used for NSS and email forwarding + in new installations (gforge_nss/mta -> fusionforge_nss/mta). + + -- Roland Mas <lola...@debian.org> Fri, 29 Oct 2010 11:55:13 +0200 + fusionforge (5.0.2-3) unstable; urgency=medium * Fixed Mediawiki creation script so it uses the appropriate database only in patch2: unchanged: --- fusionforge-5.0.2.orig/deb-specific/db-upgrade.pl +++ fusionforge-5.0.2/deb-specific/db-upgrade.pl @@ -1848,9 +1848,9 @@ if (&is_lesser ($version, $target)) { &debug ("Granting read access permissions to NSS") ; - @reqlist = ( "GRANT SELECT ON nss_passwd TO gforge_nss", - "GRANT SELECT ON nss_groups TO gforge_nss", - "GRANT SELECT ON nss_usergroups TO gforge_nss", + @reqlist = ( "GRANT SELECT ON nss_passwd TO ${sys_dbuser}_nss", + "GRANT SELECT ON nss_groups TO ${sys_dbuser}_nss", + "GRANT SELECT ON nss_usergroups TO ${sys_dbuser}_nss", ) ; foreach my $s (@reqlist) { $query = $s ; @@ -1883,8 +1883,8 @@ &debug ("Granting read access permissions to NSS") ; - @reqlist = ( "GRANT SELECT ON mta_users TO gforge_mta", - "GRANT SELECT ON mta_lists TO gforge_mta", + @reqlist = ( "GRANT SELECT ON mta_users TO ${sys_dbuser}_mta", + "GRANT SELECT ON mta_lists TO ${sys_dbuser}_mta", ) ; foreach my $s (@reqlist) { $query = $s ; @@ -2124,6 +2124,7 @@ @reqlist = @{ &parse_sql_file ("$sqldir/20050214-nss.sql") } ; foreach my $s (@reqlist) { $query = $s ; + $query =~ s/TO gforge_nss;/TO ${sys_dbuser}_nss;/ ; # debug $query ; $sth = $dbh->prepare ($query) ; $sth->execute () ; @@ -2164,6 +2165,7 @@ @reqlist = @{ &parse_sql_file ("$sqldir/20050225-nsssetup.sql") } ; foreach my $s (@reqlist) { $query = $s ; + $query =~ s/TO gforge_nss;/TO ${sys_dbuser}_nss;/ ; # debug $query ; $sth = $dbh->prepare ($query) ; $sth->execute () ; @@ -2902,8 +2904,36 @@ &debug ("Committing.") ; $dbh->commit () ; } + + &update_with_sql("20100308-forum-attachment-types","4.8.99-6"); + + $version = &get_db_version ; + $target = "4.8.99-7" ; + if (&is_lesser ($version, $target)) { + &debug ("Granting read access permissions to NSS and MTA") ; + + @reqlist = ( "GRANT SELECT ON nss_passwd TO ${sys_dbuser}_nss", + "GRANT SELECT ON nss_groups TO ${sys_dbuser}_nss", + "GRANT SELECT ON nss_usergroups TO ${sys_dbuser}_nss", + "GRANT SELECT ON mta_users TO ${sys_dbuser}_mta", + "GRANT SELECT ON mta_lists TO ${sys_dbuser}_mta", + ) ; + foreach my $s (@reqlist) { + $query = $s ; + # debug $query ; + $sth = $dbh->prepare ($query) ; + $sth->execute () ; + $sth->finish () ; + } + @reqlist = () ; + + &update_db_version ($target) ; + &debug ("Committing.") ; + $dbh->commit () ; + } + + - &update_with_sql("20100308-forum-attachment-types","4.8.99-6"); ########################### INSERT HERE ################################# only in patch2: unchanged: --- fusionforge-5.0.2.orig/deb-specific/install-exim4.sh +++ fusionforge-5.0.2/deb-specific/install-exim4.sh @@ -72,9 +72,9 @@ while (($l = <>) !~ /^\s*domainlist\s*local_domains/) { print $l; $seen_gf_domains = 1 if ($l =~ /\s*GFORGE_DOMAINS=/); - $seen_pg_servers = 1 if ($l =~ m,hide pgsql_servers = .*$sys_dbhost.*/gforge_mta,); + $seen_pg_servers = 1 if ($l =~ m,hide pgsql_servers = .*$sys_dbhost.*/${sys_dbuser}_mta,); }; -print "hide pgsql_servers = (/var/run/postgresql/.s.PGSQL.5432)/mail/Debian-exim/bogus:$sys_dbhost/$sys_dbname/gforge_mta/gforge_mta\n" unless $seen_pg_servers; +print "hide pgsql_servers = (/var/run/postgresql/.s.PGSQL.5432)/mail/Debian-exim/bogus:(/var/run/postgresql/.s.PGSQL.5432)/$sys_dbname/${sys_dbuser}_mta/${sys_dbuser}_mta\n" unless $seen_pg_servers; print "GFORGE_DOMAINS=$sys_users_host:$sys_lists_host\n" unless $seen_gf_domains; chomp $l; $l .= ":GFORGE_DOMAINS" unless ($l =~ /^[^#]*GFORGE_DOMAINS/);
-- System Information: Debian Release: squeeze/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core) Locale: LANG=fr_FR.utf8, LC_CTYPE=fr_FR.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash -- Roland Mas C'est un type qui rentre dans un café. Plouf.