checksecurity: Doesn't seem to install cleanly.
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
checksecurity (Debian) |
Fix Released
|
Unknown
|
|||
checksecurity (Ubuntu) |
Invalid
|
Medium
|
Unassigned |
Bug Description
Automatically imported from Debian bug report #299811 http://
In Debian Bug tracker #299811, Justin Pryzby (justinpryzby-users) wrote : tagging 299811 | #1 |
In Debian Bug tracker #299811, Justin Pryzby (justinpryzby-users) wrote : checksecurity bug | #2 |
I was able to upgrade then purge, then reinstall sid's new
checksecurity. So, I think it would be useful if you could make the
postinst set -x and reconfigure it to point out where the problem is.
Thanks,
Justin
Debian Bug Importer (debzilla) wrote : | #3 |
Automatically imported from Debian bug report #299811 http://
Debian Bug Importer (debzilla) wrote : | #4 |
Message-ID: <20050316175526
Date: Wed, 16 Mar 2005 18:55:27 +0100
From: Uwe Hermann <email address hidden>
To: Debian Bug Tracking System <email address hidden>
Subject: checksecurity: Doesn't seem to install cleanly.
Package: checksecurity
Version: 2.0.7-2
Severity: grave
Justification: renders package unusable
I tried to install checksecurity today, and this is what I got:
# apt-get install checksecurity
Reading Package Lists... Done
Building Dependency Tree... Done
Suggested packages:
apt-watch cron-apt
Recommended packages:
tripwire integrit aide samhain fcheck
The following NEW packages will be installed:
checksecurity
0 upgraded, 1 newly installed, 0 to remove and 121 not upgraded.
Need to get 19.9kB of archives.
After unpacking 168kB of additional disk space will be used.
Get:1 http://
[19.9kB]
Fetched 19.9kB in 0s (21.6kB/s)
Preconfiguring packages ...
Selecting previously deselected package checksecurity.
(Reading database ... 200154 files and directories currently installed.)
Unpacking checksecurity (from .../checksecuri
Setting up checksecurity (2.0.7-2) ...
dpkg: error processing checksecurity (--configure):
subprocess post-installation script returned error exit status 1
Errors were encountered while processing:
checksecurity
E: Sub-process /usr/bin/dpkg returned an error code (1)
I haven't looked further into it, but if you need more information I'll
happily provide it.
Uwe.
--
Uwe Hermann <email address hidden>
http://
http://
http://
In Debian Bug tracker #299811, Javier Fernández-Sanguino (jfs) wrote : Re: Bug#299811: checksecurity: Doesn't seem to install cleanly. | #5 |
tags 299811 moreinfo unreproducible
thanks
> I tried to install checksecurity today, and this is what I got:
(...)
> Unpacking checksecurity (from .../checksecuri
> Setting up checksecurity (2.0.7-2) ...
> dpkg: error processing checksecurity (--configure):
> subprocess post-installation script returned error exit status 1
> Errors were encountered while processing:
> checksecurity
> E: Sub-process /usr/bin/dpkg returned an error code (1)
>
>
> I haven't looked further into it, but if you need more information I'll
> happily provide it.
Yes, please, I cannot reproduce this. Can you please do this?
# export DEBCONF_
# apt-get install --reinstall checksecurity
And if that fails, run this and provide the output here:
# debconf --frontend=readline sh -x \
/var/lib/
Thanks
Javier
In Debian Bug tracker #299811, Javier Fernández-Sanguino (jfs) wrote : Re: Bug#299811: checksecurity bug | #6 |
On Wed, Mar 16, 2005 at 01:21:34PM -0500, Justin Pryzby wrote:
> I was able to upgrade then purge, then reinstall sid's new
> checksecurity. So, I think it would be useful if you could make the
> postinst set -x and reconfigure it to point out where the problem is.
That might work too, but I suggested previously running the script through
debconf with DEBUG on to see what's going on.
Regards
Javier
Debian Bug Importer (debzilla) wrote : | #7 |
Message-Id: <E1DBd5Y-
Date: Wed, 16 Mar 2005 13:17:47 -0500
From: Justin Pryzby <email address hidden>
To: <email address hidden>
Subject: tagging 299811
# Automatically generated email from bts, devscripts version 2.8.10
tags 299811 sid
Debian Bug Importer (debzilla) wrote : | #8 |
Message-ID: <20050316182134
Date: Wed, 16 Mar 2005 13:21:34 -0500
From: Justin Pryzby <email address hidden>
To: <email address hidden>
Subject: checksecurity bug
I was able to upgrade then purge, then reinstall sid's new
checksecurity. So, I think it would be useful if you could make the
postinst set -x and reconfigure it to point out where the problem is.
Thanks,
Justin
Debian Bug Importer (debzilla) wrote : | #9 |
Message-ID: <email address hidden>
Date: Wed, 16 Mar 2005 19:47:24 +0100
From: Javier =?iso-8859-
To: Uwe Hermann <email address hidden>, <email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#299811: checksecurity: Doesn't seem to install cleanly.
--jI8keyz6grp/JLjh
Content-Type: text/plain; charset=us-ascii
Content-
Content-
tags 299811 moreinfo unreproducible
thanks
> I tried to install checksecurity today, and this is what I got:
(...)
> Unpacking checksecurity (from .../checksecuri
> Setting up checksecurity (2.0.7-2) ...
> dpkg: error processing checksecurity (--configure):
> subprocess post-installation script returned error exit status 1
> Errors were encountered while processing:
> checksecurity
> E: Sub-process /usr/bin/dpkg returned an error code (1)
>=20
>=20
> I haven't looked further into it, but if you need more information I'll
> happily provide it.
Yes, please, I cannot reproduce this. Can you please do this?
# export DEBCONF_
# apt-get install --reinstall checksecurity
And if that fails, run this and provide the output here:
# debconf --frontend=
/var/lib/
Thanks
Javier
--jI8keyz6grp/JLjh
Content-Type: application/
Content-
Content-
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (GNU/Linux)
iD8DBQFCOH88i4s
sFEf2sT8JlhA+
=fTkt
-----END PGP SIGNATURE-----
--jI8keyz6grp/
Debian Bug Importer (debzilla) wrote : | #10 |
Message-ID: <email address hidden>
Date: Wed, 16 Mar 2005 19:49:29 +0100
From: Javier =?iso-8859-
To: Justin Pryzby <email address hidden>,
<email address hidden>
Cc: <email address hidden>
Subject: Re: Bug#299811: checksecurity bug
On Wed, Mar 16, 2005 at 01:21:34PM -0500, Justin Pryzby wrote:
> I was able to upgrade then purge, then reinstall sid's new
> checksecurity. So, I think it would be useful if you could make the
> postinst set -x and reconfigure it to point out where the problem is.
That might work too, but I suggested previously running the script through
debconf with DEBUG on to see what's going on.
Regards
Javier
Matt Zimmerman (mdz) wrote : | #11 |
Not pretty, but it does install in Hoary:
(Reading database ... 143525 files and directories currently installed.)
Unpacking checksecurity (from .../checksecuri
Setting up checksecurity (2.0.7-1) ...
mv: cannot stat `/var/log/
mv: cannot stat `/var/log/
mv: cannot stat `/var/log/
mv: cannot stat `/var/log/
In Debian Bug tracker #299811, Uwe Hermann (uwe-hermann-uwe) wrote : Re: Bug#299811: checksecurity: Doesn't seem to install cleanly. | #12 |
Hi,
On Wed, Mar 16, 2005 at 07:47:24PM +0100, Javier Fernández-Sanguino Peña wrote:
> Yes, please, I cannot reproduce this. Can you please do this?
>
> # export DEBCONF_
> # apt-get install --reinstall checksecurity
Reinstalling works without errors. I did some debugging and came up with a
patch. The problem is this snippet in postinst:
if [ ! -d /var/log/setuid ]; then
mkdir -m 750 /var/log/setuid
chown root:adm /var/log/setuid || true
for file in /var/log/
/var/log/
[ -e $file ] && mv $file /var/log/setuid
done
fi
The [ -e $file ] has a return code of 1 if the given files don't exist.
This return code seems to become the return code of the whole postinst
script, later. Here's my proposed fix, which works for me (tm):
--- postinst 2005-03-16 23:27:57.000000000 +0100
+++ postinst.new 2005-03-16 23:28:26.000000000 +0100
@@ -19,7 +19,9 @@
chown root:adm /var/log/setuid || true
for file in /var/log/
/var/log/
- [ -e $file ] && mv $file /var/log/setuid
+ if [ -e $file ]; then
+ mv $file /var/log/setuid
+ fi
done
fi
HTH, Uwe.
--
Uwe Hermann <email address hidden>
http://
http://
http://
Debian Bug Importer (debzilla) wrote : | #13 |
Message-ID: <20050316223830
Date: Wed, 16 Mar 2005 23:38:30 +0100
From: Uwe Hermann <email address hidden>
To: Javier =?iso-8859-
Cc: <email address hidden>
Subject: Re: Bug#299811: checksecurity: Doesn't seem to install cleanly.
Hi,
On Wed, Mar 16, 2005 at 07:47:24PM +0100, Javier Fern=E1ndez-
a wrote:
> Yes, please, I cannot reproduce this. Can you please do this?
>=20
> # export DEBCONF_
> # apt-get install --reinstall checksecurity
Reinstalling works without errors. I did some debugging and came up with =
a
patch. The problem is this snippet in postinst:
if [ ! -d /var/log/setuid ]; then
mkdir -m 750 /var/log/setuid
chown root:adm /var/log/setuid || true
for file in /var/log/
/var/log/
[ -e $file ] && mv $file /var/log/setuid
done
fi
The [ -e $file ] has a return code of 1 if the given files don't exist.
This return code seems to become the return code of the whole postinst
script, later. Here's my proposed fix, which works for me (tm):
--- postinst 2005-03-16 23:27:57.000000000 +0100
+++ postinst.new 2005-03-16 23:28:26.000000000 +0100
@@ -19,7 +19,9 @@
chown root:adm /var/log/setuid || true
for file in /var/log/
/var/log/
- [ -e $file ] && mv $file /var/log/setuid=20
+ if [ -e $file ]; then
+ mv $file /var/log/setuid
+ fi
done
fi
HTH, Uwe.
--=20
Uwe Hermann <email address hidden>
http://
http://
http://
In Debian Bug tracker #299811, Javier Fernández-Sanguino (jfs) wrote : Bug#299811: fixed in checksecurity 2.0.7-3 | #14 |
Source: checksecurity
Source-Version: 2.0.7-3
We believe that the bug you reported is fixed in the latest version of
checksecurity, which is due to be installed in the Debian FTP archive:
checksecurity_
to pool/main/
checksecurity_
to pool/main/
checksecurity_
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <email address hidden> (supplier of updated checksecurity package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 17 Mar 2005 01:19:29 +0100
Source: checksecurity
Binary: checksecurity
Architecture: source all
Version: 2.0.7-3
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <email address hidden>
Changed-By: Javier Fernandez-Sanguino Pen~a <email address hidden>
Description:
checksecurity - basic system security checks
Closes: 299811
Changes:
checksecurity (2.0.7-3) unstable; urgency=low
.
* Fix postinst's check for files so that the return code is always
true, have the script run with -e and add also an 'exit 0'
return status in any case. (Closes: #299811)
Files:
78ab376507ee99
dbbc7f8d278c60
c008166d9ea724
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iQCVAwUBQjjNnPt
SxkNOBI96vb103Z
5TxTEIMFw8/
jpHWV2D/xxc=
=6cKf
-----END PGP SIGNATURE-----
Debian Bug Importer (debzilla) wrote : | #15 |
Message-Id: <email address hidden>
Date: Wed, 16 Mar 2005 19:47:06 -0500
From: Javier Fernandez-Sanguino Pen~a <email address hidden>
To: <email address hidden>
Subject: Bug#299811: fixed in checksecurity 2.0.7-3
Source: checksecurity
Source-Version: 2.0.7-3
We believe that the bug you reported is fixed in the latest version of
checksecurity, which is due to be installed in the Debian FTP archive:
checksecurity_
to pool/main/
checksecurity_
to pool/main/
checksecurity_
to pool/main/
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to <email address hidden>,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Javier Fernandez-Sanguino Pen~a <email address hidden> (supplier of updated checksecurity package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing <email address hidden>)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 17 Mar 2005 01:19:29 +0100
Source: checksecurity
Binary: checksecurity
Architecture: source all
Version: 2.0.7-3
Distribution: unstable
Urgency: low
Maintainer: Javier Fernandez-Sanguino Pen~a <email address hidden>
Changed-By: Javier Fernandez-Sanguino Pen~a <email address hidden>
Description:
checksecurity - basic system security checks
Closes: 299811
Changes:
checksecurity (2.0.7-3) unstable; urgency=low
.
* Fix postinst's check for files so that the return code is always
true, have the script run with -e and add also an 'exit 0'
return status in any case. (Closes: #299811)
Files:
78ab376507ee99
dbbc7f8d278c60
c008166d9ea724
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iQCVAwUBQjjNnPt
SxkNOBI96vb103Z
5TxTEIMFw8/
jpHWV2D/xxc=
=6cKf
-----END PGP SIGNATURE-----
Matt Zimmerman (mdz) wrote : | #16 |
Looks like the bug was introduced with the code to avoid those ugly errors, so
we don't have the bug
Changed in checksecurity: | |
status: | Unknown → Fix Released |
# Automatically generated email from bts, devscripts version 2.8.10
tags 299811 sid