Ubuntu
logcheck package

package logcheck 1.3.7ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1

Bug #695124 reported by Mario Tomljenović
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
logcheck (Ubuntu)
Invalid
Undecided
Unassigned

Bug Description

Binary package hint: logcheck

I wanted to install harden-nids (network intrusion detection system) package in Synaptic Package Manager, and installation failed.

ProblemType: Package
DistroRelease: Ubuntu 10.04
Package: logcheck 1.3.7ubuntu1
ProcVersionSignature: Ubuntu 2.6.32-27.49-generic 2.6.32.26+drm33.12
Uname: Linux 2.6.32-27-generic i686
NonfreeKernelModules: wl
Architecture: i386
Date: Tue Dec 28 20:44:07 2010
ErrorMessage: subprocess installed post-installation script returned error exit status 1
InstallationMedia: Ubuntu 10.04 LTS "Lucid Lynx" - Release i386 (20100429)
PackageArchitecture: all
SourcePackage: logcheck
Title: package logcheck 1.3.7ubuntu1 failed to install/upgrade: subprocess installed post-installation script returned error exit status 1

Revision history for this message
Mario Tomljenović (tomljenovicmario) wrote :
Revision history for this message
Loïc Minier (lool) wrote :

Setting up logtail (1.3.7ubuntu1) ...
Setting up logcheck (1.3.7ubuntu1) ...
Adding user logcheck to group adm
newaliases: fatal: open /etc/postfix/main.cf: No such file or directory
Password:
chfn: PAM authentication failed
dpkg: error processing logcheck (--configure):
 subprocess installed post-installation script returned error exit status 1

The first message:
newaliases: fatal: open /etc/postfix/main.cf: No such file or directory

seems to indicate that you have a broken newaliaes / postfix configuration (newaliases somehow tries to poke etc/postfix/main.cf which means newaliases is provided by postfix, but somehow it's not there). This would make sense is postfix was being installed in the same dpkg run, but it's not, so I suspect your setup might be broken there?

The second set of messages:
Password:
chfn: PAM authentication failed

suggests that you have a broken PAM configuration: the postinst calls chfn to set the real name of the account in the passwd database:
    chfn -f 'logcheck system account' logcheck
and the postinst runs as root; by default, etc/[pam.d/chfn contains:
auth sufficient pam_rootok.so
[...]
@include common-auth
@include common-account
@include common-session

so it should just accept to run chfn and not prompt you for a password; again, I'm puzzled, did you change your PAM configuration in some way?

Revision history for this message
Mario Tomljenović (tomljenovicmario) wrote :

No I didn´t change anything in PAM configuration.. I wrote my password there (which works always), and it said that PAM authentication failed. I even tried later to install logcheck in Terminal, but got the same output after writing my password in.

Revision history for this message
Loïc Minier (lool) wrote :

Then I personally have no idea; maybe you installed a package which changed some files like chfn to not be SUID root, or which changes PAM permissions

Revision history for this message
Mario Tomljenović (tomljenovicmario) wrote :

Well I installed Snort by these instructions:

http://www.snort.org/assets/158/Ubuntu-snortinstallguide2903.pdf

So now I have one more user on my Ubuntu system - Snort user. Maybe that is the problem?

Revision history for this message
Lou Ruppert (louferd) wrote :

It doesn't appear that this is a bug with logcheck, which is what this is filed under. It appears to be more of a support request. Is there anything more that can be done on it, or can it be closed?

Revision history for this message
Mario Tomljenović (tomljenovicmario) wrote :

I think it can be closed.

Loïc Minier (lool)
Changed in logcheck (Ubuntu):
status: New → Invalid
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.