Todd Troxell
2004-Dec-26 08:51 UTC
[Logcheck-devel] Bug#287237: logcheck: Permissions, dh_installlogcheck
Package: logcheck Version: 1.2.32 Severity: normal This report is mostly my notes, so I can consider possible solutions. I've gained some insight into our previous permissions problems, and discovered a new bug at the same time. Rules installed via dh_installlogcheck after install of logcheck will have incorrect permissions. This is obvious when looking at the way dh_installlogcheck operates: for directories: doit("install","-m",700,"-o",0,"-g",0,"-d","$tmp/etc/logcheck/$type"); for rulefiles: doit("install","-m",644,$logcheck,"$tmp/etc/logcheck/$type/$package"); I will be looking at this in the coming days. Input, solutions, and patches are appreciated, as always. :> -Todd
Debian Bug Tracking System
2005-Jan-08 10:33 UTC
[Logcheck-devel] Bug#287237: marked as done (logcheck: Permissions, dh_installlogcheck)
Your message dated Sat, 08 Jan 2005 05:17:05 -0500 with message-id <E1CnDeb-0004JS-00 at newraff.debian.org> and subject line Bug#287237: fixed in logcheck 1.2.33 has caused the attached Bug report to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database) -------------------------------------- Received: (at submit) by bugs.debian.org; 26 Dec 2004 08:51:25 +0000>From xtat at rapidpacket.com Sun Dec 26 00:51:25 2004Return-path: <xtat at rapidpacket.com> Received: from io.rapidpacket.com (caffeine.rapidpacket.com) [69.55.227.50] (Debian-exim) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1CiU7Z-00015S-00; Sun, 26 Dec 2004 00:51:25 -0800 Received: from xtat by caffeine.rapidpacket.com with local (Exim 4.34) id 1CiU7Y-0005ZX-RR; Sun, 26 Dec 2004 03:51:24 -0500 Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: Todd Troxell <ttroxell at debian.org> To: Debian Bug Tracking System <submit at bugs.debian.org> Subject: logcheck: Permissions, dh_installlogcheck X-Mailer: reportbug 3.2 Date: Sun, 26 Dec 2004 03:51:24 -0500 Message-Id: <E1CiU7Y-0005ZX-RR at caffeine.rapidpacket.com> Sender: Todd Troxell <xtat at rapidpacket.com> Delivered-To: submit at bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE autolearn=no version=2.60-bugs.debian.org_2004_03_25 X-Spam-Level: Package: logcheck Version: 1.2.32 Severity: normal This report is mostly my notes, so I can consider possible solutions. I've gained some insight into our previous permissions problems, and discovered a new bug at the same time. Rules installed via dh_installlogcheck after install of logcheck will have incorrect permissions. This is obvious when looking at the way dh_installlogcheck operates: for directories: doit("install","-m",700,"-o",0,"-g",0,"-d","$tmp/etc/logcheck/$type"); for rulefiles: doit("install","-m",644,$logcheck,"$tmp/etc/logcheck/$type/$package"); I will be looking at this in the coming days. Input, solutions, and patches are appreciated, as always. :> -Todd --------------------------------------- Received: (at 287237-close) by bugs.debian.org; 8 Jan 2005 10:21:38 +0000>From katie at ftp-master.debian.org Sat Jan 08 02:21:38 2005Return-path: <katie at ftp-master.debian.org> Received: from newraff.debian.org [208.185.25.31] (mail) by spohr.debian.org with esmtp (Exim 3.35 1 (Debian)) id 1CnDiz-0000No-00; Sat, 08 Jan 2005 02:21:37 -0800 Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian)) id 1CnDeb-0004JS-00; Sat, 08 Jan 2005 05:17:05 -0500 From: Todd Troxell <ttroxell at debian.org> To: 287237-close at bugs.debian.org X-Katie: $Revision: 1.54 $ Subject: Bug#287237: fixed in logcheck 1.2.33 Message-Id: <E1CnDeb-0004JS-00 at newraff.debian.org> Sender: Archive Administrator <katie at ftp-master.debian.org> Date: Sat, 08 Jan 2005 05:17:05 -0500 Delivered-To: 287237-close at bugs.debian.org X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 (1.212-2003-09-23-exp) on spohr.debian.org X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2005_01_02 X-Spam-Level: X-CrossAssassin-Score: 11 Source: logcheck Source-Version: 1.2.33 We believe that the bug you reported is fixed in the latest version of logcheck, which is due to be installed in the Debian FTP archive: logcheck-database_1.2.33_all.deb to pool/main/l/logcheck/logcheck-database_1.2.33_all.deb logcheck_1.2.33.dsc to pool/main/l/logcheck/logcheck_1.2.33.dsc logcheck_1.2.33.tar.gz to pool/main/l/logcheck/logcheck_1.2.33.tar.gz logcheck_1.2.33_all.deb to pool/main/l/logcheck/logcheck_1.2.33_all.deb logtail_1.2.33_all.deb to pool/main/l/logcheck/logtail_1.2.33_all.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 287237 at bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Todd Troxell <ttroxell at debian.org> (supplier of updated logcheck package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster at debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Saturday, 08 Jan 2005 04:56:00 -0500 Source: logcheck Binary: logcheck logtail logcheck-database Architecture: source all Version: 1.2.33 Distribution: unstable Urgency: low Maintainer: Debian logcheck Team <logcheck-devel at lists.alioth.debian.org> Changed-By: Todd Troxell <ttroxell at debian.org> Description: logcheck - Mails anomalies in the system logfiles to the administrator logcheck-database - A database of system log rules for the use of log checkers logtail - Print log file lines that have not been read Closes: 284505 284788 284825 285602 286230 286306 286329 286532 286747 287184 287237 288580 289246 Changes: logcheck (1.2.33) unstable; urgency=low . maks: * Enhance rules at level workstation for removable devices. (closes: #284505, #284825) * Fix dnsmasq rule regarding DHCPINFORM. (closes: #286532) * Add rbldnsd rules at level server from Rafael Jesus Alcantara Perez <rafa at dedaloingenieros.com>. (closes: #285602) * Add jabberd rules from Peter Palfrader <weasel at debian.org>. * Add rule for weekly nmbd logrotate. (closes: #286329) * Add rules from Lee Maguire <lee-debian at hexkey.co.uk> for usb headset on level workstation. (closes: #286747) * Fix dovecot rules: dots in usernames + other breakage. (closes: #286306) * Fix gconfd rules for latest default english logging style. * Logtail need to depend on versioned perl not logcheck. (closes: #288580) * Add rules for dictd, francine, kernel from alfie. * Fix dhcp rules for vlan case. (closes: #289246) todd: * Set rule directories setgid to simplify administration. (closes: #286230) * Add future package plans to TODO * Remove dh_strip and dh_shlibdeps from debian/rules * Touch cron.d/logcheck in postinst. (closes: #284788) * Conditionally set permissions in postinst on version <1.2.33 (closes: #287184) * Update dh_installlogcheck, which has already been patched in debhelper. (closes: #287237) Files: df0734db2689120d6190ce5ea8622f4b 703 admin optional logcheck_1.2.33.dsc 540f44fc39be17a3357671c4deef86c5 89502 admin optional logcheck_1.2.33.tar.gz e138301e6f638aeca6a05405429b95e4 42368 admin optional logcheck_1.2.33_all.deb d9e9073c85c61d442719988440d04f5f 57492 admin optional logcheck-database_1.2.33_all.deb 6b983373c4044d602a25dd8ccc5b21ed 25368 admin optional logtail_1.2.33_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFB369S4u3oQ3FHP2YRAgssAKCh0ofP6ZCATqcFdqBMzwTH7MQhjgCg0VdW a1cPOUVFxEp9IN83KE8mGr4=5YoU -----END PGP SIGNATURE-----