Your message dated Thu, 07 Feb 2019 06:49:47 +0000 with message-id <e1grdvl-0008tr...@fasolo.debian.org> and subject line Bug#919256: fixed in dnssec-trigger 0.17+repack-3 has caused the Debian Bug report #919256, regarding dnssec-trigger: Failed to upgrade: installed dnssec-trigger package post-installation script subprocess returned error exit status 1 to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 919256: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=919256 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: dnssec-trigger Version: 0.17+repack-1 Severity: serious Setting up dnssec-trigger (0.17+repack-1) ... Job for dnssec-triggerd.service failed because the control process exited with error code. See "systemctl status dnssec-triggerd.service" and "journalctl -xe" for details. invoke-rc.d: initscript dnssec-triggerd, action "restart" failed. # dnssec-triggerd.service - Reconfigure local DNSSEC resolver on connectivity changes Loaded: loaded (/lib/systemd/system/dnssec-triggerd.service; enabled; vendor preset: enabled) Active: activating (auto-restart) (Result: exit-code) since Mon 2019-01-14 07:20:18 CET; 16ms ago Process: 29431 ExecStartPre=/usr/lib/dnssec-trigger/dnssec-trigger-script --prepare (code=exited, status=0/SUCCESS) Process: 29438 ExecStart=/usr/sbin/dnssec-triggerd -d (code=exited, status=1/FAILURE) Process: 29439 ExecStartPost=/usr/lib/dnssec-trigger/dnssec-trigger-script --update_all (code=exited, status=0/SUCCESS) Process: 29443 ExecStopPost=/usr/lib/dnssec-trigger/dnssec-trigger-script --cleanup (code=exited, status=1/FAILURE) Main PID: 29438 (code=exited, status=1/FAILURE) dpkg: error processing package dnssec-trigger (--configure): installed dnssec-trigger package post-installation script subprocess returned error exit status 1 Processing triggers for libc-bin (2.28-5) ... Errors were encountered while processing: dnssec-trigger I said "no" to the new dnssec-trigger.conf, but except comments the only difference is the search domain setting: $ diff /etc/dnssec-trigger/dnssec-trigger.conf /etc/dnssec-trigger/dnssec-trigger.conf.dpkg-dist 28c28 < search: "deuxchevaux.org noone.org ethz.ch debian.org" --- > # search: "" 51c51 < # check-updates: --- > # check-updates: no 65a66 > # These relay incoming DNS traffic on the other port numbers to the usual DNS 76a78,86 > > # Use VPN servers for all traffic > # use-vpn-forwarders: no > > # Forward RFC 1918 private addresses to global forwarders > # use-private-addresses: yes > > # Add domains provided by VPN connections into Unbound forward zones > # add-wifi-provided-zones: no The syslog shows again this: Jan 14 07:18:59 c-cactus2 dnssec-triggerd[22039]: Jan 14 07:18:59 dnssec-triggerd[22039] error: Error in SSL_CTX use_certificate_file crypto error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small So maybe https://bugs.debian.org/898969 is not fully fixed yet? -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (990, 'unstable'), (980, 'unstable-debug'), (600, 'testing'), (111, 'buildd-unstable'), (111, 'buildd-experimental'), (110, 'experimental'), (105, 'experimental-debug') Architecture: amd64 (x86_64) Kernel: Linux 4.18.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages dnssec-trigger depends on: ii gir1.2-nm-1.0 1.14.4-4 ii libc6 2.28-5 ii libgdk-pixbuf2.0-0 2.38.0+dfsg-7 ii libglib2.0-0 2.58.2-3 ii libgtk2.0-0 2.24.32-3 ii libldns2 1.7.0-3.1+b1 ii libssl1.1 1.1.1a-1 ii python3 3.7.1-3 ii python3-gi 3.30.4-1 ii python3-lockfile 1:0.12.2-2 ii sensible-utils 0.0.12 ii unbound 1.8.1-1+b1 dnssec-trigger recommends no packages. dnssec-trigger suggests no packages. -- Configuration Files: /etc/dnssec-trigger/dnssec-trigger.conf changed: search: "deuxchevaux.org noone.org ethz.ch debian.org" url: "http://ster.nlnetlabs.nl/hotspot.txt OK" url: "http://fedoraproject.org/static/hotspot.txt OK" tcp80: 185.49.140.67 tcp80: 2a04:b900::10:0:0:67 ssl443: 185.49.140.67 7E:CF:B4:BE:B9:9A:56:0D:F7:3B:40:51:A4:78:E6:A6:FD:66:0F:10:58:DC:A8:2E:C0:43:D4:77:5A:71:8A:CF ssl443: 2a04:b900::10:0:0:67 7E:CF:B4:BE:B9:9A:56:0D:F7:3B:40:51:A4:78:E6:A6:FD:66:0F:10:58:DC:A8:2E:C0:43:D4:77:5A:71:8A:CF -- no debconf information
--- End Message ---
--- Begin Message ---Source: dnssec-trigger Source-Version: 0.17+repack-3 We believe that the bug you reported is fixed in the latest version of dnssec-trigger, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 919...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Diane Trout <di...@ghic.org> (supplier of updated dnssec-trigger package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Wed, 06 Feb 2019 21:29:17 -0800 Source: dnssec-trigger Binary: dnssec-trigger Architecture: source Version: 0.17+repack-3 Distribution: unstable Urgency: medium Maintainer: dnssec-trigger packagers <dnssec-trig...@packages.debian.org> Changed-By: Diane Trout <di...@ghic.org> Description: dnssec-trigger - reconfiguration tool to make DNSSEC work Closes: 919256 921227 Changes: dnssec-trigger (0.17+repack-3) unstable; urgency=medium . * Remove add-null-to-end-of-string-list.patch upstream had better solution * Add dnssec-double-free.patch (Closes: 921227) * Update tests/small-key to test if small keys are fixed on upgrade * Modify remove-small-keys.patch to only generate the certificates if they don't exist (Closes: #919256) * Always run dnssec-trigger-control-setup to make sure that keys are updated Checksums-Sha1: 2ca23b70dae08ba78235cfdda4f1ad599dae73c4 2330 dnssec-trigger_0.17+repack-3.dsc cb9d241e028f2849496465949895da9e4540efaf 15632 dnssec-trigger_0.17+repack-3.debian.tar.xz cbb8463a909f827541e47213a8861efe5ac8d2af 11545 dnssec-trigger_0.17+repack-3_source.buildinfo Checksums-Sha256: f857a895bc374ca3f85fdec9f50d034f8a7f5b4dd5d03c85d6c2e2f829f40386 2330 dnssec-trigger_0.17+repack-3.dsc 69f40384e61d6e7c7d927751affbaca42d3dae046156dcd616505b915c8a3002 15632 dnssec-trigger_0.17+repack-3.debian.tar.xz 01e05fb4706f17e2b270a4cd54fbc70ddf56e3a574e984c7c62200c8dbaf760f 11545 dnssec-trigger_0.17+repack-3_source.buildinfo Files: 4aa03b228753fb0193a780723aee6cd7 2330 net optional dnssec-trigger_0.17+repack-3.dsc ed817ecba69fbe1c986826dd51cb866c 15632 net optional dnssec-trigger_0.17+repack-3.debian.tar.xz 09a548a34c983245c689f4af1dfda708 11545 net optional dnssec-trigger_0.17+repack-3_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEETQVcMeSBIEX5AQ11mQ04NnM013AFAlxbzukACgkQmQ04NnM0 13AOiA/+OZ/CpLpBpt9eBPUNClrk5Cg+MZn6FdIf2nH1aFw/ZFhaOnrNf/57rv5U TPCf7umILihA29bwtT1TFfgeFOktZvaGZ5ZazNH+B3BlujbSmoba1YdtjWh4Xzrh NWMhL8xT6Njb/3vryGJ4SZqQNPls25utxwnTpWPx+uFVOVYT2XEFZz4AMlzXfdRe g4CtIAe5EBkWFcQgBUPVP/x6FxHVNypcvPPH6yw3b8W4E6HG5OGsBoVopTdPBSgO AfubxUJYrlH1o+KHf21VkEXh1YhXMf/7zDrRWK0sPjMZrpDtDbND9zAz3tuxWJnE Pxw842W7vj9XCtBAAhXa1sfF3TGRkJvlR/OyUG85uh8z2Cwwx5OJcpSfMnWl33UZ TV9MvC0AsdnB5rZqHGoOEYuMLU38uuD8lZ/FaF8GwL/IT/GNIRVCf0/mkMVHiS2G SajHzbcB4zphHuDw6HzQUZ5wmxhanDVKzEGOWNqWQUvKVTHyJjh+SRJP0iGk04rY EsDj17ABEmjHaCIEQ+G1aaMAGLXtMG1wHpxcp8FlxyRU7OwROUMdVs7oehOkcd1C 0fKMLm3Ucn13EY+Iiw1QsxFLqhQw5+spbqy6r3uUDG8X2kZnUAg2TC4rM5SkTMNN 965P3W/rw+ieH11KG+iT9XbZuwfuThN+927ISFIfafDpS5RLSeY= =b5/w -----END PGP SIGNATURE-----
--- End Message ---
