Your message dated Sat, 27 Jul 2019 18:25:41 +0000 with message-id <[email protected]> and subject line Bug#932144: Removed package(s) from unstable has caused the Debian Bug report #679482, regarding racoon with privsep enabled segfaults with 'unauthorized domain' to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 679482: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=679482 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: racoon Version: 1:0.8.0-12 Severity: normal Tags: upstream Dear Maintainer, When privsep is enabled, so that the network exposed racoon is not running as root, daemon dies with: Jun 29 16:28:10 sid-dev racoon: ERROR: privsep_socket: unauthorized domain (15) Jun 29 16:28:10 sid-dev kernel: [327028.659475] racoon[14085]: segfault at 10 ip 00007fb7cde186ab sp 00007fffcf87e1f0 error 4 in racoon[7fb7cddef000+92000] This happens with anonymous as well as PSK keyed connections, and presumably happens with all different modes of authorization algorithms. This network daemon ideally should not be running network exposed as root. Running with privsep off, there is no problems with this. Regards, The Maintainer Matthew Grant -- System Information: Debian Release: wheezy/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Kernel: Linux 3.2.0-2-amd64 (SMP w/1 CPU core) Locale: LANG=en_NZ.UTF-8, LC_CTYPE=en_NZ.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages racoon depends on: ii adduser 3.113+nmu3 ii debconf [debconf-2.0] 1.5.44 ii ipsec-tools 1:0.8.0-12 ii libc6 2.13-33 ii libcomerr2 1.42.4-3 ii libgssapi-krb5-2 1.10.1+dfsg-1 ii libk5crypto3 1.10.1+dfsg-1 ii libkrb5-3 1.10.1+dfsg-1 ii libldap-2.4-2 2.4.31-1 ii libpam0g 1.1.3-7.1 ii libssl1.0.0 1.0.1c-3 ii perl 5.14.2-12 racoon recommends no packages. racoon suggests no packages. -- Configuration Files: /etc/racoon/psk.txt [Errno 13] Permission denied: u'/etc/racoon/psk.txt' /etc/racoon/racoon-tool.conf changed: global: log: notify privsep: yes peer(%default): certificate_type: x509 sid-dev.internal.anathoth.net-cert.pem sid-dev.internal.anathoth.net-key.pem #my_identifier: fqdn sid-dev.internal.anathoth.net lifetime: time 60 min #verify_identifier: on #verify_cert: on #authentication_method[0]: rsasig connection(%anonymous): #admin_status: enabled admin_status: disabled connection(%default): src_ip: 192.168.110.3 src_range: 192.168.110.3/32 peer(192.168.110.5): #peers_identifier: fqdn sid-dev.internal.anathoth.net connection(sid-dev): dst_ip: 192.168.110.5 dst_range: 192.168.110.5/32 mode: tunnel admin_status: enabled -- debconf information: * racoon/config_mode: racoon-tool
--- End Message ---
--- Begin Message ---Version: 1:0.8.2+20140711-12+rm Dear submitter, as the package ipsec-tools has just been removed from the Debian archive unstable we hereby close the associated bug reports. We are sorry that we couldn't deal with your issue properly. For details on the removal, please see https://bugs.debian.org/932144 The version of this package that was in Debian prior to this removal can still be found using http://snapshot.debian.org/. This message was generated automatically; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]. Debian distribution maintenance software pp. Scott Kitterman (the ftpmaster behind the curtain)
--- End Message ---
