Your message dated Fri, 26 May 2006 07:02:07 -0700 with message-id <[EMAIL PROTECTED]> and subject line Bug#367337: fixed in aide 0.11a-4 has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: aide Version: 0.11a-3 Severity: normal Tags: patch Use of /var/run/aide.lock breaks non-root use of aide. aide --config=$HOME/aide/conf --update dotlockfile: /var/run/aide.lock: permission denied cannot obtain lock /var/run/aide.lock, stale lock? I suggest also using a lockfile only if no --config is given by the user. Also, printing a message when a user is using --config is not expected. I would like to see the message removed. Also when using $@ you almost always want "$@". And passing raw arguments to echo can open up possibility of problems there. How about this? #!/bin/sh # # Perform update-aide.conf call before calling aide, since the autogenerated # configuration is now the default config file PATH="/usr/sbin:/sbin:/usr/bin:/bin" LOCKFILE="/var/run/aide.lock" pathfind() { OLDIFS="$IFS" IFS=: for p in $PATH; do if [ -x "$p/$*" ]; then IFS="$OLDIFS" return 0 fi done IFS="$OLDIFS" return 1 } dotlocked=false if ! printf "%b\n" "$*" | grep -q -e --config; then if which dotlockfile >/dev/null 2>&1; then if ! dotlockfile -p -l $LOCKFILE; then echo >&2 "cannot obtain lock $LOCKFILE, stale lock?" exit 1 fi dotlocked=true else echo >&2 "no dotlockfile binary in path, not checking for already running aide" fi update-aide.conf fi /usr/bin/aide.real "$@" if dotlocked; then dotlockfile -u $LOCKFILE fi I am not quite happy with the grep test for a --config option because it ignores the -c possibility. But without doing a full getopts parsing it is difficult to get this completely correct. Bob -- Bob Proulx <[EMAIL PROTECTED]> http://www.proulx.com/~bob/ -- System Information: Debian Release: 3.1
--- End Message ---
--- Begin Message ---Source: aide Source-Version: 0.11a-4 We believe that the bug you reported is fixed in the latest version of aide, which is due to be installed in the Debian FTP archive: aide_0.11a-4.diff.gz to pool/main/a/aide/aide_0.11a-4.diff.gz aide_0.11a-4.dsc to pool/main/a/aide/aide_0.11a-4.dsc aide_0.11a-4_i386.deb to pool/main/a/aide/aide_0.11a-4_i386.deb A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [EMAIL PROTECTED], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Marc Haber <[EMAIL PROTECTED]> (supplier of updated aide package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [EMAIL PROTECTED]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.7 Date: Fri, 26 May 2006 12:44:51 +0000 Source: aide Binary: aide aide-config-zg2 Architecture: source i386 Version: 0.11a-4 Distribution: unstable Urgency: low Maintainer: Aide Maintainers <[EMAIL PROTECTED]> Changed-By: Marc Haber <[EMAIL PROTECTED]> Description: aide - Advanced Intrusion Detection Environment Closes: 361714 363652 365774 366776 367333 367337 368409 368935 Changes: aide (0.11a-4) unstable; urgency=low . * statically link against libmhash 0.9.6-2, which might fix some issues on big-endian archs. * Tighten up build-deps to force buildds to link against the same libmhash. The versioned build-dep can be removed for backports, at the price of probably not running on big-endian archs. * 70_aide_dev: allow two digit /dev/pts numbers. * 31_aide_inn2: /var/spool/news/incoming is VarDir itself * Update Dutch (nl) debconf translation. Thanks to cobaco (aka Bart Cornelis). (mh) Closes: #363652 * Update Swedish (sv) debconf translation. Thanks to Daniel Nylander. (mh) Closes: #365774 * Call dh_installexamples from debian/rules, to actually include 31_example_exclude-homes into package. Thanks to Glyn Kennington for spotting this. (mh) Closes: #361714 * Do not define HOSTNAME, DNSDOMAINNAME and FQDN if the corresponding binary gives no output. Adapt rules to not fail in case of undefined variable. Thanks to Corey Wright and Craig Small. Closes: #366776 * Fix badly formatted debian/NEWS file. * Fix incorrect dotlockfile presence test. Thanks to Bob Proulx. Closes: #367333 * Fix issues addressed by Bob Proulx (thanks!). Closes: #367337. * Move * aide wrapper to aide.wrapper * add man page for aide.wrapper * aide.real to aide * fix lintian and linda overrides * This kind of restores expected aide behavior. * Debian scripts now call aide.wrapper explicitly * thus, our lock locks the Debian configuration only and not the aide binary. * use "$@" instead of $@ in aide.wrapper * keep accidentally invoked aide from tampering with Debian database: * set sysconfdir to /tmp/empty * set config_file to /dev/null * have wrapper explicitly set --config /etc/aide/aide.conf * do not set --config explicitly in aideinit * zap /var/lib files instead of /var/log in postinst * replace ` with $() in aideinit * handle /var/log/apache2/suexec.log.* if /etc/apache2/mods-enabled/suexec.load exists. Thanks to Craig Small. Closes: #368935 * Fix dumb scripting error in aide.conf.d/31_aide_amanda-server Thanks to Craig Small. Closes: #368409 * Minor modifications to the Debconf templates to make lintian happy. * Standards-Version: 3.7.2 (no change necessary). Files: 09c42dc9545fc5ffa5439fae6ece0229 804 admin optional aide_0.11a-4.dsc 5088544411091e232c3c377742b4069e 45711 admin optional aide_0.11a-4.diff.gz 7698c0096ba7e4a136e9f42350521d61 529990 admin optional aide_0.11a-4_i386.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.3 (GNU/Linux) iD8DBQFEdwirgZalRGu6PIQRAlXlAJ0eY8y2FnvApYtyUPpCHLQqRK2CUwCff8tT 6YbE8POoofNxg5DXbe+sQXA= =MPXo -----END PGP SIGNATURE-----
--- End Message ---
