Package: uif
Version: 1.1.9-1
Severity: important
Justification: renders package unusable
Dear Maintainer,
A freshly installed, fairly minimal, Stretch system was immediately upgraded to
Buster.
While installing Stretch I did preseed some simple debconf values for uif, but
those have since been re-placed and the uif package has been completely purged
before attempting to reinstall it.
The following lines in the fully autogenerated /etc/uif/uif.conf
in- f=log(input),reject
out- f=log(output),reject
fw- f=log(forward),reject
generate the following log messages: (which causes uif to fail at its task)
root[943]: Starting uif
root[955]: Starting uif failed: IPv4 setup: Skipping IPv6-only rule for
network "all"
# Warning: iptables-legacy tables present, use
iptables-legacy-save to see them
iptables-restore v1.8.2 (nf_tables):
line 64: RULE_APPEND failed (Invalid argument): rule in chain
INPUT
line 67: RULE_APPEND failed (Invalid argument): rule in chain
OUTPUT
line 70: RULE_APPEND failed (Invalid argument): rule in chain
FORWARD
error in generated rules
uif[938]: Starting uif: modules IPv4-rules failed!
uif[938]: Error message: IPv4 setup: Skipping IPv6-only rule for network
"all"
uif[938]: # Warning: iptables-legacy tables present, use
iptables-legacy-save to see them
uif[938]: iptables-restore v1.8.2 (nf_tables):
uif[938]: line 64: RULE_APPEND failed (Invalid argument): rule in chain
INPUT
uif[938]: line 67: RULE_APPEND failed (Invalid argument): rule in chain
OUTPUT
uif[938]: line 70: RULE_APPEND failed (Invalid argument): rule in chain
FORWARD
uif[938]: error in generated rules
systemd[1]: uif.service: Control process exited, code=exited,
status=1/FAILURE
Expected outcome would of course be that uif was started with no error messages.
Buster's release notes[1] does mention changes to iptables. Following the
wiki[2] instructions on how to switch to legacy iptables, it is possible to
make uif launch without errors. Yet doing so should be consider a workaround,
not a fix.
1. https://www.debian.org/News/2019/20190706
2. https://wiki.debian.org/nftables
-- System Information:
Debian Release: 10.0
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.9.0-9-amd64 (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8),
LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages uif depends on:
ii bsdutils 1:2.33.1-0.1
ii debconf [debconf-2.0] 1.5.71
ii iptables 1.8.2-4
ii libdata-validate-ip-perl 0.27-1
ii libnetaddr-ip-perl 4.079+dfsg-1+b3
pn libsocket-perl <none> (Replaced by perl-base 5.28.1-6)
ii lsb-base 10.2019051400
ii perl 5.28.1-6
Versions of packages uif recommends:
ii libnet-ldap-perl 1:0.6500+dfsg-1
Versions of packages uif suggests:
pn fwlogwatch <none>
-- Configuration Files:
/etc/uif/uif-ipv4-networks.inc [Errno 13] Permission denied:
'/etc/uif/uif-ipv4-networks.inc'
/etc/uif/uif-ipv6-networks.inc [Errno 13] Permission denied:
'/etc/uif/uif-ipv6-networks.inc'
/etc/uif/uif.conf [Errno 13] Permission denied: '/etc/uif/uif.conf'
-- debconf information:
* uif/traceroute: true
* uif/trusted:
* uif/pings: true
* uif/conf_method: workstation
* uif/workstation:
uif/error:
