Your message dated Sun, 01 Feb 2015 10:08:57 +0100
with message-id <[email protected]>
and subject line Re: Bug#776009: unblock: xymon/4.3.17-5
has caused the Debian Bug report #776009,
regarding unblock: xymon/4.3.17-5
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
776009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776009
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
User: [email protected]
Usertags: unblock
Hi,
several updates for xymon have accumulated since the last upload. We'd
like to have them in Jessie, so we are asking for approval of the
changes below.
Changelog:
diff -Nru xymon-4.3.17/debian/changelog xymon-4.3.17/debian/changelog
--- xymon-4.3.17/debian/changelog 2014-10-23 16:50:53.000000000 +0200
+++ xymon-4.3.17/debian/changelog 2015-01-22 17:37:30.000000000 +0100
@@ -1,3 +1,21 @@
+xymon (4.3.17-5) unstable; urgency=medium
+
+ [ Christoph Berg ]
+ * Restore the lost ROOTFS variable in xymonclient-linux.sh, and patch
+ xymond/rrd/do_disk.c to ignore duplicate submissions for the / partition.
+ (Closes: #767901)
+ * Fix buffer overrun in web/acknowledge.c (Closes: #776007)
+ * Debconf translations, thanks!
+ + pt by Américo Monteiro (Closes: #767840)
+ + fr by Jean-Pierre Giraud (Closes: #770168)
+ + nl by Frans Spiesschaert (Closes: #771182)
+
+ [ Axel Beckert ]
+ * Fix aborting installation in cases where a hobbit user exists despite
+ hobbit-client was not installed before. (LP: #1407498)
+
+ -- Christoph Berg <[email protected]> Thu, 22 Jan 2015 17:37:26
+0100
+
xymon (4.3.17-4) unstable; urgency=medium
* Add debconf question to disable the automatic migration from hobbit to
The first patch is the buffer overrun from #776007:
diff -Nru xymon-4.3.17/debian/patches/acknowledge-malloc
xymon-4.3.17/debian/patches/acknowledge-malloc
--- xymon-4.3.17/debian/patches/acknowledge-malloc 1970-01-01
01:00:00.000000000 +0100
+++ xymon-4.3.17/debian/patches/acknowledge-malloc 2015-01-22
16:49:28.000000000 +0100
@@ -0,0 +1,11 @@
+--- a/web/acknowledge.c
++++ b/web/acknowledge.c
+@@ -289,7 +289,7 @@ int main(int argc, char *argv[])
+ pcre *dummy;
+ char *re;
+
+- re = (char *)malloc(8 +
strlen(pagename));
++ re = (char *)malloc(8 +
2*strlen(pagename));
+ sprintf(re, "%s$|^%s/.+", pagename,
pagename);
+ dummy = compileregex(re);
+ if (dummy) {
(This is probably exploitable, but the URL for this is only accessible
for authenticated admin users, so it's not a very bad security issue.)
The next one is the #767901 issue that causes monitoring graphs for
the / partition (disk space and inodes) to be broken. The C part
accounts for the fact that the "df" output in the default
installations have "/" listed twice, and suppresses duplicate updates
for that partitions (which cause rrd to get confused).
The hard-to-read sh diff below merely restores the ROOTFS line that's
present in the upstream version of the original file, but got lost
during some patch update.
diff -Nru xymon-4.3.17/debian/patches/disk-no-duplicate-root
xymon-4.3.17/debian/patches/disk-no-duplicate-root
--- xymon-4.3.17/debian/patches/disk-no-duplicate-root 1970-01-01
01:00:00.000000000 +0100
+++ xymon-4.3.17/debian/patches/disk-no-duplicate-root 2015-01-21
16:31:46.000000000 +0100
@@ -0,0 +1,30 @@
+--- a/xymond/rrd/do_disk.c
++++ b/xymond/rrd/do_disk.c
+@@ -20,6 +20,7 @@ int do_disk_rrd(char *hostname, char *te
+ static int ptnsetup = 0;
+ static pcre *inclpattern = NULL;
+ static pcre *exclpattern = NULL;
++ int seen_root_fs = 0;
+
+ if (strstr(msg, "netapp.pl")) return do_netapp_disk_rrd(hostname,
testname, classname, pagepaths, msg, tstamp);
+ if (strstr(msg, "dbcheck.pl")) return
do_dbcheck_tablespace_rrd(hostname, testname, classname, pagepaths, msg,
tstamp);
+@@ -163,6 +164,19 @@ int do_disk_rrd(char *hostname, char *te
+
+ /* Check include/exclude patterns */
+ wanteddisk = 1;
++ /*
++ * On some systems, including the Debian Wheezy default setup,
++ * df shows two entries for / (one for "rootfs", one for the
++ * real device). Skip the second one or else the rrd files
++ * produced contain ugly gaps. (A complete fix would do this
++ * for all filesystems, but this case should be rare.)
++ */
++ if (!strcmp(diskname, "/")) {
++ if (seen_root_fs)
++ wanteddisk = 0;
++ else
++ seen_root_fs = 1;
++ }
+ if (exclpattern) {
+ int ovector[30];
+ int result;
diff -Nru xymon-4.3.17/debian/patches/hobbitclient-tmpfs
xymon-4.3.17/debian/patches/hobbitclient-tmpfs
--- xymon-4.3.17/debian/patches/hobbitclient-tmpfs 2014-10-01
15:41:26.000000000 +0200
+++ xymon-4.3.17/debian/patches/hobbitclient-tmpfs 2014-11-03
13:05:02.000000000 +0100
@@ -15,31 +15,27 @@
-- Christoph Berg <[email protected]> Sat, 05 Jul 2008 14:43:23 +0200
-Index: xymon/client/xymonclient-linux.sh
-===================================================================
---- xymon.orig/client/xymonclient-linux.sh 2013-05-20 16:04:13.319498276
+0200
-+++ xymon/client/xymonclient-linux.sh 2013-05-20 16:04:13.299497611 +0200
-@@ -45,9 +45,13 @@
+--- a/client/xymonclient-linux.sh
++++ b/client/xymonclient-linux.sh
+@@ -45,9 +45,14 @@ uptime
echo "[who]"
who
echo "[df]"
-EXCLUDES=`cat /proc/filesystems | grep nodev | grep -v rootfs | awk '{print
$2}' | xargs echo | sed -e 's! ! -x !g'`
--ROOTFS=`readlink -m /dev/root`
--df -Pl -x iso9660 -x $EXCLUDES | sed -e '/^[^ ][^ ]*$/{
+if test -f /proc/filesystems ; then # Linux
+ EXCLUDES=`cat /proc/filesystems | grep nodev | egrep -v 'tmpfs|rootfs'
| awk '{print $2}' | xargs echo | sed -e 's! ! -x !g'`
+else # kfreebsd (or /proc not mounted)
+ EXCLUDES=`mount | grep -v '^/' | egrep -v 'tmpfs|rootfs' | awk '{print
$1}' | xargs echo | sed -e 's! ! -x !g'`
+fi
+ ROOTFS=`readlink -m /dev/root`
+-df -Pl -x iso9660 -x $EXCLUDES | sed -e '/^[^ ][^ ]*$/{
+# kfreebsd needs an extra grep -v
+df -Pl -x iso9660 -x $EXCLUDES | grep -v '^/sys' | sed -e '/^[^ ][^
]*$/{
N
s/[ ]*\n[ ]*/ /
}' -e "s&^rootfs&${ROOTFS}&"
-Index: xymon/xymond/etcfiles/analysis.cfg
-===================================================================
---- xymon.orig/xymond/etcfiles/analysis.cfg 2013-05-20 16:04:13.319498276
+0200
-+++ xymon/xymond/etcfiles/analysis.cfg 2013-05-20 16:04:13.307497876 +0200
+--- a/xymond/etcfiles/analysis.cfg
++++ b/xymond/etcfiles/analysis.cfg
@@ -353,6 +353,11 @@
... the inevitable debian/patches/series update for the above:
diff -Nru xymon-4.3.17/debian/patches/series xymon-4.3.17/debian/patches/series
--- xymon-4.3.17/debian/patches/series 2014-10-01 15:41:26.000000000 +0200
+++ xymon-4.3.17/debian/patches/series 2015-01-22 16:49:00.000000000 +0100
@@ -23,3 +23,5 @@
fix-exp-values-in-ncv
netstat-ant-vs-ipv6-address-truncating
apache2.4
+disk-no-duplicate-root
+acknowledge-malloc
... some i18n updates:
diff -Nru xymon-4.3.17/debian/po/fr.po xymon-4.3.17/debian/po/fr.po
diff -Nru xymon-4.3.17/debian/po/nl.po xymon-4.3.17/debian/po/nl.po
diff -Nru xymon-4.3.17/debian/po/pt.po xymon-4.3.17/debian/po/pt.po
... and finally a fix for the migration from the old hobbit user that
avoids invoking "find" on non-existing directories (LP #1407498)
diff -Nru xymon-4.3.17/debian/xymon-client.postinst
xymon-4.3.17/debian/xymon-client.postinst
--- xymon-4.3.17/debian/xymon-client.postinst 2014-10-23 14:57:28.000000000
+0200
+++ xymon-4.3.17/debian/xymon-client.postinst 2015-01-21 16:31:46.000000000
+0100
@@ -49,7 +49,9 @@
--gecos "Xymon System Monitor" xymon
if [ "$MIGRATE" ] && getent passwd hobbit > /dev/null; then
for d in /etc/hobbit /etc/xymon /var/*/hobbit /var/*/xymon; do
- find $d -user hobbit -print0 2>/dev/null | xargs -0 -r chown
xymon
+ if [ -d $d ]; then
+ find $d -user hobbit -print0 2>/dev/null | xargs -0 -r
chown xymon
+ fi
done
pkill -u hobbit vmstat || true
deluser hobbit || echo "Couldn't delete user hobbit, please remove
it manually"
@@ -58,7 +60,9 @@
# Migrate old group
if [ "$MIGRATE" ] && getent group hobbit > /dev/null; then
for d in /etc/hobbit /etc/xymon /var/*/hobbit /var/*/xymon; do
- find $d -group hobbit -print0 2>/dev/null | xargs -0 -r chgrp
xymon
+ if [ -d $d ]; then
+ find $d -group hobbit -print0 2>/dev/null | xargs -0 -r
chgrp xymon
+ fi
done
delgroup --only-if-empty hobbit || echo "Couldn't delete group
hobbit, please remove it manually"
fi
I've uploaded the package to DELAYED/15. Are these ok for Jessie? I'd
either reschedule the upload for immediate release, or cancel the
upload.
Thanks,
Christoph
--
[email protected] | http://www.df7cb.de/
signature.asc
Description: Digital signature
--- End Message ---
--- Begin Message ---
On 2015-01-30 12:26, Axel Beckert wrote:
> Control: tag -1 - moreinfo
>
> Hi Niels,
>
> Niels Thykier wrote:
>> Please go ahead with these changes
>
> Thanks!
>
> I've rescheduled it and it has been accepted in unstable (and built on
> most architectures). It should reach the archive with the next
> dinstall run.
>
>> and remove the moreinfo tag once they reach unstable.
>
> Done.
>
> Regards, Axel
>
Unblocked, thanks.
~Niels
--- End Message ---
