Bug#1021978: spamassassin: non-standard version numbers break spamassassin's AIDE script
On Tue, 3 Oct 2023 16:32:35 +0200 Thomas Dorner wrote: > > The current version of the rule does things differently. Can you > > verify whether the current version in sid works for you as well? > > Sorry Marc, I switched my systems to Bullseye a few months ago and no > longer have a Sid to test with. Ooops, I meant Bookworm! Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1021978: spamassassin: non-standard version numbers break spamassassin's AIDE script
> The current version of the rule does things differently. Can you > verify whether the current version in sid works for you as well? Sorry Marc, I switched my systems to Bullseye a few months ago and no longer have a Sid to test with. Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Hi Hannes! > Please try the patch available upstream[0] and report back if it fixes > the memory allocation errors. Looks good: [...] WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network: No such file or directory WARNING: tried to read access ACL on /var/opt/lxc/no-network/sys but failed with: No such file or directory WARNING: tried to read default ACL on /var/opt/lxc/no-network/sys but failed with: Invalid argument WARNING: listxattrs failed for /var/opt/lxc/no-network/sys:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/sys: No such file or directory WARNING: readlink() failed for '/var/opt/lxc/no-network/lib64': No such file or directory WARNING: listxattrs failed for /var/opt/lxc/no-network/lib64:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/lib64: No such file or directory WARNING: readlink() failed for '/var/opt/lxc/no-network/lib32': No such file or directory WARNING: listxattrs failed for /var/opt/lxc/no-network/lib32:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/lib32: No such file or directory WARNING: readlink() failed for '/var/opt/lxc/no-network/bin': No such file or directory WARNING: listxattrs failed for /var/opt/lxc/no-network/bin:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/bin: No such file or directory [...] > Thanks for debugging. You're welcome. Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Dear maintainers, I narrowed it further down with some more fprintfs. The problem is not in do_md.c but the call in hsymlnk in gen_list.c. Here the critical part of the output: gen_list.c: hsymlnk: '/var/opt/lxc/no-network/lib64', '' gen_list.c: hsymlnk: len+1 == 0 checked_realloc(0x7fe4f1117290, 0) failed to reallocate 0 bytes ERROR: realloc: failed to allocate memory The variables in the first fprintf are line->fullpath and line->linkname. At the beginning of the aide run /var/opt/lxc/no-network/lib64 is the following symbolic link (basically an identical copy of the root /lib64): lrwxrwxrwx 1 ... /var/opt/lxc/no-network/lib64 -> usr/lib64/ Later (about 30 minutes after the start of dailyaidecheck) the whole "no-network" tree is deleted. This apparently leads to an empty linkname, readlink returns -1, which then results in a call to realloc with size 0. (I think the rest is now up to you. ;-) Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Dear maintainers, after some unsuccessful tries to monitor the failed call to realloc I finally took the sources and added some monitoring into the aide binary itself. (Yes, I'm writing about classic dirty printf debugging. ;-) And today I was successful, the problem is a call to checked_realloc in util.c with a request of 0 bytes. Before that the log contained a few warnings about a missing sub-directory (sys) of the missing upper directory (no-network). WARNING: tried to read access ACL on /var/opt/lxc/no-network/sys but failed with: No such file or directory WARNING: tried to read default ACL on /var/opt/lxc/no-network/sys but failed with: Invalid argument WARNING: listxattrs failed for /var/opt/lxc/no-network/sys:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/sys: No such file or directory checked_realloc(0x7fe3c9145380, 0) failed to reallocate 0 bytes ERROR: realloc: failed to allocate memory End of AIDE error output A first glance at all the calls to checked_realloc makes me guess this can only happen in one of the calls in do_md.c, all others should be >0. Hope this helps & best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
> Well today I run it with dmalloc. I'll need some time to handle the > 28 GB of log-file, especially as it apparently contains at least one > large chunk of 0-bytes. OK, so that log file looks inconspicuous. The reallocations are a few various followed by one series of one permanently growing big one (up to 1792464 bytes; maybe reading in the DB into the internal representation?), a growing small one (growing in 4 bytes steps up to 112 bytes), a huge gap without any reallocations, lots (~55% of all) of reallocations from 257 to something smaller and 4 ones from 99 bytes to 190 bytes). Unfortunately that wasn't the end of the log file, there were still ~2900 other memory actions after it.¹ I'll try something different when the failure occurs again - today it didn't (maybe my timing was wrong), so it probably will be a few days. Best regards, Thomas ¹ My (maybe completely wrong ;-) theory would be that dmalloc only logs after the call returned and it failed in the call itself. (I logged using the tags log-trans and log-stats aka 0x9.) -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Hello Hannes! > Can you try to reproduce the failure and verify that the memory is > actually used up by the aide process? Well today I run it with dmalloc. I'll need some time to handle the 28 GB of log-file, especially as it apparently contains at least one large chunk of 0-bytes. > Additionally can you try to directly call aide limited to the specific > directory (see --limit option). That probably doesn't give me enough time to delete the directory after starting aide, but before aide actually gets there. I'll follow up on this when I know more. Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Hello Hannes, thanks for the quick response. > How many files are in the AIDE database on a successful run? Does this > number significantly differ when the aide check fails? You mean the /var/lib/aide/aide.db? # zcat /var/lib/aide/aide.db | wc 755240 21146627 442199792 The /var/lib/aide/aide.db after a failed one is always size 0. > Is 0.18.2-1 the only version you experience this behaviour or does > this error also occur with an older version? I've never encountered this before, but I did not work with the specific directory tree parallel to the AIDE run for at least 3 weeks before the this one. > Independently of the issue above, it might make sense to exclude this > directory. That's the work-around I'll put in place till you try something different. Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Package: aide Version: 0.18.2-1 Severity: important X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer (that's you Marc, isn't it ;-), The last two daily aide runs on my desktop machine failed with an error 22. Today's log-file shows: aide run on X.X started at 2023-04-25 06:38:52. ** * AIDE returned with exit code 22. unknown non-zero exit value 22 * ** AIDE error output (465 lines): WARNING: hash calculation: '/run/user/1065/dconf/user' has been changed (changed attributes: c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.3.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.6.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.4.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.1.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.2.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.5.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.0' has been changed (changed attributes: i, hash could not be calculated) WARNING: hash calculation: '/var/lib/systemd/timers/stamp-chkrootkit.timer' has been changed (changed attributes: c+m, hash could not be calculated) WARNING: hash calculation: '/var/log/chkrootkit/log.today' has been changed (changed attributes: c+m, hash could not be calculated) WARNING: hash calculation: '/var/log/chkrootkit/chkrootkit-daily.log' has been changed (changed attributes: c+m, hash could not be calculated) WARNING: hash calculation: '/var/log/chkrootkit/log.today.raw' has been changed (changed attributes: c+m, hash could not be calculated) [...some more normal warnings...] WARNING: tried to read access ACL on /var/opt/lxc/no-network/usr/share/doc/libgpg-error0 but failed with: No such file or directory WARNING: tried to read default ACL on /var/opt/lxc/no-network/usr/share/doc/libgpg-error0 but failed with: Invalid argument WARNING: listxattrs failed for /var/opt/lxc/no-network/usr/share/doc/libgpg-error0:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/usr/share/doc/libgpg-error0: No such file or directory ERROR: realloc: failed to allocate memory End of AIDE error output AIDE detected no changes. End of AIDE daily aide check at 2023-04-25 08:13, run time 5672 seconds funny, AIDE did not leave a log. Version 0.18.2-1 had been installed on 2023-04-21, so it did run OK at least two times. It also run OK after a manual "systemctl start dailyaidecheck" in a terminal window yesterday. This did not work today though. The last warnings like the 4 last ones above all come from a test directory used by my current project. The files and directories there have been deleted and recreated several times during the aide run. Memory of the machine should be enough with 32 GB mostly used as cache: MiB Mem: 32025.9 total, 1145.8 free, 3102.1 used, 28268.6 buff/cache I think I've always be working on the project during the failures, so it maybe a reallocation for a deleted or recreated entry. Currently I've no further idea to narrow it down. The directory /var/lib/aide/dailyaidecheck with the temporary log-files has been removed, but maybe I can modify something to keep it to maybe get further info. -- System Information: Debian Release: 12.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-8-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages aide depends on: ii libacl1 2.3.1-3 ii libaudit1 1:3.0.9-1 ii libc6 2.36-9 ii libcap2 1:2.66-3 ii libext2fs21.47.0-2 ii libmhash2 0.9.9.9-9 ii libpcre2-8-0 10.42-1 ii libselinux1 3.4-1+b5 ii zlib1g1:1.2.13.dfsg-1 Versions of packages aide recommends: ii aide-common 0.18.2-1 Versions of packages aide suggests: pn figlet -- no debconf information
Bug#1034052: winetricks: winetrick searches for 32 bit wine as wine32, not wine
Hello Jens! > I can't reproduce this issue. What steps exactly did you issue that > failed? Hmm, I tried it again today (after removing my hard-link), and I couldn't reproduce it either. I did some other changes / updates in the meantime though (esp. installing winbind and some Samba packages, which I did not have installed last week). So I guess we can close this as a glitch specific to my environment. Should I encounter it again, I'll reopen with a more through analysis. > Please remove the hardlink again and report the output of "wine > --version". wine-8.0 (Debian 8.0~repack-4) Thanks for your efforts and best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034052: winetricks: winetrick searches for 32 bit wine as wine32, not wine
Package: winetricks Version: 20230212-2 Severity: normal X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer, I have the following wine multiarch installation in Sid: Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++----== ii wine 8.0~repack-4 all Windows API implementation - standard suite ii wine32:i386 8.0~repack-4 i386 Windows API implementation - 32-bit binary loader ii wine64 8.0~repack-4 amd64Windows API implementation - 64-bit binary loader ii winetricks 20230212-2 all simple tool to work around common problems in Wine While setting up a new Wine environment winetricks aborted with the following error: -- Using winetricks 20230212 - sha256sum: 14afe10e8858e47f95fc6f02015003a6ffd8cd438249b25b85e1078e8e326949 with wine-8.0 (Debian 8.0~repack-4) and WINEARCH=win64 Executing w_do_call vcrun2019 -- warning: You are using a 64-bit WINEPREFIX. Note that many verbs only install 32-bit versions of packages. If you encounter problems, please retest in a clean 32-bit WINEPREFIX before reporting a bug. -- Executing load_vcrun2019 Using native,builtin override for following DLLs: api-ms-win-crt-private-l1-1-0 api-ms-win-crt-conio-l1-1-0 api-ms-win-crt-heap-l1-1-0 api-ms-win-crt-locale-l1-1-0 api-ms-win-crt-math-l1-1-0 api-ms-win-crt-runtime-l1-1-0 api-ms-win-crt-stdio-l1-1-0 api-ms-win-crt-time-l1-1-0 atl140 concrt140 msvcp140 msvcp140_1 msvcp140_2 msvcp140_atomic_wait msvcp140_codecvt_ids vcamp140 vccorlib140 vcomp140 vcruntime140 Executing wine C:\windows\syswow64\regedit.exe C:\windows\Temp\override-dll.reg it looks like wine32 is missing, you should install it. multiarch needs to be enabled first. as root, please execute "dpkg --add-architecture i386 && apt-get update && apt-get install wine32:i386" wine: failed to open "C:\\windows\\syswow64\\regedit.exe": c135 -- egedit.exe C:\windows\Temp\override-dll.reg returned status 53. Aborting. -- After simply creating a hard-link between /usr/lib/wine/wine and /usr/lib/wine/wine32 it worked. I guess this is either a bug in the winetricks or the wine (32 bit) package, at least it looks like something not consistent. The fix should be easy in each of them. (I did not try a soft-link, but that probably works as well.) Best regards, Thomas PS: Classified as "normal" as it has a very easy work-around. -- System Information: Debian Release: 12.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-7-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages winetricks depends on: ii binutils 2.40-2 ii curl 7.88.1-8 ii wget 1.21.3-1+b2 ii wine [wine] 8.0~repack-4 Versions of packages winetricks recommends: ii cabextract 1.9-3 ii fuseiso 20070708-3.2+b1 ii p7zip-full 16.02+dfsg-8 ii pkexec 122-3 ii policykit-1 122-3 ii sudo 1.9.13p3-1 ii unzip6.0-28 ii x11-utils7.7+5 ii xdg-utils1.1.3-4.1 ii xz-utils 5.4.1-0.2 ii zenity 3.44.0-1 Versions of packages winetricks suggests: ii tor0.4.7.13-1 ii unrar 1:6.2.6-1 -- no debconf information
Bug#1032122: chkrootkit: bad redirection creating file '1'?
> ($echo is defined by the main loop, although im sceptical it is > actually used given echo is a builtin) At least in the BaSH functions and aliases supersede builtins, although I'm not sure about what the POSIX standard says about it. -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1032122: chkrootkit: bad redirection creating file '1'?
Package: chkrootkit
Version: 0.57-1
Severity: normal
X-Debbugs-Cc: debian-b...@th-dorner.de
Dear Maintainer,
The regular running chkrootkit apparently creates a file '1' in the
directory /usr/lib/chkrootkit. Checking for a supposed bad redirection
in the scripts of the package of chkrootkit (with "grep -n '> *1'
/etc/cron.daily/chkrootkit /usr/sbin/chkrootkit") found the following:
/usr/sbin/chkrootkit:1423:
${echo} >1 "$ROOTDIRproc/syslogk" > /dev/null 2>&1
This looks very strange, especially as I don't see a variable echo being
assigned anywhere. I'm not quite sure what is intended here so I don't
try to speculate about a correct patch, sorry.
Best regards, Thomas
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.1.0-5-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_CPU_OUT_OF_SPEC
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages chkrootkit depends on:
ii libc6 2.36-8
Versions of packages chkrootkit recommends:
ii binutils 2.40-2
ii iproute2 6.1.0-2
ii net-tools 2.10-0.1
ii procps 2:4.0.3-1
chkrootkit suggests no packages.
-- no debconf information
Bug#1024247: grub-efi-amd64: conf_force_conffnew=YES in /etc/ucf.conf breaks grub-efi-amd64.postinst
Package: grub-efi-amd64
Version: 2.06-5
Severity: important
X-Debbugs-Cc: debian-b...@th-dorner.de
Dear Maintainer,
/var/lib/dpkg/info/grub-efi-amd64.postinst failed with:
Setting up grub-efi-amd64 (2.06-5) ...
Error: Only one of force_conffold and force_conffnew should
be set
dpkg: error processing package grub-efi-amd64 (--configure):
installed grub-efi-amd64 package post-installation script subprocess returned
error exit status 1
The problem is, that I have set "conf_force_conffnew=YES" in
/etc/ucf.conf and the post-install script itself sets in line 414
"ucf_env=UCF_FORCE_CONFFOLD=1".
I would expect that my decision would be honoured here. (This is a
similar bug to #1002038 in grub-pc, so maybe there are others as well?)
To reproduce it just set "conf_force_conffnew=YES" in /etc/ucf.conf and
run:
/usr/share/debconf/frontend /var/lib/dpkg/info/grub-efi-amd64.postinst configure
I was able to circumvent the problem by temporarily disable the option
in /etc/ucf.conf.
Best regards, Thomas
-- Package-specific info:
*** BEGIN /proc/mounts
/dev/mapper/crypt_root / ext4 rw,relatime,discard,errors=remount-ro 0 0
/dev/sda3 /images ext4 rw,relatime,discard 0 0
/dev/sdb2 /boot ext2 rw,relatime,discard 0 0
/dev/sdb1 /boot/efi vfat
rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro
0 0
/dev/sdc6 /video ext4 rw,relatime 0 0
/dev/mapper/crypt_home /home ext4 rw,relatime,discard 0 0
/dev/mapper/crypt_goodies /goodies ext4 rw,relatime,discard 0 0
*** END /proc/mounts
*** BEGIN /boot/grub/grub.cfg
#
# DO NOT EDIT THIS FILE
#
# It is automatically generated by grub-mkconfig using templates
# from /etc/grub.d and settings from /etc/default/grub
#
### BEGIN /etc/grub.d/00_header ###
if [ -s $prefix/grubenv ]; then
set have_grubenv=true
load_env
fi
if [ "${next_entry}" ] ; then
set default="${next_entry}"
set next_entry=
save_env next_entry
set boot_once=true
else
set default="0"
fi
if [ x"${feature_menuentry_id}" = xy ]; then
menuentry_id_option="--id"
else
menuentry_id_option=""
fi
export menuentry_id_option
if [ "${prev_saved_entry}" ]; then
set saved_entry="${prev_saved_entry}"
save_env saved_entry
set prev_saved_entry=
save_env prev_saved_entry
set boot_once=true
fi
function savedefault {
if [ -z "${boot_once}" ]; then
saved_entry="${chosen}"
save_env saved_entry
fi
}
function load_video {
if [ x$feature_all_video_module = xy ]; then
insmod all_video
else
insmod efi_gop
insmod efi_uga
insmod ieee1275_fb
insmod vbe
insmod vga
insmod video_bochs
insmod video_cirrus
fi
}
if [ x$feature_default_font_path = xy ] ; then
font=unicode
else
insmod ext2
search --no-floppy --fs-uuid --set=root 720f3744-c999-4ee7-8010-73ef6072a334
font="/usr/share/grub/unicode.pf2"
fi
if loadfont $font ; then
set gfxmode=1920x1200x32
load_video
insmod gfxterm
fi
terminal_output gfxterm
if [ "${recordfail}" = 1 ] ; then
set timeout=30
else
if [ x$feature_timeout_style = xy ] ; then
set timeout_style=menu
set timeout=3
# Fallback normal timeout code in case the timeout_style feature is
# unavailable.
else
set timeout=3
fi
fi
### END /etc/grub.d/00_header ###
### BEGIN /etc/grub.d/05_debian_theme ###
insmod ext2
search --no-floppy --fs-uuid --set=root 720f3744-c999-4ee7-8010-73ef6072a334
insmod png
if background_image /usr/share/desktop-base/homeworld-theme/grub/grub-16x9.png;
then
set color_normal=white/black
set color_highlight=black/white
else
set menu_color_normal=cyan/blue
set menu_color_highlight=white/blue
fi
### END /etc/grub.d/05_debian_theme ###
### BEGIN /etc/grub.d/10_linux ###
function gfxmode {
set gfxpayload="${1}"
}
set linux_gfx_mode=keep
export linux_gfx_mode
menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu
--class os $menuentry_id_option
'gnulinux-simple-720f3744-c999-4ee7-8010-73ef6072a334' {
load_video
gfxmode $linux_gfx_mode
insmod gzio
if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi
insmod part_gpt
insmod ext2
set root='hd1,gpt2'
if [ x$feature_platform_search_hint = xy ]; then
search --no-floppy --fs-uuid --set=root --hint-bios=hd1,gpt2
--hint-efi=hd1,gpt2 --hint-baremetal=ahci1,gpt2
f6ffc231-eed2-49ef-b724-31af095cb129
else
search --no-floppy --fs-uuid --set=root
f6ffc231-eed2-49ef-b724-31af095cb129
fi
echo'Loading Linux 6.0.0-4-amd64 ...'
linux /vmlinuz-6.0.0-4-amd64
root=UUID=720f3744-c999-4ee7-8010-73ef6072a334 ro noplymouth mitigations=off
echo'Loading initial ramdisk ...'
initrd /initrd.img-6.0.0-4-amd64
}
submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option
'gnulinux-advanced-720f3744-c999-4ee7-8010-73ef6072a334' {
menuentry
Bug#1022812: tiger: "check listening processes" uses wrong columns of lsof output
Package: tiger
Version: 1:3.2.4~rc1-3.1
Severity: normal
X-Debbugs-Cc: debian-b...@th-dorner.de
Dear Maintainer,
Every run checking the listening processes produces a difference as it
uses the device IDs as socket IDs for many (not all) processes. The
problem is in the script check_listeningprocs. The script does not work
correctly as the output it gets from lsof is not always structured as
the corresponding awk command expects it to be. Especially there are 2
additional columns with optional content (leading to column shifts
otherwise), and I guess the otherwise selected columns 7 and 8 should be
8 and 9.
I've attached an example of
lsof -n | grep -e COMMAND -e IPv[46] -e ' raw'
(stdout) as lsof-n-IPv-raw.out and what the awk command
awk '{printf("%s %s %s %s\n", $1, $3, $7, $8)}'
would make out of (after a "grep IPv") it as awk-1-3-7-8.out to show the
problem.
I'd suggest either using netstat (-tulpe ?) or lsof -n -F (with pcfDi?),
albeit the latter makes parsing more difficult (there is an example in
/usr/share/doc/lsof/examples/list_fields.awk though).
Best regards, Thomas
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 6.0.0-2-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_CPU_OUT_OF_SPEC
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages tiger depends on:
ii binutils 2.39-8
ii bsdutils 1:2.38.1-1.1+b1
ii debconf [debconf-2.0] 1.5.79
ii debianutils5.7-0.3
ii libc6 2.35-4
ii lsb-release12.0-1
ii net-tools 1.60+git20181103.0eebece-1
ii ucf3.0043
Versions of packages tiger recommends:
ii aide0.17.4-2
ii chkrootkit 0.55-4+b2
ii john1.9.0-2
ii postfix [mail-transport-agent] 3.7.3-2
Versions of packages tiger suggests:
ii lsof 4.95.0-1
ii lynis 3.0.8-1.1
-- debconf information:
tiger/policy_adapt:
tiger/mail_rcpt: root
COMMAND PIDTID TASKCMD USER FD TYPE
DEVICE SIZE/OFF NODE NAME
atop1150 root4u raw
0t0 26153 :00FF->: st=07
cupsd 1441 root7u IPv6
12691 0t0TCP [::1]:ipp (LISTEN)
cupsd 1441 root8u IPv4
12692 0t0TCP 127.0.0.1:ipp (LISTEN)
sshd1444 root3u IPv4
12548 0t0TCP *:ssh (LISTEN)
sshd1444 root4u IPv6
12550 0t0TCP *:ssh (LISTEN)
inetd 1505 root7u IPv4
19705 0t0TCP *:nntp (LISTEN)
pdns_recu 1511 pdns4u IPv4
17594 0t0UDP 127.0.0.1:domain
pdns_recu 1511 pdns5u IPv4
17595 0t0UDP 192.168.1.1:domain
pdns_recu 1511 pdns6u IPv4
17596 0t0TCP 127.0.0.1:domain (LISTEN)
pdns_recu 1511 pdns7u IPv4
17597 0t0TCP 192.168.1.1:domain (LISTEN)
pdns_recu 1511 1701 rec/distr pdns4u IPv4
17594 0t0UDP 127.0.0.1:domain
pdns_recu 1511 1701 rec/distr pdns5u IPv4
17595 0t0UDP 192.168.1.1:domain
pdns_recu 1511 1701 rec/distr pdns6u IPv4
17596 0t0TCP 127.0.0.1:domain (LISTEN)
pdns_recu 1511 1701 rec/distr pdns7u IPv4
17597 0t0TCP 192.168.1.1:domain (LISTEN)
pdns_recu 1511 1702 rec/worke pdns4u IPv4
17594 0t0UDP 127.0.0.1:domain
pdns_recu 1511 1702 rec/worke pdns5u IPv4
17595 0t0UDP 192.168.1.1:domain
pdns_recu 1511 1702 rec/worke pdns6u IPv4
17596 0t0TCP 127.0.0.1:domain (LISTEN)
pdns_recu 1511 1702 rec/worke pdns7u IPv4
17597 0t0TCP 192.168.1.1:domain (LISTEN)
pdns_recu 1511 1703 rec/worke pdns4u IPv4
17594 0t0UDP 127.0.0.1:domain
pdns_recu 1511 1703 rec/worke pdns5u IPv4
17595 0t0UDP 192.168.1.1:domain
pdns_recu 1511 1703 rec/worke
Bug#1021978: spamassassin: non-standard version numbers break spamassassin's AIDE script
On Tue, 18 Oct 2022 07:33:47 -0700 Noah Meyerhans wrote: > On Tue, Oct 18, 2022 at 10:08:32AM +0200, Thomas Dorner wrote: > > The problem is that the current version number 4.0.0~rc3-3.1 does > > not match the expected schema of N.N.N-N. As only the first 3 > > numbers are used anyway, I've created a patch (attached) making the > > regular expression less rigid by ignoring everything after those 3 > > numbers. This works for me. Ooops, you're right, the file /usr/share/aide/config/aide/aide.conf.d/21_aide_spamassassin belongs to aide-common. Could you forward this or should I create a new report? Best regards, Thomas PS: I just noticed that my first reply got lost - at least it does not appear on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021978 -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1021978: spamassassin: non-standard version numbers break spamassassin's AIDE script
Package: spamassassin
Version: 4.0.0~rc3-3.1
Severity: normal
X-Debbugs-Cc: debian-b...@th-dorner.de
Dear Maintainer,
On a recently installed Sid system I tried to set-up AIDE using
aideinit. This failed with the following error messages:
ERROR: /etc/aide/aide.conf.d/21_aide_spamassassin: stderr>
/etc/aide/aide.conf.d/21_aide_spamassassin: line 13: printf: 4.0.0~rc3-3.1:
invalid number
ERROR: /etc/aide/aide.conf.d/21_aide_spamassassin: stderr>
/etc/aide/aide.conf.d/21_aide_spamassassin: line 13: printf: 4.0.0~rc3-3.1:
invalid number
ERROR: /etc/aide/aide.conf.d/21_aide_spamassassin: stderr>
/etc/aide/aide.conf.d/21_aide_spamassassin: line 13: printf: 4.0.0~rc3-3.1:
invalid number
ERROR: /etc/aide/aide.conf.d/21_aide_spamassassin: execution failed (exit
status: 1)
The problem is that the current version number 4.0.0~rc3-3.1 does not
match the expected schema of N.N.N-N. As only the first 3 numbers are
used anyway, I've created a patch (attached) making the regular
expression less rigid by ignoring everything after those 3 numbers.
This works for me.
Best regards, Thomas
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.19.0-2-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_CPU_OUT_OF_SPEC
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages spamassassin depends on:
ii adduser 3.129
ii curl7.85.0-1
ii libhtml-parser-perl 3.79-1
ii libhttp-date-perl 6.05-2
ii libio-string-perl 1.08-3.1
ii libmail-dkim-perl 1.20220520-1
ii libnet-dns-perl 1.35-1
ii libnetaddr-ip-perl 4.079+dfsg-2
ii libsocket6-perl 0.29-2
ii libsys-hostname-long-perl 1.5-2
ii libwww-perl 6.67-1
ii lsb-base11.4
ii perl [libarchive-tar-perl] 5.34.0-5
ii sysvinit-utils [lsb-base] 3.05-6
ii w3m 0.5.3+git20220429-1+b1
Versions of packages spamassassin recommends:
ii gnupg 2.2.39-1
ii libbsd-resource-perl 1.2911-2
ii libio-socket-inet6-perl2.73-1
ii libmail-spf-perl 2.9.0-5
ii perl [libsys-syslog-perl] 5.34.0-5
ii sa-compile 4.0.0~rc3-3.1
ii spamc 4.0.0~rc3-3.1
Versions of packages spamassassin suggests:
ii libdbi-perl 1.643-3+b2
pn libencode-detect-perl
pn libgeoip2-perl
ii libio-socket-ssl-perl 2.075-1
pn libnet-patricia-perl
ii perl [libcompress-zlib-perl] 5.34.0-5
pn pyzor
pn razor
-- no debconf information
--- /usr/share/aide/config/aide/aide.conf.d/21_aide_spamassassin
2022-03-24 09:54:59.0 +0100
+++ /etc/aide/aide.conf.d/21_aide_spamassassin 2022-10-18 09:51:30.855881082
+0200
@@ -3,9 +3,9 @@
SAVERSION_QRESULT="$(dpkg-query --show --showformat '${Version}\n'
spamassassin 2>/dev/null)"
if [ -n "${SAVERSION_QRESULT}" ]; then
- SAVERSION_C1="$(echo ${SAVERSION_QRESULT} | sed
's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)-[[:digit:]]\+$/\1/')"
- SAVERSION_C2="$(echo ${SAVERSION_QRESULT} | sed
's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)-[[:digit:]]\+$/\2/')"
- SAVERSION_C3="$(echo ${SAVERSION_QRESULT} | sed
's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)-[[:digit:]]\+$/\3/')"
+ SAVERSION_C1="$(echo ${SAVERSION_QRESULT} | sed
's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)[-~].*/\1/')"
+ SAVERSION_C2="$(echo ${SAVERSION_QRESULT} | sed
's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)[-~].*/\2/')"
+ SAVERSION_C3="$(echo ${SAVERSION_QRESULT} | sed
's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)[-~].*/\3/')"
# insert plausibility checks here
Bug#1020827: logcheck-database: supplied patch file
Package: logcheck-database
Version: 1.3.24
Followup-For: Bug #1020827
X-Debbugs-Cc: debian-b...@th-dorner.de
Dear Maintainer,
same here, I've patched it locally and just wanted to supply the patch.
Hmm, I've just noticed, there actually already seems to be one. I send
this nonetheless.
-- System Information:
Debian Release: bookworm/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.19.0-2-amd64 (SMP w/16 CPU threads; PREEMPT)
Kernel taint flags: TAINT_CPU_OUT_OF_SPEC
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8),
LANGUAGE=en_GB:en
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
diff -ru /var/tmp/bugs/logcheck/ignore.d.server/anon-proxy
/etc/logcheck/ignore.d.server/anon-proxy
--- /var/tmp/bugs/logcheck/ignore.d.server/anon-proxy 2022-07-14
22:09:03.0 +0200
+++ /etc/logcheck/ignore.d.server/anon-proxy2022-07-14 22:09:03.0
+0200
@@ -1,2 +1,2 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+,
info +\] +Try connecting to next Mix\.\.\.$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+,
info +\] +connected\!$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+,
info +\] +connected!$
diff -ru /var/tmp/bugs/logcheck/ignore.d.server/cyrus
/etc/logcheck/ignore.d.server/cyrus
--- /var/tmp/bugs/logcheck/ignore.d.server/cyrus2022-07-14
22:09:03.0 +0200
+++ /etc/logcheck/ignore.d.server/cyrus 2022-07-14 22:09:03.0 +0200
@@ -2,5 +2,5 @@
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/imapd\[[0-9]+\]: SQUAT failed( to
open index file)?$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/imapd\[[0-9]+\]: SQUAT returned
[0-9]+ messages$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/lmtpd\[[0-9]+\]: DBERROR db3: [12]
lockers$
-^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/notifyd\[[0-9]+\]: MAIL, ,
[^[:space:]]+, [^[:space:]]+, \"[ [:alnum:][:punct:]]+\"$
+^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/notifyd\[[0-9]+\]: MAIL, ,
[^[:space:]]+, [^[:space:]]+, "[ [:alnum:][:punct:]]+"$
^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/squatter\[[0-9]+\]:
(skipping|indexing) mailbox [[:alpha:]^\.]+\.\.\.$
diff -ru /var/tmp/bugs/logcheck/ignore.d.server/dhcp
/etc/logcheck/ignore.d.server/dhcp
--- /var/tmp/bugs/logcheck/ignore.d.server/dhcp 2022-07-14 22:09:03.0
+0200
+++ /etc/logcheck/ignore.d.server/dhcp 2022-07-14 22:09:03.0 +0200
@@ -39,9 +39,9 @@
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: TLS session
successfully started to [:_.[:alnum:]-]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Successfully
logged into LDAP server [._[:alnum:]-]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Found
dhcpServer LDAP entry|LDAP: Parsing dhcpServer options|LDAP: Parsing
dhcpService DN|Found LDAP entry|Parsing external DNs for) '[%=.,_[:alnum:]-]+'(
\.\.\.)?$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Searching|No
host entry) for \(\&\(objectClass=dhcpHost\)\(dhcpHWAddress=ethernet
[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\)\)
in LDAP tree [=,.[:alnum:]]+$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Searching|No
host entry) for \(&\(objectClass=dhcpHost\)\(dhcpHWAddress=ethernet
[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\)\)
in LDAP tree [=,.[:alnum:]]+$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Found
dhcpHWAddress LDAP entry [-_=,.[:alnum:]]+$
-^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending the
following options: '(filename \"[.[:alnum:]]+\"|(fixed-address|next-server)
[.[:digit:]]{7,15}|;#012)+'$
+^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending the
following options: '(filename "[.[:alnum:]]+"|(fixed-address|next-server)
[.[:digit:]]{7,15}|;#012)+'$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config
line '(allow booting|allow bootp|ddns-update-style
(ad-hoc|interim|none)|(default|max|min)-lease-time
[[:digit:]]+|authoritative|option domain-name "[._[:alnum:]-]+"|option
domain-name-servers [._,[:alnum:][:space:]-]+|option subnet-mask
[.[:digit:]]{7,15}|;#012)+'$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config
line '((subnet|netmask|option routers|option subnet-mask)
[.[:digit:]]{7,15}|(default|max|min)-lease-time
[[:digit:]]+|[[:space:]]|\{#012|\}#012|;#012)+'$
^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config
line 'pool (range [.[:digit:]]{7,15} [.[:digit:]]+|(default|min|max)-lease-time
[[:digit:]]+|failover peer "[-._[:alnum:]]+"|deny dynamic bootp
clients|[[:space:]]|\{#012|\}#012|;#012)+'$
diff -ru /var/tmp/bugs/logcheck/ignore.d.server/dovecot
