Bug#1021978: spamassassin: non-standard version numbers break spamassassin's AIDE script
On Tue, 3 Oct 2023 16:32:35 +0200 Thomas Dorner wrote: > > The current version of the rule does things differently. Can you > > verify whether the current version in sid works for you as well? > > Sorry Marc, I switched my systems to Bullseye a few months ago and no > longer have a Sid to test with. Ooops, I meant Bookworm! Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1021978: spamassassin: non-standard version numbers break spamassassin's AIDE script
> The current version of the rule does things differently. Can you > verify whether the current version in sid works for you as well? Sorry Marc, I switched my systems to Bullseye a few months ago and no longer have a Sid to test with. Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Hi Hannes! > Please try the patch available upstream[0] and report back if it fixes > the memory allocation errors. Looks good: [...] WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network: No such file or directory WARNING: tried to read access ACL on /var/opt/lxc/no-network/sys but failed with: No such file or directory WARNING: tried to read default ACL on /var/opt/lxc/no-network/sys but failed with: Invalid argument WARNING: listxattrs failed for /var/opt/lxc/no-network/sys:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/sys: No such file or directory WARNING: readlink() failed for '/var/opt/lxc/no-network/lib64': No such file or directory WARNING: listxattrs failed for /var/opt/lxc/no-network/lib64:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/lib64: No such file or directory WARNING: readlink() failed for '/var/opt/lxc/no-network/lib32': No such file or directory WARNING: listxattrs failed for /var/opt/lxc/no-network/lib32:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/lib32: No such file or directory WARNING: readlink() failed for '/var/opt/lxc/no-network/bin': No such file or directory WARNING: listxattrs failed for /var/opt/lxc/no-network/bin:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/bin: No such file or directory [...] > Thanks for debugging. You're welcome. Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Dear maintainers, I narrowed it further down with some more fprintfs. The problem is not in do_md.c but the call in hsymlnk in gen_list.c. Here the critical part of the output: gen_list.c: hsymlnk: '/var/opt/lxc/no-network/lib64', '' gen_list.c: hsymlnk: len+1 == 0 checked_realloc(0x7fe4f1117290, 0) failed to reallocate 0 bytes ERROR: realloc: failed to allocate memory The variables in the first fprintf are line->fullpath and line->linkname. At the beginning of the aide run /var/opt/lxc/no-network/lib64 is the following symbolic link (basically an identical copy of the root /lib64): lrwxrwxrwx 1 ... /var/opt/lxc/no-network/lib64 -> usr/lib64/ Later (about 30 minutes after the start of dailyaidecheck) the whole "no-network" tree is deleted. This apparently leads to an empty linkname, readlink returns -1, which then results in a call to realloc with size 0. (I think the rest is now up to you. ;-) Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Dear maintainers, after some unsuccessful tries to monitor the failed call to realloc I finally took the sources and added some monitoring into the aide binary itself. (Yes, I'm writing about classic dirty printf debugging. ;-) And today I was successful, the problem is a call to checked_realloc in util.c with a request of 0 bytes. Before that the log contained a few warnings about a missing sub-directory (sys) of the missing upper directory (no-network). WARNING: tried to read access ACL on /var/opt/lxc/no-network/sys but failed with: No such file or directory WARNING: tried to read default ACL on /var/opt/lxc/no-network/sys but failed with: Invalid argument WARNING: listxattrs failed for /var/opt/lxc/no-network/sys:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/sys: No such file or directory checked_realloc(0x7fe3c9145380, 0) failed to reallocate 0 bytes ERROR: realloc: failed to allocate memory End of AIDE error output A first glance at all the calls to checked_realloc makes me guess this can only happen in one of the calls in do_md.c, all others should be >0. Hope this helps & best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
> Well today I run it with dmalloc. I'll need some time to handle the > 28 GB of log-file, especially as it apparently contains at least one > large chunk of 0-bytes. OK, so that log file looks inconspicuous. The reallocations are a few various followed by one series of one permanently growing big one (up to 1792464 bytes; maybe reading in the DB into the internal representation?), a growing small one (growing in 4 bytes steps up to 112 bytes), a huge gap without any reallocations, lots (~55% of all) of reallocations from 257 to something smaller and 4 ones from 99 bytes to 190 bytes). Unfortunately that wasn't the end of the log file, there were still ~2900 other memory actions after it.¹ I'll try something different when the failure occurs again - today it didn't (maybe my timing was wrong), so it probably will be a few days. Best regards, Thomas ¹ My (maybe completely wrong ;-) theory would be that dmalloc only logs after the call returned and it failed in the call itself. (I logged using the tags log-trans and log-stats aka 0x9.) -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Hello Hannes! > Can you try to reproduce the failure and verify that the memory is > actually used up by the aide process? Well today I run it with dmalloc. I'll need some time to handle the 28 GB of log-file, especially as it apparently contains at least one large chunk of 0-bytes. > Additionally can you try to directly call aide limited to the specific > directory (see --limit option). That probably doesn't give me enough time to delete the directory after starting aide, but before aide actually gets there. I'll follow up on this when I know more. Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Hello Hannes, thanks for the quick response. > How many files are in the AIDE database on a successful run? Does this > number significantly differ when the aide check fails? You mean the /var/lib/aide/aide.db? # zcat /var/lib/aide/aide.db | wc 755240 21146627 442199792 The /var/lib/aide/aide.db after a failed one is always size 0. > Is 0.18.2-1 the only version you experience this behaviour or does > this error also occur with an older version? I've never encountered this before, but I did not work with the specific directory tree parallel to the AIDE run for at least 3 weeks before the this one. > Independently of the issue above, it might make sense to exclude this > directory. That's the work-around I'll put in place till you try something different. Best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034816: aide aborts with error "realloc: failed to allocate memory", exit code 22
Package: aide Version: 0.18.2-1 Severity: important X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer (that's you Marc, isn't it ;-), The last two daily aide runs on my desktop machine failed with an error 22. Today's log-file shows: aide run on X.X started at 2023-04-25 06:38:52. ** * AIDE returned with exit code 22. unknown non-zero exit value 22 * ** AIDE error output (465 lines): WARNING: hash calculation: '/run/user/1065/dconf/user' has been changed (changed attributes: c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.3.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.6.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.4.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.1.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.2.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.5.gz' has been changed (changed attributes: s+c+m+i, hash could not be calculated) WARNING: hash calculation: '/var/backups/apt.extended_states.0' has been changed (changed attributes: i, hash could not be calculated) WARNING: hash calculation: '/var/lib/systemd/timers/stamp-chkrootkit.timer' has been changed (changed attributes: c+m, hash could not be calculated) WARNING: hash calculation: '/var/log/chkrootkit/log.today' has been changed (changed attributes: c+m, hash could not be calculated) WARNING: hash calculation: '/var/log/chkrootkit/chkrootkit-daily.log' has been changed (changed attributes: c+m, hash could not be calculated) WARNING: hash calculation: '/var/log/chkrootkit/log.today.raw' has been changed (changed attributes: c+m, hash could not be calculated) [...some more normal warnings...] WARNING: tried to read access ACL on /var/opt/lxc/no-network/usr/share/doc/libgpg-error0 but failed with: No such file or directory WARNING: tried to read default ACL on /var/opt/lxc/no-network/usr/share/doc/libgpg-error0 but failed with: Invalid argument WARNING: listxattrs failed for /var/opt/lxc/no-network/usr/share/doc/libgpg-error0:No such file or directory WARNING: lgetfilecon_raw failed for /var/opt/lxc/no-network/usr/share/doc/libgpg-error0: No such file or directory ERROR: realloc: failed to allocate memory End of AIDE error output AIDE detected no changes. End of AIDE daily aide check at 2023-04-25 08:13, run time 5672 seconds funny, AIDE did not leave a log. Version 0.18.2-1 had been installed on 2023-04-21, so it did run OK at least two times. It also run OK after a manual "systemctl start dailyaidecheck" in a terminal window yesterday. This did not work today though. The last warnings like the 4 last ones above all come from a test directory used by my current project. The files and directories there have been deleted and recreated several times during the aide run. Memory of the machine should be enough with 32 GB mostly used as cache: MiB Mem: 32025.9 total, 1145.8 free, 3102.1 used, 28268.6 buff/cache I think I've always be working on the project during the failures, so it maybe a reallocation for a deleted or recreated entry. Currently I've no further idea to narrow it down. The directory /var/lib/aide/dailyaidecheck with the temporary log-files has been removed, but maybe I can modify something to keep it to maybe get further info. -- System Information: Debian Release: 12.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-8-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages aide depends on: ii libacl1 2.3.1-3 ii libaudit1 1:3.0.9-1 ii libc6 2.36-9 ii libcap2 1:2.66-3 ii libext2fs21.47.0-2 ii libmhash2 0.9.9.9-9 ii libpcre2-8-0 10.42-1 ii libselinux1 3.4-1+b5 ii zlib1g1:1.2.13.dfsg-1 Versions of packages aide recommends: ii aide-common 0.18.2-1 Versions of packages aide suggests: pn figlet -- no debconf information
Bug#1034052: winetricks: winetrick searches for 32 bit wine as wine32, not wine
Hello Jens! > I can't reproduce this issue. What steps exactly did you issue that > failed? Hmm, I tried it again today (after removing my hard-link), and I couldn't reproduce it either. I did some other changes / updates in the meantime though (esp. installing winbind and some Samba packages, which I did not have installed last week). So I guess we can close this as a glitch specific to my environment. Should I encounter it again, I'll reopen with a more through analysis. > Please remove the hardlink again and report the output of "wine > --version". wine-8.0 (Debian 8.0~repack-4) Thanks for your efforts and best regards, Thomas -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1034052: winetricks: winetrick searches for 32 bit wine as wine32, not wine
Package: winetricks Version: 20230212-2 Severity: normal X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer, I have the following wine multiarch installation in Sid: Desired=Unknown/Install/Remove/Purge/Hold | Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend |/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad) ||/ Name Version Architecture Description +++----== ii wine 8.0~repack-4 all Windows API implementation - standard suite ii wine32:i386 8.0~repack-4 i386 Windows API implementation - 32-bit binary loader ii wine64 8.0~repack-4 amd64Windows API implementation - 64-bit binary loader ii winetricks 20230212-2 all simple tool to work around common problems in Wine While setting up a new Wine environment winetricks aborted with the following error: -- Using winetricks 20230212 - sha256sum: 14afe10e8858e47f95fc6f02015003a6ffd8cd438249b25b85e1078e8e326949 with wine-8.0 (Debian 8.0~repack-4) and WINEARCH=win64 Executing w_do_call vcrun2019 -- warning: You are using a 64-bit WINEPREFIX. Note that many verbs only install 32-bit versions of packages. If you encounter problems, please retest in a clean 32-bit WINEPREFIX before reporting a bug. -- Executing load_vcrun2019 Using native,builtin override for following DLLs: api-ms-win-crt-private-l1-1-0 api-ms-win-crt-conio-l1-1-0 api-ms-win-crt-heap-l1-1-0 api-ms-win-crt-locale-l1-1-0 api-ms-win-crt-math-l1-1-0 api-ms-win-crt-runtime-l1-1-0 api-ms-win-crt-stdio-l1-1-0 api-ms-win-crt-time-l1-1-0 atl140 concrt140 msvcp140 msvcp140_1 msvcp140_2 msvcp140_atomic_wait msvcp140_codecvt_ids vcamp140 vccorlib140 vcomp140 vcruntime140 Executing wine C:\windows\syswow64\regedit.exe C:\windows\Temp\override-dll.reg it looks like wine32 is missing, you should install it. multiarch needs to be enabled first. as root, please execute "dpkg --add-architecture i386 && apt-get update && apt-get install wine32:i386" wine: failed to open "C:\\windows\\syswow64\\regedit.exe": c135 -- egedit.exe C:\windows\Temp\override-dll.reg returned status 53. Aborting. -- After simply creating a hard-link between /usr/lib/wine/wine and /usr/lib/wine/wine32 it worked. I guess this is either a bug in the winetricks or the wine (32 bit) package, at least it looks like something not consistent. The fix should be easy in each of them. (I did not try a soft-link, but that probably works as well.) Best regards, Thomas PS: Classified as "normal" as it has a very easy work-around. -- System Information: Debian Release: 12.0 APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-7-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages winetricks depends on: ii binutils 2.40-2 ii curl 7.88.1-8 ii wget 1.21.3-1+b2 ii wine [wine] 8.0~repack-4 Versions of packages winetricks recommends: ii cabextract 1.9-3 ii fuseiso 20070708-3.2+b1 ii p7zip-full 16.02+dfsg-8 ii pkexec 122-3 ii policykit-1 122-3 ii sudo 1.9.13p3-1 ii unzip6.0-28 ii x11-utils7.7+5 ii xdg-utils1.1.3-4.1 ii xz-utils 5.4.1-0.2 ii zenity 3.44.0-1 Versions of packages winetricks suggests: ii tor0.4.7.13-1 ii unrar 1:6.2.6-1 -- no debconf information
Bug#1032122: chkrootkit: bad redirection creating file '1'?
> ($echo is defined by the main loop, although im sceptical it is > actually used given echo is a builtin) At least in the BaSH functions and aliases supersede builtins, although I'm not sure about what the POSIX standard says about it. -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1032122: chkrootkit: bad redirection creating file '1'?
Package: chkrootkit Version: 0.57-1 Severity: normal X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer, The regular running chkrootkit apparently creates a file '1' in the directory /usr/lib/chkrootkit. Checking for a supposed bad redirection in the scripts of the package of chkrootkit (with "grep -n '> *1' /etc/cron.daily/chkrootkit /usr/sbin/chkrootkit") found the following: /usr/sbin/chkrootkit:1423: ${echo} >1 "$ROOTDIRproc/syslogk" > /dev/null 2>&1 This looks very strange, especially as I don't see a variable echo being assigned anywhere. I'm not quite sure what is intended here so I don't try to speculate about a correct patch, sorry. Best regards, Thomas -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.1.0-5-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages chkrootkit depends on: ii libc6 2.36-8 Versions of packages chkrootkit recommends: ii binutils 2.40-2 ii iproute2 6.1.0-2 ii net-tools 2.10-0.1 ii procps 2:4.0.3-1 chkrootkit suggests no packages. -- no debconf information
Bug#1024247: grub-efi-amd64: conf_force_conffnew=YES in /etc/ucf.conf breaks grub-efi-amd64.postinst
Package: grub-efi-amd64 Version: 2.06-5 Severity: important X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer, /var/lib/dpkg/info/grub-efi-amd64.postinst failed with: Setting up grub-efi-amd64 (2.06-5) ... Error: Only one of force_conffold and force_conffnew should be set dpkg: error processing package grub-efi-amd64 (--configure): installed grub-efi-amd64 package post-installation script subprocess returned error exit status 1 The problem is, that I have set "conf_force_conffnew=YES" in /etc/ucf.conf and the post-install script itself sets in line 414 "ucf_env=UCF_FORCE_CONFFOLD=1". I would expect that my decision would be honoured here. (This is a similar bug to #1002038 in grub-pc, so maybe there are others as well?) To reproduce it just set "conf_force_conffnew=YES" in /etc/ucf.conf and run: /usr/share/debconf/frontend /var/lib/dpkg/info/grub-efi-amd64.postinst configure I was able to circumvent the problem by temporarily disable the option in /etc/ucf.conf. Best regards, Thomas -- Package-specific info: *** BEGIN /proc/mounts /dev/mapper/crypt_root / ext4 rw,relatime,discard,errors=remount-ro 0 0 /dev/sda3 /images ext4 rw,relatime,discard 0 0 /dev/sdb2 /boot ext2 rw,relatime,discard 0 0 /dev/sdb1 /boot/efi vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 0 /dev/sdc6 /video ext4 rw,relatime 0 0 /dev/mapper/crypt_home /home ext4 rw,relatime,discard 0 0 /dev/mapper/crypt_goodies /goodies ext4 rw,relatime,discard 0 0 *** END /proc/mounts *** BEGIN /boot/grub/grub.cfg # # DO NOT EDIT THIS FILE # # It is automatically generated by grub-mkconfig using templates # from /etc/grub.d and settings from /etc/default/grub # ### BEGIN /etc/grub.d/00_header ### if [ -s $prefix/grubenv ]; then set have_grubenv=true load_env fi if [ "${next_entry}" ] ; then set default="${next_entry}" set next_entry= save_env next_entry set boot_once=true else set default="0" fi if [ x"${feature_menuentry_id}" = xy ]; then menuentry_id_option="--id" else menuentry_id_option="" fi export menuentry_id_option if [ "${prev_saved_entry}" ]; then set saved_entry="${prev_saved_entry}" save_env saved_entry set prev_saved_entry= save_env prev_saved_entry set boot_once=true fi function savedefault { if [ -z "${boot_once}" ]; then saved_entry="${chosen}" save_env saved_entry fi } function load_video { if [ x$feature_all_video_module = xy ]; then insmod all_video else insmod efi_gop insmod efi_uga insmod ieee1275_fb insmod vbe insmod vga insmod video_bochs insmod video_cirrus fi } if [ x$feature_default_font_path = xy ] ; then font=unicode else insmod ext2 search --no-floppy --fs-uuid --set=root 720f3744-c999-4ee7-8010-73ef6072a334 font="/usr/share/grub/unicode.pf2" fi if loadfont $font ; then set gfxmode=1920x1200x32 load_video insmod gfxterm fi terminal_output gfxterm if [ "${recordfail}" = 1 ] ; then set timeout=30 else if [ x$feature_timeout_style = xy ] ; then set timeout_style=menu set timeout=3 # Fallback normal timeout code in case the timeout_style feature is # unavailable. else set timeout=3 fi fi ### END /etc/grub.d/00_header ### ### BEGIN /etc/grub.d/05_debian_theme ### insmod ext2 search --no-floppy --fs-uuid --set=root 720f3744-c999-4ee7-8010-73ef6072a334 insmod png if background_image /usr/share/desktop-base/homeworld-theme/grub/grub-16x9.png; then set color_normal=white/black set color_highlight=black/white else set menu_color_normal=cyan/blue set menu_color_highlight=white/blue fi ### END /etc/grub.d/05_debian_theme ### ### BEGIN /etc/grub.d/10_linux ### function gfxmode { set gfxpayload="${1}" } set linux_gfx_mode=keep export linux_gfx_mode menuentry 'Debian GNU/Linux' --class debian --class gnu-linux --class gnu --class os $menuentry_id_option 'gnulinux-simple-720f3744-c999-4ee7-8010-73ef6072a334' { load_video gfxmode $linux_gfx_mode insmod gzio if [ x$grub_platform = xxen ]; then insmod xzio; insmod lzopio; fi insmod part_gpt insmod ext2 set root='hd1,gpt2' if [ x$feature_platform_search_hint = xy ]; then search --no-floppy --fs-uuid --set=root --hint-bios=hd1,gpt2 --hint-efi=hd1,gpt2 --hint-baremetal=ahci1,gpt2 f6ffc231-eed2-49ef-b724-31af095cb129 else search --no-floppy --fs-uuid --set=root f6ffc231-eed2-49ef-b724-31af095cb129 fi echo'Loading Linux 6.0.0-4-amd64 ...' linux /vmlinuz-6.0.0-4-amd64 root=UUID=720f3744-c999-4ee7-8010-73ef6072a334 ro noplymouth mitigations=off echo'Loading initial ramdisk ...' initrd /initrd.img-6.0.0-4-amd64 } submenu 'Advanced options for Debian GNU/Linux' $menuentry_id_option 'gnulinux-advanced-720f3744-c999-4ee7-8010-73ef6072a334' { menuentry
Bug#1022812: tiger: "check listening processes" uses wrong columns of lsof output
Package: tiger Version: 1:3.2.4~rc1-3.1 Severity: normal X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer, Every run checking the listening processes produces a difference as it uses the device IDs as socket IDs for many (not all) processes. The problem is in the script check_listeningprocs. The script does not work correctly as the output it gets from lsof is not always structured as the corresponding awk command expects it to be. Especially there are 2 additional columns with optional content (leading to column shifts otherwise), and I guess the otherwise selected columns 7 and 8 should be 8 and 9. I've attached an example of lsof -n | grep -e COMMAND -e IPv[46] -e ' raw' (stdout) as lsof-n-IPv-raw.out and what the awk command awk '{printf("%s %s %s %s\n", $1, $3, $7, $8)}' would make out of (after a "grep IPv") it as awk-1-3-7-8.out to show the problem. I'd suggest either using netstat (-tulpe ?) or lsof -n -F (with pcfDi?), albeit the latter makes parsing more difficult (there is an example in /usr/share/doc/lsof/examples/list_fields.awk though). Best regards, Thomas -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 6.0.0-2-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages tiger depends on: ii binutils 2.39-8 ii bsdutils 1:2.38.1-1.1+b1 ii debconf [debconf-2.0] 1.5.79 ii debianutils5.7-0.3 ii libc6 2.35-4 ii lsb-release12.0-1 ii net-tools 1.60+git20181103.0eebece-1 ii ucf3.0043 Versions of packages tiger recommends: ii aide0.17.4-2 ii chkrootkit 0.55-4+b2 ii john1.9.0-2 ii postfix [mail-transport-agent] 3.7.3-2 Versions of packages tiger suggests: ii lsof 4.95.0-1 ii lynis 3.0.8-1.1 -- debconf information: tiger/policy_adapt: tiger/mail_rcpt: root COMMAND PIDTID TASKCMD USER FD TYPE DEVICE SIZE/OFF NODE NAME atop1150 root4u raw 0t0 26153 :00FF->: st=07 cupsd 1441 root7u IPv6 12691 0t0TCP [::1]:ipp (LISTEN) cupsd 1441 root8u IPv4 12692 0t0TCP 127.0.0.1:ipp (LISTEN) sshd1444 root3u IPv4 12548 0t0TCP *:ssh (LISTEN) sshd1444 root4u IPv6 12550 0t0TCP *:ssh (LISTEN) inetd 1505 root7u IPv4 19705 0t0TCP *:nntp (LISTEN) pdns_recu 1511 pdns4u IPv4 17594 0t0UDP 127.0.0.1:domain pdns_recu 1511 pdns5u IPv4 17595 0t0UDP 192.168.1.1:domain pdns_recu 1511 pdns6u IPv4 17596 0t0TCP 127.0.0.1:domain (LISTEN) pdns_recu 1511 pdns7u IPv4 17597 0t0TCP 192.168.1.1:domain (LISTEN) pdns_recu 1511 1701 rec/distr pdns4u IPv4 17594 0t0UDP 127.0.0.1:domain pdns_recu 1511 1701 rec/distr pdns5u IPv4 17595 0t0UDP 192.168.1.1:domain pdns_recu 1511 1701 rec/distr pdns6u IPv4 17596 0t0TCP 127.0.0.1:domain (LISTEN) pdns_recu 1511 1701 rec/distr pdns7u IPv4 17597 0t0TCP 192.168.1.1:domain (LISTEN) pdns_recu 1511 1702 rec/worke pdns4u IPv4 17594 0t0UDP 127.0.0.1:domain pdns_recu 1511 1702 rec/worke pdns5u IPv4 17595 0t0UDP 192.168.1.1:domain pdns_recu 1511 1702 rec/worke pdns6u IPv4 17596 0t0TCP 127.0.0.1:domain (LISTEN) pdns_recu 1511 1702 rec/worke pdns7u IPv4 17597 0t0TCP 192.168.1.1:domain (LISTEN) pdns_recu 1511 1703 rec/worke pdns4u IPv4 17594 0t0UDP 127.0.0.1:domain pdns_recu 1511 1703 rec/worke pdns5u IPv4 17595 0t0UDP 192.168.1.1:domain pdns_recu 1511 1703 rec/worke
Bug#1021978: spamassassin: non-standard version numbers break spamassassin's AIDE script
On Tue, 18 Oct 2022 07:33:47 -0700 Noah Meyerhans wrote: > On Tue, Oct 18, 2022 at 10:08:32AM +0200, Thomas Dorner wrote: > > The problem is that the current version number 4.0.0~rc3-3.1 does > > not match the expected schema of N.N.N-N. As only the first 3 > > numbers are used anyway, I've created a patch (attached) making the > > regular expression less rigid by ignoring everything after those 3 > > numbers. This works for me. Ooops, you're right, the file /usr/share/aide/config/aide/aide.conf.d/21_aide_spamassassin belongs to aide-common. Could you forward this or should I create a new report? Best regards, Thomas PS: I just noticed that my first reply got lost - at least it does not appear on https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021978 -- 퓣퓱퓸퓶퓪퓼 퓓퓸퓻퓷퓮퓻
Bug#1021978: spamassassin: non-standard version numbers break spamassassin's AIDE script
Package: spamassassin Version: 4.0.0~rc3-3.1 Severity: normal X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer, On a recently installed Sid system I tried to set-up AIDE using aideinit. This failed with the following error messages: ERROR: /etc/aide/aide.conf.d/21_aide_spamassassin: stderr> /etc/aide/aide.conf.d/21_aide_spamassassin: line 13: printf: 4.0.0~rc3-3.1: invalid number ERROR: /etc/aide/aide.conf.d/21_aide_spamassassin: stderr> /etc/aide/aide.conf.d/21_aide_spamassassin: line 13: printf: 4.0.0~rc3-3.1: invalid number ERROR: /etc/aide/aide.conf.d/21_aide_spamassassin: stderr> /etc/aide/aide.conf.d/21_aide_spamassassin: line 13: printf: 4.0.0~rc3-3.1: invalid number ERROR: /etc/aide/aide.conf.d/21_aide_spamassassin: execution failed (exit status: 1) The problem is that the current version number 4.0.0~rc3-3.1 does not match the expected schema of N.N.N-N. As only the first 3 numbers are used anyway, I've created a patch (attached) making the regular expression less rigid by ignoring everything after those 3 numbers. This works for me. Best regards, Thomas -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.19.0-2-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages spamassassin depends on: ii adduser 3.129 ii curl7.85.0-1 ii libhtml-parser-perl 3.79-1 ii libhttp-date-perl 6.05-2 ii libio-string-perl 1.08-3.1 ii libmail-dkim-perl 1.20220520-1 ii libnet-dns-perl 1.35-1 ii libnetaddr-ip-perl 4.079+dfsg-2 ii libsocket6-perl 0.29-2 ii libsys-hostname-long-perl 1.5-2 ii libwww-perl 6.67-1 ii lsb-base11.4 ii perl [libarchive-tar-perl] 5.34.0-5 ii sysvinit-utils [lsb-base] 3.05-6 ii w3m 0.5.3+git20220429-1+b1 Versions of packages spamassassin recommends: ii gnupg 2.2.39-1 ii libbsd-resource-perl 1.2911-2 ii libio-socket-inet6-perl2.73-1 ii libmail-spf-perl 2.9.0-5 ii perl [libsys-syslog-perl] 5.34.0-5 ii sa-compile 4.0.0~rc3-3.1 ii spamc 4.0.0~rc3-3.1 Versions of packages spamassassin suggests: ii libdbi-perl 1.643-3+b2 pn libencode-detect-perl pn libgeoip2-perl ii libio-socket-ssl-perl 2.075-1 pn libnet-patricia-perl ii perl [libcompress-zlib-perl] 5.34.0-5 pn pyzor pn razor -- no debconf information --- /usr/share/aide/config/aide/aide.conf.d/21_aide_spamassassin 2022-03-24 09:54:59.0 +0100 +++ /etc/aide/aide.conf.d/21_aide_spamassassin 2022-10-18 09:51:30.855881082 +0200 @@ -3,9 +3,9 @@ SAVERSION_QRESULT="$(dpkg-query --show --showformat '${Version}\n' spamassassin 2>/dev/null)" if [ -n "${SAVERSION_QRESULT}" ]; then - SAVERSION_C1="$(echo ${SAVERSION_QRESULT} | sed 's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)-[[:digit:]]\+$/\1/')" - SAVERSION_C2="$(echo ${SAVERSION_QRESULT} | sed 's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)-[[:digit:]]\+$/\2/')" - SAVERSION_C3="$(echo ${SAVERSION_QRESULT} | sed 's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)-[[:digit:]]\+$/\3/')" + SAVERSION_C1="$(echo ${SAVERSION_QRESULT} | sed 's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)[-~].*/\1/')" + SAVERSION_C2="$(echo ${SAVERSION_QRESULT} | sed 's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)[-~].*/\2/')" + SAVERSION_C3="$(echo ${SAVERSION_QRESULT} | sed 's/^\([[:digit:]]\+\)\.\([[:digit:]]\+\)\.\([[:digit:]]\+\)[-~].*/\3/')" # insert plausibility checks here
Bug#1020827: logcheck-database: supplied patch file
Package: logcheck-database Version: 1.3.24 Followup-For: Bug #1020827 X-Debbugs-Cc: debian-b...@th-dorner.de Dear Maintainer, same here, I've patched it locally and just wanted to supply the patch. Hmm, I've just noticed, there actually already seems to be one. I send this nonetheless. -- System Information: Debian Release: bookworm/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 5.19.0-2-amd64 (SMP w/16 CPU threads; PREEMPT) Kernel taint flags: TAINT_CPU_OUT_OF_SPEC Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8), LANGUAGE=en_GB:en Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled diff -ru /var/tmp/bugs/logcheck/ignore.d.server/anon-proxy /etc/logcheck/ignore.d.server/anon-proxy --- /var/tmp/bugs/logcheck/ignore.d.server/anon-proxy 2022-07-14 22:09:03.0 +0200 +++ /etc/logcheck/ignore.d.server/anon-proxy2022-07-14 22:09:03.0 +0200 @@ -1,2 +1,2 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +Try connecting to next Mix\.\.\.$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +connected\!$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ AnonMix: \[[0-9]+/[0-9]+/[0-9]+-[:0-9]+, info +\] +connected!$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/cyrus /etc/logcheck/ignore.d.server/cyrus --- /var/tmp/bugs/logcheck/ignore.d.server/cyrus2022-07-14 22:09:03.0 +0200 +++ /etc/logcheck/ignore.d.server/cyrus 2022-07-14 22:09:03.0 +0200 @@ -2,5 +2,5 @@ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/imapd\[[0-9]+\]: SQUAT failed( to open index file)?$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/imapd\[[0-9]+\]: SQUAT returned [0-9]+ messages$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/lmtpd\[[0-9]+\]: DBERROR db3: [12] lockers$ -^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/notifyd\[[0-9]+\]: MAIL, , [^[:space:]]+, [^[:space:]]+, \"[ [:alnum:][:punct:]]+\"$ +^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/notifyd\[[0-9]+\]: MAIL, , [^[:space:]]+, [^[:space:]]+, "[ [:alnum:][:punct:]]+"$ ^\w{3} [ :0-9]{11} [._[:alnum:]-]+ cyrus/squatter\[[0-9]+\]: (skipping|indexing) mailbox [[:alpha:]^\.]+\.\.\.$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/dhcp /etc/logcheck/ignore.d.server/dhcp --- /var/tmp/bugs/logcheck/ignore.d.server/dhcp 2022-07-14 22:09:03.0 +0200 +++ /etc/logcheck/ignore.d.server/dhcp 2022-07-14 22:09:03.0 +0200 @@ -39,9 +39,9 @@ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: TLS session successfully started to [:_.[:alnum:]-]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Successfully logged into LDAP server [._[:alnum:]-]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Found dhcpServer LDAP entry|LDAP: Parsing dhcpServer options|LDAP: Parsing dhcpService DN|Found LDAP entry|Parsing external DNs for) '[%=.,_[:alnum:]-]+'( \.\.\.)?$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Searching|No host entry) for \(\&\(objectClass=dhcpHost\)\(dhcpHWAddress=ethernet [[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\)\) in LDAP tree [=,.[:alnum:]]+$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: (Searching|No host entry) for \(&\(objectClass=dhcpHost\)\(dhcpHWAddress=ethernet [[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}:[[:xdigit:]]{2}\)\) in LDAP tree [=,.[:alnum:]]+$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Found dhcpHWAddress LDAP entry [-_=,.[:alnum:]]+$ -^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending the following options: '(filename \"[.[:alnum:]]+\"|(fixed-address|next-server) [.[:digit:]]{7,15}|;#012)+'$ +^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending the following options: '(filename "[.[:alnum:]]+"|(fixed-address|next-server) [.[:digit:]]{7,15}|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line '(allow booting|allow bootp|ddns-update-style (ad-hoc|interim|none)|(default|max|min)-lease-time [[:digit:]]+|authoritative|option domain-name "[._[:alnum:]-]+"|option domain-name-servers [._,[:alnum:][:space:]-]+|option subnet-mask [.[:digit:]]{7,15}|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line '((subnet|netmask|option routers|option subnet-mask) [.[:digit:]]{7,15}|(default|max|min)-lease-time [[:digit:]]+|[[:space:]]|\{#012|\}#012|;#012)+'$ ^\w{3} [ :[:digit:]]{11} [._[:alnum:]-]+ dhcpd[[[:digit:]]+]: Sending config line 'pool (range [.[:digit:]]{7,15} [.[:digit:]]+|(default|min|max)-lease-time [[:digit:]]+|failover peer "[-._[:alnum:]]+"|deny dynamic bootp clients|[[:space:]]|\{#012|\}#012|;#012)+'$ diff -ru /var/tmp/bugs/logcheck/ignore.d.server/dovecot