Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

2017-08-23 Thread Adam D. Barratt 
Control: tags -1 + pending

On Fri, 2017-08-18 at 19:49 +0200, Felix Geyer wrote:
> On 08.08.2017 22:00, Adam D. Barratt wrote:
> > Control: tags -1 + confirmed
> > 
> > On Tue, 2017-08-08 at 07:52 +0200, Felix Geyer wrote:
> >> Control: tags -1 - moreinfo
> >>
> >> On Mon, 31 Jul 2017 00:24:41 +0200 Felix Geyer  wrote:
> >>> Uh, you are right of course. Not sure how I missed that. Thanks for 
> >>> checking!
> >>> I've just upload 16.2.6-3 with those changes to unstable.
> >>>
> >>> While looking further into it I noticed that the version check in
> >>> bareos-director.postinst is wrong.
> >>> Instead of 15.2.2-1~ it should be 16.2.4-3+deb9u1~
> >>
> >> The fixed version is now in testing.
> > 
> > Thanks. Please feel free to upload.
> 
> Uploaded, thanks!
> The only change compared to the debdiff is the version check in postinst.

Flagged for acceptance.

Regards,

Adam

Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

2017-08-18 Thread Felix Geyer 
On 08.08.2017 22:00, Adam D. Barratt wrote:
> Control: tags -1 + confirmed
> 
> On Tue, 2017-08-08 at 07:52 +0200, Felix Geyer wrote:
>> Control: tags -1 - moreinfo
>>
>> On Mon, 31 Jul 2017 00:24:41 +0200 Felix Geyer  wrote:
>>> Uh, you are right of course. Not sure how I missed that. Thanks for 
>>> checking!
>>> I've just upload 16.2.6-3 with those changes to unstable.
>>>
>>> While looking further into it I noticed that the version check in
>>> bareos-director.postinst is wrong.
>>> Instead of 15.2.2-1~ it should be 16.2.4-3+deb9u1~
>>
>> The fixed version is now in testing.
> 
> Thanks. Please feel free to upload.

Uploaded, thanks!
The only change compared to the debdiff is the version check in postinst.

Felix

Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

2017-08-08 Thread Adam D. Barratt 
Control: tags -1 + confirmed

On Tue, 2017-08-08 at 07:52 +0200, Felix Geyer wrote:
> Control: tags -1 - moreinfo
> 
> On Mon, 31 Jul 2017 00:24:41 +0200 Felix Geyer  wrote:
> > Uh, you are right of course. Not sure how I missed that. Thanks for 
> > checking!
> > I've just upload 16.2.6-3 with those changes to unstable.
> > 
> > While looking further into it I noticed that the version check in
> > bareos-director.postinst is wrong.
> > Instead of 15.2.2-1~ it should be 16.2.4-3+deb9u1~
> 
> The fixed version is now in testing.

Thanks. Please feel free to upload.

Regards,

Adam

Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

2017-08-07 Thread Felix Geyer 
Control: tags -1 - moreinfo

On Mon, 31 Jul 2017 00:24:41 +0200 Felix Geyer  wrote:
> Uh, you are right of course. Not sure how I missed that. Thanks for checking!
> I've just upload 16.2.6-3 with those changes to unstable.
> 
> While looking further into it I noticed that the version check in
> bareos-director.postinst is wrong.
> Instead of 15.2.2-1~ it should be 16.2.4-3+deb9u1~

The fixed version is now in testing.

Felix

Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

2017-07-30 Thread Felix Geyer 
On 30.07.2017 23:41, Adam D. Barratt wrote:
> Control: tags -1 + moreinfo
> 
> On Sun, 2017-07-30 at 21:41 +0200, Felix Geyer wrote:
>> I'd like to fix three bugs in bareos for stretch:
>>
>> * Fix permissions of bareos-dir logrotate config on upgrade. (Closes: 
>> #864926)
>>
>> Removes executable permission for upgrades from < 15.2.2-1.
>>
>> * Remove duplicate config check call in the init script.
>>
>> Avoids warning when /etc/bareos/bareos-dir.conf doesn't exist.
>> It's harmless but might confuse admins.
>>
>> * Fix file corruption when using SHA1 signature. (Closes: #869608)
>>
>> Serious bug, data corruption of backups.
> 
> So far as I can tell, the first two of these also affect the package in
> unstable - is that correct?

Uh, you are right of course. Not sure how I missed that. Thanks for checking!
I've just upload 16.2.6-3 with those changes to unstable.

While looking further into it I noticed that the version check in
bareos-director.postinst is wrong.
Instead of 15.2.2-1~ it should be 16.2.4-3+deb9u1~

Felix

Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

2017-07-30 Thread Adam D. Barratt 
Control: tags -1 + moreinfo

On Sun, 2017-07-30 at 21:41 +0200, Felix Geyer wrote:
> I'd like to fix three bugs in bareos for stretch:
> 
> * Fix permissions of bareos-dir logrotate config on upgrade. (Closes: #864926)
> 
> Removes executable permission for upgrades from < 15.2.2-1.
> 
> * Remove duplicate config check call in the init script.
> 
> Avoids warning when /etc/bareos/bareos-dir.conf doesn't exist.
> It's harmless but might confuse admins.
> 
> * Fix file corruption when using SHA1 signature. (Closes: #869608)
> 
> Serious bug, data corruption of backups.

So far as I can tell, the first two of these also affect the package in
unstable - is that correct?

Regards,

Adam

Bug#870181: stretch-pu: package bareos/16.2.4-3+deb9u1

2017-07-30 Thread Felix Geyer 
Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian@packages.debian.org
Usertags: pu

Hi,

I'd like to fix three bugs in bareos for stretch:

* Fix permissions of bareos-dir logrotate config on upgrade. (Closes: #864926)

Removes executable permission for upgrades from < 15.2.2-1.

* Remove duplicate config check call in the init script.

Avoids warning when /etc/bareos/bareos-dir.conf doesn't exist.
It's harmless but might confuse admins.

* Fix file corruption when using SHA1 signature. (Closes: #869608)

Serious bug, data corruption of backups.


debdiff is attached.

Cheers,
Felix
diff --git a/debian/bareos-director.bareos-dir.init 
b/debian/bareos-director.bareos-dir.init
index 80b2878b..ec08458c 100755
--- a/debian/bareos-director.bareos-dir.init
+++ b/debian/bareos-director.bareos-dir.init
@@ -51,7 +51,6 @@ PATH=/sbin:/usr/sbin:/bin:/usr/bin
 
 checkcfg() {
echo "Checking Configuration and Database connection ... "
-   su -s /bin/sh $DAEMON_USER -c "/usr/sbin/bareos-dir -f -t -c 
/etc/bareos/bareos-dir.conf"
su -s /bin/sh $DAEMON_USER -c "/usr/sbin/bareos-dir -f -t"
if [ $? -eq 0 ]; then
   return 0
diff --git a/debian/bareos-director.postinst b/debian/bareos-director.postinst
index f8086c67..a81ef414 100644
--- a/debian/bareos-director.postinst
+++ b/debian/bareos-director.postinst
@@ -38,6 +38,12 @@ case "$1" in
 /usr/lib/bareos/scripts/bareos-config apply_dbconfig_settings
 fi
 permissions
+
+if dpkg --compare-versions "$2" lt-nl "15.2.2-1~"; then
+if [ -e /etc/logrotate.d/bareos-dir ]; then
+chmod -x /etc/logrotate.d/bareos-dir
+fi
+fi
 ;;
 abort-upgrade|abort-remove|abort-deconfigure)
 ;;
diff --git a/debian/changelog b/debian/changelog
index 2153410b..648caf28 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+bareos (16.2.4-3+deb9u1) stretch; urgency=medium
+
+  * Fix permissions of bareos-dir logrotate config on upgrade. (Closes: 
#864926)
+  * Remove duplicate config check call in the init script.
+- Avoids (harmless) warning when /etc/bareos/bareos-dir.conf doesn't exist.
+  * Fix file corruption when using SHA1 signature. (Closes: #869608)
+  * Add autopkgtest for SHA1 signature.
+
+ -- Felix Geyer   Thu, 27 Jul 2017 20:58:49 +0200
+
 bareos (16.2.4-3) unstable; urgency=medium
 
   * Team upload.
diff --git a/debian/patches/fix-sha1-file-corruption 
b/debian/patches/fix-sha1-file-corruption
new file mode 100644
index ..6bf89319
--- /dev/null
+++ b/debian/patches/fix-sha1-file-corruption
@@ -0,0 +1,29 @@
+From 49be4618319e681a4ad79fde63e984df1748938c Mon Sep 17 00:00:00 2001
+From: Joerg Steffens 
+Date: Wed, 26 Jul 2017 21:57:38 +0200
+Subject: [PATCH] bugfix: prevents file corruptions by SHA1
+
+Fixes a bug when using SHA1 file signatures in Bareos version compiled
+without openssl.
+
+Fixes #838: File corruption with SHA1 signature
+---
+ src/lib/sha1.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/src/lib/sha1.c b/src/lib/sha1.c
+index 9972cb2..f67c466 100644
+--- a/src/lib/sha1.c
 b/src/lib/sha1.c
+@@ -20,7 +20,8 @@ A million repetitions of "a"
+ #if __LITTLE_ENDIAN__
+ #define LITTLE_ENDIAN
+ #endif
+-/* #define SHA1HANDSOFF * Copies data before messing with it. */
++/* #define SHA1HANDSOFF * Copies data before messing with it. Do not modify 
original data! */
++#define SHA1HANDSOFF
+ 
+ #include "sha1.h"
+ 
+-- 
+2.7.4
diff --git a/debian/patches/series b/debian/patches/series
index 194ffd15..58aa560d 100644
--- a/debian/patches/series
+++ b/debian/patches/series
@@ -1,2 +1,3 @@
 dont-generate-debian-files
 disable-fstype-test
+fix-sha1-file-corruption
diff --git a/debian/tests/control b/debian/tests/control
index 712dbf5e..7ab8f964 100644
--- a/debian/tests/control
+++ b/debian/tests/control
@@ -10,6 +10,6 @@ Test-Command: test/all
 Restrictions: breaks-testbed needs-root allow-stderr
 Depends: bareos-database-sqlite3, bareos
 
-Tests: tls tls-passive
+Tests: tls tls-passive sha1
 Restrictions: breaks-testbed needs-root allow-stderr
 Depends: bareos-database-sqlite3, bareos
diff --git a/debian/tests/sha1 b/debian/tests/sha1
new file mode 100755
index ..5e745e23
--- /dev/null
+++ b/debian/tests/sha1
@@ -0,0 +1,48 @@
+#!/bin/bash
+
+# stop on first error
+set -e
+
+sed -i "s#Signature = MD5.*#Signature = SHA1#" 
/etc/bareos/bareos-dir.d/fileset/SelfTest.conf
+
+echo "start testing ... "
+echo "TRAVIS_BRANCH: $TRAVIS_BRANCH"
+echo "USER: $USER"
+echo "DB: $DB"
+
+echo "- restarting services --- "
+service bareos-dir restart
+service bareos-sd restart
+service bareos-fd restart
+sleep 10
+
+echo "- checking services --- "
+service bareos-dir status
+service bareos-sd status
+service bareos-fd status
+
+
+# enable bash debug
+set -v
+
+BACKUP_TEST_FILE=/usr/sbin/bareos.test
+
+echo -e