Re: icecast2 config/postinst
Hi Robin, On 11-04-18 at 07:29pm, Robin Gareus wrote: I've added config-templates and postinst configuration (passwords, hostname, enable-service) to icecast2. Nice! Attached patch applies to revision baf67ba (currently HEAD) on http://git.debian.org/?p=pkg-multimedia/icecast2.git What would be needed to get this into the official icecast2 debian package? Please open a bugreport against the package and include the patch there. Also, it seems to me from briefly reading it, that you (briefly) expose passwords to all local users by printing it as part of an ed command. That is (if correctly read) a security flaw and should be avoided. One way to avoid it is to export the passwords as environment variables and then run a short perl script which uses those same variables. Like this (from a CipUX routine): export pw=bla perl -i -pe s/[ \t]*#([ \t]*password[ \t]*=).*/\$1\$ENV{'pw'}/ file But please, instead of discussing further here, file a bugreport and let's continue the discussion there :-) Regards, - Jonas -- * Jonas Smedegaard - idealist Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private signature.asc Description: Digital signature ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers
Re: icecast2 config/postinst
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 04/18/2011 07:53 PM, Jonas Smedegaard wrote: Hi Robin, On 11-04-18 at 07:29pm, Robin Gareus wrote: I've added config-templates and postinst configuration (passwords, hostname, enable-service) to icecast2. Nice! Attached patch applies to revision baf67ba (currently HEAD) on http://git.debian.org/?p=pkg-multimedia/icecast2.git What would be needed to get this into the official icecast2 debian package? Please open a bugreport against the package and include the patch there. done. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=623256 I inadvertently attached the patch twice (`reportbug` did not list the attachments; so I thought it missing.. sorry). Also, it seems to me from briefly reading it, that you (briefly) expose passwords to all local users by printing it as part of an ed command. AFAICT it does not. It's cat _EOF_ | ed ... So the password is piped to ed and not visible to other process. That is (if correctly read) a security flaw and should be avoided. One way to avoid it is to export the passwords as environment variables and then run a short perl script which uses those same variables. Like this (from a CipUX routine): export pw=bla perl -i -pe s/[ \t]*#([ \t]*password[ \t]*=).*/\$1\$ENV{'pw'}/ file But please, instead of discussing further here, file a bugreport and let's continue the discussion there :-) sure. It's also not-using-po-debconf for internationalization, yet. Anyway, one step at a time. Cheers! robin -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.10 (GNU/Linux) iEYEARECAAYFAk2shiUACgkQeVUk8U+VK0Ko3QCgiMrJbgnY4Go9BO3JafeTF6vQ LDUAoJ5kOTymrxrjOLSz/lSLBNnEyJI/ =9PO7 -END PGP SIGNATURE- ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers
Re: icecast2 config/postinst
Robin, I've already pushed your patch, could you refresh it by yourself? Thanks for the great work, man ;) -- Alessio Treglia | www.alessiotreglia.com Debian Developer | ales...@debian.org Ubuntu Core Developer | quadris...@ubuntu.com 0FEC 59A5 E18E E04F 6D40 593B 45D4 8C7C DCFC 3FD0 ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers
Re: icecast2 config/postinst
On Mon, Apr 18, 2011 at 8:55 PM, Robin Gareus ro...@gareus.org wrote: What do you mean with refresh? I've miss'd your last reply to Jonas regarding how passwords are handled, then never mind and thanks again. -- Alessio Treglia | www.alessiotreglia.com Debian Developer | ales...@debian.org Ubuntu Core Developer | quadris...@ubuntu.com 0FEC 59A5 E18E E04F 6D40 593B 45D4 8C7C DCFC 3FD0 ___ pkg-multimedia-maintainers mailing list pkg-multimedia-maintainers@lists.alioth.debian.org http://lists.alioth.debian.org/mailman/listinfo/pkg-multimedia-maintainers