On Wed, Mar 23, 2005 at 11:36:18PM +0100, Javier Fernández-Sanguino Peña wrote: > Package: portmap > Version: 5-9 > Severity: normal > Tags: patch > > I really don't understand why the debconf 'medium' note was removed from > portmap. The default installation of any Debian system leaves the portmap > service installed by default when it is actually needed (in most cases) for > FAM. Most system administrators and developers of derived distributions > would probably appreciate the ability to have portmap listening to > localhost only and the removal of the debconf note prevents this from > happening. > > Without a debconf note there is no way they can preseed this information in > the debian-installer or even, have base-config pre-configure this if the > user selects a 'Desktop task' and no other packages. > > Please reinstate both the debconf note and all the translations. If users > have an issue with this option, then set the default to 'do anything, keep > listening to every address' and that will prevent #280026, #280128, > or #280553 from coming back. > > Atached is a patch that fixes this issue by introducing a 'boolean' debconf > question (default => listen only to the loopback interface, false => listen > to all interfaces). I've readded the po translations available (although > they are fuzzy and the translators should be asked to review them) and > updated the spanish translation myself. The default setting is 'false' for > backwards-compatibility.
Andre Luis and Kenshi, please review your translations. I'm planning to upload portmap 5-10 as soon as I get them. Please post them to the BTS. > I've tested the patch through configuration and reconfiguration and it > works fine. > > Building some more intelligence into the script (like looking for the > current status of the RPC services through rpcinfo and setting the answer > to true or false based on the status) could be implemented in the long run. > But for the moment I believe this would suffice. > > Please add this to the package, if you do you can probably also close (or > downgrade) bug #286301. Notice that this is not the same bug (as the user > is asking for the default behaviour I implemented to be 'true'). However, > as I said, improving the config script it could probably be possible to fix > that one too. > > Regards > > > Javier > diff -Nru portmap-5/debian/changelog portmap-5.debconf/debian/changelog > --- portmap-5/debian/changelog 2005-03-23 22:33:38.000000000 +0100 > +++ portmap-5.debconf/debian/changelog 2005-03-23 22:33:20.000000000 > +0100 > @@ -1,3 +1,12 @@ > +portmap (5-10) unstable; urgency=low > + > + * Re-added the debconf configuration, although the default for this is now > + to have portamp listening in all interfaces. The debconf setting > + allows system administrators, base-config and cdd developers to preseed > + this value to 'true' (link only to the loopback interface) if needed. > + > + -- Javier Fernandez-Sanguino Pen~a <[EMAIL PROTECTED]> Wed, 23 Mar 2005 > 22:23:28 +0100 > + > portmap (5-9) unstable; urgency=high > > * The following patch was applied to portmap.c: > diff -Nru portmap-5/debian/config portmap-5.debconf/debian/config > --- portmap-5/debian/config 1970-01-01 01:00:00.000000000 +0100 > +++ portmap-5.debconf/debian/config 2005-03-23 23:05:26.000000000 +0100 > @@ -0,0 +1,19 @@ > +#!/bin/sh -e > +# config script for portmap > + > +action=$1 > +version=$2 > + > +# Source debconf library. > +. /usr/share/debconf/confmodule > + > +if [ "$action" = "configure" ] || [ "$action" = "reconfigure" ]; then > + db_input medium portmap/loopback || true > + db_go || true > +fi > + > +db_go > + > +#DEBHELPER# > + > +exit 0 > diff -Nru portmap-5/debian/default portmap-5.debconf/debian/default > --- portmap-5/debian/default 2005-03-23 22:33:38.000000000 +0100 > +++ portmap-5.debconf/debian/default 2005-03-23 22:23:05.000000000 +0100 > @@ -1,2 +1,11 @@ > +# Portmap default file > +# Note: if you manually edit it, portmap configuration > +# scripts will avoid modifying it if running > +# 'dpkg-reconfigure portmap' > + > # By default listen on all interfaces > +# If you want it to listen only on the loopback interface > +# uncomment the following line (it will be uncommented > +# automatically if you configure this through debconf) > #OPTIONS="-i 127.0.0.1" > + > diff -Nru portmap-5/debian/po/es.po portmap-5.debconf/debian/po/es.po > --- portmap-5/debian/po/es.po 1970-01-01 01:00:00.000000000 +0100 > +++ portmap-5.debconf/debian/po/es.po 2005-03-23 22:30:26.000000000 +0100 > @@ -0,0 +1,81 @@ > +# > +# portmap debconf translation to Spanish > +# Copyright (C) 2005 Software in the Public Interest > +# This file is distributed under the same license as the portmap package. > +# > +# Changes: > +# - Initial translation > +# Anibal Monsalve Salazar <[EMAIL PROTECTED]> > +# - Revision: > +# Jose Carlos Garcia Sogo <[EMAIL PROTECTED]>, 2004 > +# Javier Fernandez-Sanguino Peña <[EMAIL PROTECTED]>, 2005 > +# > +# > +# Traductores, si no conoce el formato PO, merece la pena leer la > +# documentación de gettext, especialmente las secciones dedicadas a este > +# formato, por ejemplo ejecutando: > +# info -n '(gettext)PO Files' > +# info -n '(gettext)Header Entry' > +# > +# Equipo de traducción al español, por favor, lean antes de traducir > +# los siguientes documentos: > +# > +# - El proyecto de traducción de Debian al español > +# http://www.debian.org/intl/spanish/coordinacion > +# especialmente las notas de traducción en > +# http://www.debian.org/intl/spanish/notas > +# > +# - La guía de traducción de po's de debconf: > +# /usr/share/doc/po-debconf/README-trans > +# o http://www.debian.org/intl/l10n/po-debconf/README-trans > +# > +msgid "" > +msgstr "" > +"Project-Id-Version: portmap\n" > +"Report-Msgid-Bugs-To: \n" > +"POT-Creation-Date: 2005-03-23 22:28+0100\n" > +"PO-Revision-Date: 2005-03-23 22:30+0100\n" > +"Last-Translator: Javier Fernandez-Sanguino Pea <[EMAIL PROTECTED]>\n" > +"Language-Team: Debian Spanish <debian-l10n-spanish@lists.debian.org>\n" > +"MIME-Version: 1.0\n" > +"Content-Type: text/plain; charset=UTF-8\n" > +"Content-Transfer-Encoding: 8bit\n" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "Should portmap be bound to the loopback address?" > +msgstr "DeberÃa «portmap» enlazarse a la dirección de la interfaz de red > local?" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"Portmap by default listens to all IP addresses. However, if you are not " > +"using RPC services that connect to remote servers (like NFS or NIS) you can > " > +"safely bind it to the loopback IP address 127.0.0.1." > +msgstr "La configuración por omisión de «portmap» hace que este escuche > en todas las direcciones IP disponibles. Sin embargo, si no está utilizando > servicios RPC para conectarse a servidores remotos (como NFS o NIS) puede > enlazar éste a la dirección de IP local 127.0.0.1." > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"This will allow RPC local services (like FAM) to work properly while " > +"preventing remote systems from accessing your RCP services." > +msgstr "Esto permitirá que los servicios RPC locales (como FAM) funcionen > correctamente mientras que impedirá que otros sistemas remotos accedan a sus > servicios RPC." > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"You can change this configuration also by editing the OPTIONS line in the /" > +"etc/default/portmap file. If you just don't specify the -i option it will " > +"bind to all interfaces." > +msgstr "Puede cambiar esta configuración editando la lÃnea OPTIONS en > «/etc/default/portmap». Si no se especifica la opción -i, el programa se > enlazará a todas las interfaces de red disponibles." > + > +#~ msgid "" > +#~ "This portmap version binds to the loopback IP address 127.0.0.1 by " > +#~ "default." > +#~ msgstr "" > +#~ "Esta versión de portmap se enlaza por defecto a la dirección IP > 127.0.0.1 " > +#~ "de la interfaz de red local." > diff -Nru portmap-5/debian/po/ja.po portmap-5.debconf/debian/po/ja.po > --- portmap-5/debian/po/ja.po 1970-01-01 01:00:00.000000000 +0100 > +++ portmap-5.debconf/debian/po/ja.po 2005-03-23 22:28:32.000000000 +0100 > @@ -0,0 +1,68 @@ > +# > +# Translators, if you are not familiar with the PO format, gettext > +# documentation is worth reading, especially sections dedicated to > +# this format, e.g. by running: > +# info -n '(gettext)PO Files' > +# info -n '(gettext)Header Entry' > +# > +# Some information specific to po-debconf are available at > +# /usr/share/doc/po-debconf/README-trans > +# or http://www.debian.org/intl/l10n/po-debconf/README-trans > +# > +# Developers do not need to manually edit POT or PO files. > +# > +msgid "" > +msgstr "" > +"Project-Id-Version: portmap\n" > +"Report-Msgid-Bugs-To: \n" > +"POT-Creation-Date: 2005-03-23 22:28+0100\n" > +"PO-Revision-Date: 2004-11-10 16:14+0900\n" > +"Last-Translator: Kenshi Muto <[EMAIL PROTECTED]>\n" > +"Language-Team: Japanese <debian-japanese@lists.debian.org>\n" > +"MIME-Version: 1.0\n" > +"Content-Type: text/plain; charset=EUC-JP\n" > +"Content-Transfer-Encoding: 8bit\n" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +#, fuzzy > +msgid "Should portmap be bound to the loopback address?" > +msgstr "portmap ¤Ï¥Ç¥Õ¥©¥ë¥È¤Ç¥ë¡¼¥×¥Ð¥Ã¥¯¥¢¥É¥ì¥¹¤ò¥Ð¥¤¥ó¥É¤·¤Þ¤¹" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"Portmap by default listens to all IP addresses. However, if you are not " > +"using RPC services that connect to remote servers (like NFS or NIS) you can > " > +"safely bind it to the loopback IP address 127.0.0.1." > +msgstr "" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"This will allow RPC local services (like FAM) to work properly while " > +"preventing remote systems from accessing your RCP services." > +msgstr "" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +#, fuzzy > +msgid "" > +"You can change this configuration also by editing the OPTIONS line in the /" > +"etc/default/portmap file. If you just don't specify the -i option it will " > +"bind to all interfaces." > +msgstr "" > +"¤³¤Î¥Ç¥Õ¥©¥ë¥ÈÀßÄê¤òÊѹ¹¤·¤¿¤¤¤È¤¤Ë¤Ï¡¢/etc/default/portmap ¥Õ¥¡¥¤¥ë¤Î " > +"OPTIONS ¹Ô¤òÊÔ½¸¤·¤Æ¤¯¤À¤µ¤¤¡£Ã±¤Ë -i > ¥ª¥×¥·¥ç¥ó¤ò»ØÄꤷ¤Ê¤¤¤è¤¦¤Ë¤¹¤ë¤È¡¢¤¹" > +"¤Ù¤Æ¤Î¥¤¥ó¥¿¡¼¥Õ¥§¥¤¥¹¤ò¥Ð¥¤¥ó¥É¤¹¤ë¤è¤¦¤Ë¤Ê¤ê¤Þ¤¹¡£" > + > +#~ msgid "" > +#~ "This portmap version binds to the loopback IP address 127.0.0.1 by " > +#~ "default." > +#~ msgstr "" > +#~ "¤³¤Î portmap ¤Ï¡¢¥Ç¥Õ¥©¥ë¥È¤Ç¥ë¡¼¥×¥Ð¥Ã¥¯ IP ¥¢¥É¥ì¥¹ 127.0.0.1 > ¤ò¥Ð¥¤¥ó¥É" > +#~ "¤·¤Þ¤¹¡£" > diff -Nru portmap-5/debian/po/POTFILES.in > portmap-5.debconf/debian/po/POTFILES.in > --- portmap-5/debian/po/POTFILES.in 1970-01-01 01:00:00.000000000 +0100 > +++ portmap-5.debconf/debian/po/POTFILES.in 2004-11-10 13:07:04.000000000 > +0100 > @@ -0,0 +1 @@ > +[type: gettext/rfc822deb] templates > diff -Nru portmap-5/debian/po/pt_BR.po portmap-5.debconf/debian/po/pt_BR.po > --- portmap-5/debian/po/pt_BR.po 1970-01-01 01:00:00.000000000 +0100 > +++ portmap-5.debconf/debian/po/pt_BR.po 2005-03-23 22:28:32.000000000 > +0100 > @@ -0,0 +1,68 @@ > +# > +# Translators, if you are not familiar with the PO format, gettext > +# documentation is worth reading, especially sections dedicated to > +# this format, e.g. by running: > +# info -n '(gettext)PO Files' > +# info -n '(gettext)Header Entry' > +# > +# Some information specific to po-debconf are available at > +# /usr/share/doc/po-debconf/README-trans > +# or http://www.debian.org/intl/l10n/po-debconf/README-trans > +# > +# Developers do not need to manually edit POT or PO files. > +# > +msgid "" > +msgstr "" > +"Project-Id-Version: portmap\n" > +"Report-Msgid-Bugs-To: \n" > +"POT-Creation-Date: 2005-03-23 22:28+0100\n" > +"PO-Revision-Date: 2004-11-08 21:24-0300\n" > +"Last-Translator: André Luís Lopes <[EMAIL PROTECTED]>\n" > +"Language-Team: Debian-BR Project > <debian-l10n-portuguese@lists.debian.org>\n" > +"MIME-Version: 1.0\n" > +"Content-Type: text/plain; charset=ISO-8859-1\n" > +"Content-Transfer-Encoding: 8bit\n" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +#, fuzzy > +msgid "Should portmap be bound to the loopback address?" > +msgstr "O portmap ouve no endereço de loopback por padrão" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"Portmap by default listens to all IP addresses. However, if you are not " > +"using RPC services that connect to remote servers (like NFS or NIS) you can > " > +"safely bind it to the loopback IP address 127.0.0.1." > +msgstr "" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"This will allow RPC local services (like FAM) to work properly while " > +"preventing remote systems from accessing your RCP services." > +msgstr "" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +#, fuzzy > +msgid "" > +"You can change this configuration also by editing the OPTIONS line in the /" > +"etc/default/portmap file. If you just don't specify the -i option it will " > +"bind to all interfaces." > +msgstr "" > +"Caso você queira mudar essa configuração padrão, edite a linha OPTIONS no " > +"arquivo /etc/default/portmap. Caso você apenas não especifique a opção -i o > " > +"portmap irá ouvir em todas as interfaces de rede." > + > +#~ msgid "" > +#~ "This portmap version binds to the loopback IP address 127.0.0.1 by " > +#~ "default." > +#~ msgstr "" > +#~ "Esta versão do portmap ouve no endereço IP de loopback 127.0.0.1 por " > +#~ "padrão." > diff -Nru portmap-5/debian/po/templates.pot > portmap-5.debconf/debian/po/templates.pot > --- portmap-5/debian/po/templates.pot 1970-01-01 01:00:00.000000000 +0100 > +++ portmap-5.debconf/debian/po/templates.pot 2005-03-23 22:28:32.000000000 > +0100 > @@ -0,0 +1,57 @@ > +# > +# Translators, if you are not familiar with the PO format, gettext > +# documentation is worth reading, especially sections dedicated to > +# this format, e.g. by running: > +# info -n '(gettext)PO Files' > +# info -n '(gettext)Header Entry' > +# > +# Some information specific to po-debconf are available at > +# /usr/share/doc/po-debconf/README-trans > +# or http://www.debian.org/intl/l10n/po-debconf/README-trans > +# > +# Developers do not need to manually edit POT or PO files. > +# > +#, fuzzy > +msgid "" > +msgstr "" > +"Project-Id-Version: PACKAGE VERSION\n" > +"Report-Msgid-Bugs-To: \n" > +"POT-Creation-Date: 2005-03-23 22:28+0100\n" > +"PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" > +"Last-Translator: FULL NAME <[EMAIL PROTECTED]>\n" > +"Language-Team: LANGUAGE <[EMAIL PROTECTED]>\n" > +"MIME-Version: 1.0\n" > +"Content-Type: text/plain; charset=CHARSET\n" > +"Content-Transfer-Encoding: 8bit\n" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "Should portmap be bound to the loopback address?" > +msgstr "" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"Portmap by default listens to all IP addresses. However, if you are not " > +"using RPC services that connect to remote servers (like NFS or NIS) you can > " > +"safely bind it to the loopback IP address 127.0.0.1." > +msgstr "" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"This will allow RPC local services (like FAM) to work properly while " > +"preventing remote systems from accessing your RCP services." > +msgstr "" > + > +#. Type: boolean > +#. Description > +#: ../templates:4 > +msgid "" > +"You can change this configuration also by editing the OPTIONS line in the /" > +"etc/default/portmap file. If you just don't specify the -i option it will " > +"bind to all interfaces." > +msgstr "" > diff -Nru portmap-5/debian/postinst portmap-5.debconf/debian/postinst > --- portmap-5/debian/postinst 2005-03-23 22:33:38.000000000 +0100 > +++ portmap-5.debconf/debian/postinst 2005-03-23 23:22:23.000000000 +0100 > @@ -1,13 +1,63 @@ > #!/bin/sh > - > set -e > > if [ "$1" = "configure" ] && [ -n "$2" ] && > dpkg --compare-versions "$2" lt 5-3; then > - err=$(update-rc.d -f portmap remove 2>&1 > /dev/null) || { > - echo "$err" >&2 > - exit 1 > - } > + err=$(update-rc.d -f portmap remove 2>&1 > /dev/null) || { > + echo "$err" >&2 > + exit 1 > + } > fi > > +# Start configuration > +if [ "$1" = configure ] || [ "$1" = reconfigure ] ; then > + . /usr/share/debconf/confmodule > + > + db_get portmap/loopback > + CONFFILE=/etc/default/portmap > + > + portmap_changed=0 > + > + if [ "$RET" = true ]; then > + if ! grep ^OPTIONS $CONFFILE >/dev/null 2>&1 ; then > + cat $CONFFILE | > + sed -e 's/^#OPTIONS="-i 127.0.0.1"/OPTIONS="-i 127.0.0.1"/' > >$CONFFILE.new > + set +e > + diff $CONFFILE $CONFFILE.new >/dev/null 2>&1 > + portmap_changed=$? > + set -e > + mv $CONFFILE.new $CONFFILE > + else > + if ! grep "^OPTIONS=\"-i 127.0.0.1\"" $CONFFILE >/dev/null 2>&1 > ; then > + echo "Portmap options have already been configured in $CONFFILE" > + echo "This script will not modify it, please edit this file > manually." > + fi > + fi > + fi > + if [ "$RET" = false ]; then > +# Just reverse the change above in case a user wants to go from 'true' > +# to 'false' at some point. > + if grep ^OPTIONS $CONFFILE >/dev/null 2>&1 ; then > + cat $CONFFILE | > + sed -e 's/^OPTIONS="-i 127.0.0.1"/#OPTIONS="-i 127.0.0.1"/' > >$CONFFILE.new > + set +e > + diff $CONFFILE $CONFFILE.new >/dev/null 2>&1 > + portmap_changed=$? > + set -e > + mv $CONFFILE.new $CONFFILE > + fi > + fi > + > +#if [ "$portmap_changed" -eq 1 ] ; then > +# Do something is settings changed? We might want to > +# check which RCP services are out there and restart them too... > +#fi > + > + db_stop > +fi > +# End of configuration > + > #DEBHELPER# > + > +exit 0 > + > diff -Nru portmap-5/debian/templates portmap-5.debconf/debian/templates > --- portmap-5/debian/templates 1970-01-01 01:00:00.000000000 +0100 > +++ portmap-5.debconf/debian/templates 2005-03-23 22:28:30.000000000 > +0100 > @@ -0,0 +1,14 @@ > +Template: portmap/loopback > +Type: boolean > +Default: false > +_Description: Should portmap be bound to the loopback address? > + Portmap by default listens to all IP addresses. However, if you are > + not using RPC services that connect to remote servers (like NFS or NIS) > + you can safely bind it to the loopback IP address 127.0.0.1. > + . > + This will allow RPC local services (like FAM) to work properly while > + preventing remote systems from accessing your RCP services. > + . > + You can change this configuration also by editing the OPTIONS > + line in the /etc/default/portmap file. If you just don't specify > + the -i option it will bind to all interfaces. Kind Regards, Anibal Monsalve Salazar -- .''`. Debian GNU/Linux : :' : Free Operating System `. `' http://debian.org/ `- http://v7w.com/anibal
signature.asc
Description: Digital signature
