Package: bastille
Version: 1:2.1.1-13
After a recent upgrade of bastille i see these warnings.
That problem is older (at least 2005) and i wonder what i did wrong so
only i ran into the problem(s)? (At least the second)
First:
/sbin/bastille-firewall-reset complaints about missing modules.dep
Cause:
The box is "hardened" and has a monolitic kerenl with
no loadable modules support.Allmodules are complied in the kenel
so there is no modules.dep as there are no modules.
Second:
/sbin/bastille-firewall-reset gives (wrong) warning
bastille would not be run in rc level 2.
Cause:
The cron job tries to access /etc/rc.d/init.d
but this is a debian there is no rc2.d in init.d, it's at /etc/rc2.d/
That leads to the wrong warning bastille would not be run in rc level 2[A
It would be nice if that coul be fixed or explained why this ars features,
not bugs ;-)
Thanks a lot!
Details:
First:
====
debian24:~# /etc/init.d/bastille-firewall restart
modprobe: Can't open dependencies file /lib/modules/2.4.18/modules.dep (No
such file or directory)
modprobe: Can't open dependencies file /lib/modules/2.4.18/modules.dep (No
such file or directory)
modprobe: Can't open dependencies file /lib/modules/2.4.18/modules.dep (No
such file or directory)
modprobe: Can't open dependencies file /lib/modules/2.4.18/modules.dep (No
such file or directory)
Setting up IP spoofing protection... done.
Allowing traffic from trusted interfaces... done.
Setting up chains for public/internal interface traffic... done.
Setting up general rules... done.
Setting up outbound rules... done.
debian24:/etc/init.d# ll /lib/modules/
total 4
drwxr-xr-x 3 root root 4096 Apr 9 2003 2.4.18-bf2.4
debian24:/etc/init.d# lsmod
Module Size Used by Not tainted
lsmod: QM_MODULES: Function not implemented
debian24:/etc/init.d# uname -a
Linux debian24 2.4.18 #1 SMP Wed Apr 14 22:01:33 CEST 2004 i686 GNU/Linux
There are no modules in this box! ;-)
Second:
=======
email from root:
Cron <[EMAIL PROTECTED]>
/sbin/bastille-firewall-reset 2>&1| \
/bin/grep -v " open dependencies file /lib/modules/2.4.18/modules.dep " | \
/bin/grep -v "\.\.\. done.$" | \
/bin/grep -v "\.\.\. done\. $"
ls: /etc/rc.d/init.d/../rc2.d: No such file or directory
Note: bastille-firewall does not seem to be enabled in runlevel 2
Firewall script will not be run!
debian24:~# cd /etc/rc.d/init.d/../rc2.d
-bash: cd: /etc/rc.d/init.d/../rc2.d: No such file or directory
debian24:~# cd /etc/rc.d/init.d/
debian24:/etc/rc.d/init.d# ll
total 4
-rwxr-xr-x 1 root root 1474 Aug 28 2003 smartd
debian24:/etc/init.d# ll /etc/rc2.d/
...
lrwxrwxrwx 1 root root 29 Apr 14 2003 K50bastille-firewall ->
/etc/init.d/bastille-firewall
lrwxrwxrwx 1 root root 27 Apr 15 2003 S19bastille ->
/../init.d/bastille-firewall
...
# Note this script is automatically linked in to
# /etc/dhcpc/dhcpcd-<interface>.exe by the firewall script;
...
INITBASEDIR=/etc/rc.d/init.d
>
# see if the firewall script is normally run as an init script
# (even if normally a "K" for this level: if you're in runlevel 1, where
# _normally_ you don't run the firewall, but you go ahead and activate
# an interface, chances are you'd prefer to have the firewall up)
FWALL_CHECK=`ls -l ${INITBASEDIR}/../rc${RUNLEVEL}.d | grep ' [SK]' | grep
'bastille-firewall$' `
if [ -z "${FWALL_CHECK}" ]; then
echo "Note: bastille-firewall does not seem to be enabled in
runlevel ${RUNLEVEL}"
echo " Firewall script will not be run!"
exit
fi
--
Rainer
e-Mail: [EMAIL PROTECTED]
NO UNSOLICITED/BULK EMAILS OR NEWSLETTERS OR ATTACHMENTS
Rainer---<=====> Vertraulich
//
//
<=====>--------------ocholl, Kiel, Germany ------------
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
