Your message dated Sun, 03 Apr 2005 13:02:38 -0400
with message-id <[EMAIL PROTECTED]>
and subject line Bug#302795: fixed in sslwrap 2.0.6-17
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 3 Apr 2005 00:02:36 +0000
>From [EMAIL PROTECTED] Sat Apr 02 16:02:36 2005
Return-path: <[EMAIL PROTECTED]>
Received: from dsl093-039-086.pdx1.dsl.speakeasy.net (minbar.dodds.net)
[66.93.39.86] (postfix)
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DHsZX-0000MN-00; Sat, 02 Apr 2005 16:02:35 -0800
Received: by minbar.dodds.net (Postfix, from userid 1000)
id BE71B1A103; Sat, 2 Apr 2005 16:02:34 -0800 (PST)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Steve Langasek <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: sslwrap: please do not call update-inetd from an init script!
X-Mailer: reportbug 3.9
Date: Sat, 02 Apr 2005 16:02:34 -0800
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: sslwrap
Version: 2.0.6-16
Severity: grave
Tags: sid
Hi Jonathan,
A combination of factors now gives me this on console every time
/etc/init.d/sslwrap stop is called:
# /etc/init.d/sslwrap stop
Stopping sslwrap:
Trying to add the following entry:
#<off># https stream tcp nowait sslwrap:sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 80
There is already an entry for #<off># https in /etc/inetd.conf,
but I don't recognise it. Here is what it looks like:
#<off># https stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 80
Do you want to ignore this potential problem and continue, or would
you rather not do so now ? Continue? (n/y) n
Trying to add the following entry:
#<off># ssmtp stream tcp nowait sslwrap:sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 25
There is already an entry for #<off># ssmtp in /etc/inetd.conf,
but I don't recognise it. Here is what it looks like:
#<off># ssmtp stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 25
Do you want to ignore this potential problem and continue, or would
you rather not do so now ? Continue? (n/y) n
Trying to add the following entry:
#<off># nntps stream tcp nowait sslwrap:sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 119
There is already an entry for #<off># nntps in /etc/inetd.conf,
but I don't recognise it. Here is what it looks like:
#<off># nntps stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 119
Do you want to ignore this potential problem and continue, or would
you rather not do so now ? Continue? (n/y) n
Trying to add the following entry:
#<off># telnets stream tcp nowait sslwrap:sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 23
There is already an entry for #<off># telnets in /etc/inetd.conf,
but I don't recognise it. Here is what it looks like:
#<off># telnets stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 23
Do you want to ignore this potential problem and continue, or would
you rather not do so now ? Continue? (n/y) n
Trying to add the following entry:
#<off># ircs stream tcp nowait sslwrap:sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 194
There is already an entry for #<off># ircs in /etc/inetd.conf,
but I don't recognise it. Here is what it looks like:
#<off># ircs stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 194
Do you want to ignore this potential problem and continue, or would
you rather not do so now ? Continue? (n/y) n
Trying to add the following entry:
#<off># ftps-data stream tcp nowait sslwrap:sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 20
There is already an entry for #<off># ftps-data in /etc/inetd.conf,
but I don't recognise it. Here is what it looks like:
#<off># ftps-data stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 20
Do you want to ignore this potential problem and continue, or would
you rather not do so now ? Continue? (n/y) n
Trying to add the following entry:
#<off># ftps stream tcp nowait sslwrap:sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 21
There is already an entry for #<off># ftps in /etc/inetd.conf,
but I don't recognise it. Here is what it looks like:
#<off># ftps stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 21
Do you want to ignore this potential problem and continue, or would
you rather not do so now ? Continue? (n/y) n
Trying to add the following entry:
#<off># ldaps stream tcp nowait sslwrap:sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 389
There is already an entry for #<off># ldaps in /etc/inetd.conf,
but I don't recognise it. Here is what it looks like:
#<off># ldaps stream tcp nowait sslwrap.sslwrap /usr/sbin/tcpd
/usr/sbin/sslwrap -cert /etc/sslwrap/server.pem -addr 127.0.0.1 -port 389
Do you want to ignore this potential problem and continue, or would
you rather not do so now ? Continue? (n/y) n
imaps pop3s sswat.
#
This is especially pleasant because ssh is stopped before sslwrap on
shutdown, and on startup, ssh will reject connections because
/etc/nologin is still present at the time the init script is prompting
for these answers.
Even better, I don't actually use *any* of these default services (sswat
is the only one I'm interested in), and even if I did, I don't see any
reason for sslwrap to be twiddling the contents of /etc/inetd.conf in an
init script -- it's the *inetd* init script's job to start and stop
inetd-controlled services.
The trigger for all of these extra entries in /etc/inetd.conf seems to
be bug #277294; let us say that the upgrade did not go smoothly.
Nevertheless, I believe the real RC bug here is the gratuitous
invocation of update-inetd.
Contents of /etc/inetd.conf available upon request if you need more info
to reproduce this problem.
Cheers,
--
Steve Langasek
postmodern programmer
-- System Information:
Debian Release: 3.1
APT prefers unstable
APT policy: (500, 'unstable'), (500, 'testing')
Architecture: i386 (i686)
Kernel: Linux 2.6.8-2-686
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Versions of packages sslwrap depends on:
ii debconf 1.4.47 Debian configuration management sy
ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an
ii libssl0.9.7 0.9.7e-3 SSL shared libraries
ii openssl 0.9.7e-3 Secure Socket Layer (SSL) binary a
-- debconf information excluded
---------------------------------------
Received: (at 302795-close) by bugs.debian.org; 3 Apr 2005 17:11:13 +0000
>From [EMAIL PROTECTED] Sun Apr 03 10:11:13 2005
Return-path: <[EMAIL PROTECTED]>
Received: from gluck.debian.org [192.25.206.10]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DI8cz-0007Ib-00; Sun, 03 Apr 2005 10:11:13 -0700
Received: from newraff.debian.org [208.185.25.31] (mail)
by gluck.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1DI8cy-0000hW-00; Sun, 03 Apr 2005 11:11:13 -0600
Received: from katie by newraff.debian.org with local (Exim 3.35 1 (Debian))
id 1DI8Ug-0008Af-00; Sun, 03 Apr 2005 13:02:38 -0400
From: Jonathan McDowell <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.55 $
Subject: Bug#302795: fixed in sslwrap 2.0.6-17
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Sun, 03 Apr 2005 13:02:38 -0400
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
X-CrossAssassin-Score: 3
Source: sslwrap
Source-Version: 2.0.6-17
We believe that the bug you reported is fixed in the latest version of
sslwrap, which is due to be installed in the Debian FTP archive:
sslwrap_2.0.6-17.diff.gz
to pool/main/s/sslwrap/sslwrap_2.0.6-17.diff.gz
sslwrap_2.0.6-17.dsc
to pool/main/s/sslwrap/sslwrap_2.0.6-17.dsc
sslwrap_2.0.6-17_i386.deb
to pool/main/s/sslwrap/sslwrap_2.0.6-17_i386.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonathan McDowell <[EMAIL PROTECTED]> (supplier of updated sslwrap package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sun, 03 Apr 2005 17:47:24 +0100
Source: sslwrap
Binary: sslwrap
Architecture: source i386
Version: 2.0.6-17
Distribution: unstable
Urgency: low
Maintainer: Jonathan McDowell <[EMAIL PROTECTED]>
Changed-By: Jonathan McDowell <[EMAIL PROTECTED]>
Description:
sslwrap - Simple TCP service encryption using TLS/SSL
Closes: 301513 301675 302795
Changes:
sslwrap (2.0.6-17) unstable; urgency=low
.
* The "Shoot me, I deserve it" release.
* Don't touch inetd.conf or inetd in our init script, only pre/postinst.
(closes: #302795)
* Use AM_MAINTAINER_MODE in configure to avoid time-stamp skew issues
on build. (closes: #301513)
* Just use "user" syntax for update-inetd; our only group is sslwrap anyway
and it appears the update-inetds don't agree about syntax. Also delete
the old format lines before trying to create the new format ones.
(closes: #301675)
Files:
927cb6245123786aeaf9af606a2da3f1 579 net optional sslwrap_2.0.6-17.dsc
7172f0bb056fbd2dea0a9c6f3441e69f 78999 net optional sslwrap_2.0.6-17.diff.gz
1f595bc7fc7ac3ef4e6a09726210f1bb 39812 net optional sslwrap_2.0.6-17_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.0 (GNU/Linux)
iD8DBQFCUB/q8b1L5FtDA2cRAunQAKCuoFEZSykMMIy9MmcMEkhXpB1NKgCfUCLv
enjO+8R8/BLfqD5/9CKq9Wg=
=Cw9M
-----END PGP SIGNATURE-----
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
