ssl is a link to another directory, the Package openssl overrides it.

SwissSign operations team Fri, 30 Nov 2007 03:15:28 -0800

Public bug reported:

We have in each of our servers one crypto-device, mounted under /var. 
>From there we link our confidential data to the right places in the system, so 
>with /etc/ssl.
We are running TLS servers.

Issue: 
After an upgrade of the openssl Package we could no longer ssh login at the 
servers (we use x509 for authentication and no passwords)
To my surprise, after login in the machines if found /etc/ssl was no longer a 
link to the crypto-device directory, but a directory! 

The directory /var/ssl itself and the many Certificate there are not
affected.

This is a not acceptable misdoing of dpkg and a heavy fault.

Steps to reproduce this issue:

# mv /etc/ssl /var/ssl
# ln -s /var/ssl /etc/ssl
# apt-get update
# apt-get install --reinstall openssl
# ls -l /etc/ssl

System information: 
# uname-a
Linux adm0101 2.6.19.2-grsec-swisssign-drbd #4 SMP Wed Nov 28 18:11:55 UTC 2007 
i686 GNU/Linux

# dpkg -I /var/cache/apt/archives/openssl_0.9.8a-7ubuntu0.5_i386.deb 
 new debian package, version 2.0.
 size 976196 bytes: control archive= 11093 bytes.
      21 bytes,     1 lines      conffiles            
     846 bytes,    22 lines      control              
   28470 bytes,   349 lines      md5sums              
     120 bytes,     9 lines   *  postinst             #!/bin/sh
     665 bytes,    36 lines   *  preinst              #!/bin/sh
 Package: openssl
 Version: 0.9.8a-7ubuntu0.5
 Section: utils
 Priority: optional
 Architecture: i386
 Depends: libc6 (>= 2.3.4-1), libssl0.9.8 (>= 0.9.8a-1), zlib1g (>= 1:1.2.1)
 Suggests: ca-certificates
 Conflicts: ssleay (<< 0.9.2b)
 Installed-Size: 2268
 Maintainer: Debian OpenSSL Team <[EMAIL PROTECTED]>
 Description: Secure Socket Layer (SSL) binary and related cryptographic tools
  This package contains the openssl binary and related tools.
  .
  It is part of the OpenSSL implementation of SSL.
  .
  You need it to perform certain cryptographic actions like:
   o  Creation of RSA, DH and DSA Key Parameters
   o  Creation of X.509 Certificates, CSRs and CRLs
   o  Calculation of Message Digests
   o  Encryption and Decryption with Ciphers
   o  SSL/TLS Client and Server Tests
   o  Handling of S/MIME signed or encrypted Mail

# cat /var/lib/dpkg/info/openssl.list  | grep /etc/ssl
/etc/ssl
/etc/ssl/certs
/etc/ssl/private
/etc/ssl/openssl.cnf

** Affects: openssl (Ubuntu)
     Importance: Undecided
         Status: New

** Visibility changed to: Public

-- 
if /etc/ssl is a link to another directory, the Package openssl overrides it.
https://bugs.launchpad.net/bugs/173026
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.

-- 
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs

[Bug 173026] if /etc/ssl is a link to another directory, the Package openssl overrides it.

Reply via email to