On Wed, 8 Oct 2008 08:30:37 am Moritz Muehlenhoff wrote: > On Tue, Oct 07, 2008 at 11:10:58PM +0200, Moritz Muehlenhoff wrote: > > On Tue, Oct 07, 2008 at 11:26:47PM +1100, Steffen Joeris wrote: > > > Hi > > > > > > > @@ -33,9 +28,11 @@ > > > > Binary-package: freeradius-dialupadmin (2.0.4+dfsg-4) > > > > Binary-package: mon (0.99.2-12) > > > > Binary-package: qemu (0.9.1-5) > > > > + Binary-package: openswan (1:2.4.12+dfsg-1.1) > > > > > > I just had a look at openswan and started setting it up on my system. > > > It seems that the script in question never gets executed automatically. > > > Even if I execute it, it doesn't seem to work, at least it hangs while > > > trying to download some stuff from a site. Maybe someone with some > > > openswan inside could elaborate on it. It's easy to fix, but does it > > > really need a DSA? > > > > I remember to have it used at least once and it only works as root, > > but can you check back with upstream, please? > > ^^^^^^^^ > maintainer I meant to say. Maintainer didn't answer yet, so I pinged him again. However, I am pretty certain that the script is just meant to be an example for local admins. I had a quick chat on #debian-devel as well, see below. Therefore, I'd say we remove it from the potential DSA list. That leaves us with only qemu :) I'll ping the maintainer there and try to follow up on it with him. Cheers Steffen 13:49 < white> anyone here using openswan? 13:55 -!- manphiz [~dxy@218.244.247.198] has joined #debian-devel 13:56 < sgran> yes 14:00 < white> sgran: it is regarding the scripts under /usr/lib/ipsec/, /usr/lib/ipsec/livetest in particular, do you know when they are used? 14:00 -!- juliank_ [~juliank@p5B25075A.dip0.t-ipconnect.de] has joined #debian-devel 14:01 < sgran> I'd be surprised if that one was ever run 14:02 < white> sgran: yeah, it doesn't look very useful, but it is prone to a symlink attack 14:02 < sgran> yes 14:02 < white> sgran: but from what i can see, it is just meant to be an example for an admin or something 14:02 < sgran> that's my impression as well 14:02 < madduck> then it ought to be in /usr/share/doc, right? 14:02 < sgran> since it has things like a private IP address hardcoded in it 14:02 < white> madduck: one would assume so 14:03 < white> well maintainer doesn't answer 14:03 < sgran> nothing else in /usr/lib/ipsec references it, so I think that would be safe, yes 14:04 -!- juliank [~juliank@p5B252636.dip0.t-ipconnect.de] has quit [Ping timeout: 480 seconds] 14:04 < white> sgran: yeah, thanks for the confirmation, i like to double check such things :)
Attachment:
signature.asc
Description: This is a digitally signed message part.