[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#340955: marked as done (apache2-common: default /etc/apache2/apache2.conf uses non-POSIX globs in Includes)



Your message dated Wed, 16 Aug 2006 14:02:31 +0200
with message-id <[🔎] 20060816120230.GA18989@wolffelaar.nl>
and subject line Fixed in NMU of apache2 2.2.3-1~exp.r170
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--- Begin Message ---
Package: apache2-common
Version: 2.0.55-3
Severity: normal

The lines
Include /etc/apache2/conf.d/[^.#]*
Include /etc/apache2/sites-enabled/[^.#]*
work perfectly well for apache but /etc/init.d/apache2 uses the glob
patterns provided by them in a /bin/sh script context.
And POSIX specifies only the exclamation mark as the exclude list
specifier.
So this is in effect a bashism resulting in not grepping the correct
files in conf.d and sites-enabled when /bin/sh is eg. dash.

And because I have no files starting with '^', '.' or '#' in these
directories every day cron says:

/etc/cron.daily/logrotate:
grep: /etc/apache2/conf.d/[^.#]*: No such file or directory
grep: /etc/apache2/sites-enabled/[^.#]*: No such file or directory

Changing the '^' to '!' in the Include directives helps.

-- System Information:
Shell:  /bin/sh linked to /bin/dash

-- 
Michał Politowski
Talking has been known to lead to communication if practiced carelessly.

Attachment: signature.asc
Description: Digital signature


--- End Message ---
--- Begin Message ---
Version: 2.2.3-1~exp.r170

tag 236193 - fixed
tag 238586 - fixed
tag 241223 - fixed
tag 273929 - fixed
tag 285337 - fixed
tag 337817 - fixed
tag 340538 - fixed
tag 340955 - fixed
tag 341460 - fixed
tag 343467 - fixed
tag 344072 - fixed
tag 348189 - fixed
tag 353443 - fixed
tag 368497 - fixed
tag 379015 - fixed
thanks

On Tue, Aug 15, 2006 at 11:04:50AM -0700, Jeroen van Wolffelaar wrote:
> This message was generated automatically in response to a
> non-maintainer upload.  The .changes file follows.

Actually, fixed in experimental, so the 'fixed' tag is inappropriate
here. Now closing bugs properly.

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Format: 1.7
> Date: Tue, 15 Aug 2006 16:17:33 +0200
> Source: apache2
> Binary: apache2-utils apache2-prefork-dev apache2 apache2-mpm-prefork apache2-doc apache2-mpm-event apache2-mpm-worker apache2-threaded-dev apache2-common apache2-mpm-perchild
> Architecture: source all i386
> Version: 2.2.3-1~exp.r170
> Distribution: experimental
> Urgency: low
> Maintainer: Debian Apache Maintainers <debian-apache@lists.debian.org>
> Changed-By: Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
> Description: 
>  apache2    - Next generation, scalable, extendable web server
>  apache2-common - Next generation, scalable, extendable web server
>  apache2-doc - documentation for apache2
>  apache2-mpm-event - Event driven model for Apache HTTPD 2.1
>  apache2-mpm-perchild - Transitional package - please remove
>  apache2-mpm-prefork - Traditional model for Apache HTTPD 2.1
>  apache2-mpm-worker - High speed threaded model for Apache HTTPD 2.1
>  apache2-prefork-dev - development headers for apache2
>  apache2-threaded-dev - development headers for apache2
>  apache2-utils - utility programs for webservers
> Closes: 236193 238586 241223 273929 285337 337817 340538 340955 341460 343467 344072 348189 353443 368497 379015
> Changes: 
>  apache2 (2.2.3-1~exp.r170) experimental; urgency=low
>  .
>    [ Jeroen van Wolffelaar ]
>    * Staging upload to experimental of subversion revision r170
>  .
>    [ Thom May, Tollef Fog Heen, Fabio M. Di Nitto and Adam Conrad ]
>    * New Upstream Release.  Closes: #344072
>      http://httpd.apache.org/docs/2.2/new_features_2_2.html has a list of
>      new features and changes.
>      - Fixes LFS support. Closes: #341460, #285337, #241223
>      - Fixes off-by-one error in mod_rewrite ldap schema handling
>        (CVE-2006-3747)
>      - Fixes XSS issue in mod_imap/mod_imagemap (CVE-2005-3352).
>        Closes: #343467.
>      - mpm_perchild no longer exists, so closing bugs for perchild.
>        Closes: #236193, #238586
>      - Fixes PHP POST with SSLVerifyClient. Closes: 353443
>    * Build-depend on lsb-release and pick up the branding from there.
>    * Build-depend on apr-util 1.0 which is now in a separate source
>      package.
>    * Mangle the Debian layout to be more FHS compatible
>    * No longer build-conflict with libgdbm-dev
>    * Use external PCRE
>    * Make apache2-utils stop providing apache2-utils.  Also make it stop
>      conflicting with itself.
>    * Rename default site from default-site to just default.
>    * Try to migrate modules which used to be built-in:, alias, mime,
>      authz_host, autoindex, dir, env, negotiation, setenvif, status.
>    * Mod imap has been renamed to imagemap, ditto for auth_ldap =>
>      authnz_ldap.  Cope with that in postinst.
>    * Stop globbing in apache2.conf.
>      Closes: #337817, #340955, #348189, #379015, #368497
>    * Don't install CHANGES into the apache2 package.  It's just a
>      metapackage.
>    * Add rudimentary rdeps handling to a2dismod.  Closes: #273929
>    * Stop providing apache-utils.
>    * Cope with /var/run and /var/lock on tmpfs.
>    * Remove all subdirs in srclib as we are using external libraries for
>      those anyway.  Also remove test/zb.c.  Closes: 340538
>    * Make ssl.conf not block on /dev/random, but rather use /dev/urandom.
>    * Make apache2-common depend on lsb-base, thanks to Gleb Arshinov
> Files: 
>  45b11ad4ca823b957b9d8bbb8df800a0 1097 web optional apache2_2.2.3-1~exp.r170.dsc
>  f72ffb176e2dc7b322be16508c09f63c 6342475 web optional apache2_2.2.3.orig.tar.gz
>  1bf636424322000f72e03550a0bed367 66158 web optional apache2_2.2.3-1~exp.r170.diff.gz
>  8ccb6b58913b94f15bab59293d3a4c16 902646 web optional apache2-common_2.2.3-1~exp.r170_i386.deb
>  b241f06fb9dfe091594bb4cf44270e55 418254 web optional apache2-mpm-worker_2.2.3-1~exp.r170_i386.deb
>  ee68b4d592484cd5b51b27763a1d171d 414078 web optional apache2-mpm-prefork_2.2.3-1~exp.r170_i386.deb
>  c47cdc5634e71e22fc3c95d007396f10 418592 web optional apache2-mpm-event_2.2.3-1~exp.r170_i386.deb
>  d12b9c32988a5536a3b7bf2b0a0ae623 335904 web optional apache2-utils_2.2.3-1~exp.r170_i386.deb
>  56786918524ad1358d3385657e94bb6c 400930 devel optional apache2-prefork-dev_2.2.3-1~exp.r170_i386.deb
>  19c2112739452d5ec235253f95d68049 401552 devel optional apache2-threaded-dev_2.2.3-1~exp.r170_i386.deb
>  7653dad9593b624ee7f6f8c34ab6d1c9 269588 web optional apache2-mpm-perchild_2.2.3-1~exp.r170_all.deb
>  f911370b4f059eb32b379c23aee283f8 36190 web optional apache2_2.2.3-1~exp.r170_all.deb
>  0c3513c1beb88ffe8e1befc8c993962f 2398138 doc optional apache2-doc_2.2.3-1~exp.r170_all.deb
> 
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.1 (GNU/Linux)
> Comment: Signed by Jeroen van Wolffelaar <jeroen@wolffelaar.nl>
> 
> iD8DBQFE4edHl2uISwgTVp8RAp5CAJ41K4n3yAuZPetFc3sVWRXkriR2YQCfbz9T
> 5CF91F/2NC/dfamYc5g6kiY=
> =ODdi
> -----END PGP SIGNATURE-----

-- 
Jeroen van Wolffelaar
Jeroen@wolffelaar.nl (also for Jabber & MSN; ICQ: 33944357)
http://Jeroen.A-Eskwadraat.nl

--- End Message ---

Reply to: