Your message dated Mon, 19 Oct 2020 13:49:27 +0000 with message-id <E1kUVXT-000IU6-RL@fasolo.debian.org> and subject line Bug#971767: fixed in debian-edu-config 2.11.32 has caused the Debian Bug report #971767, regarding debian-edu-config: Wrong certificate path in Firefox's policies.json file to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 971767: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=971767 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: debian-edu-config: Wrong certificate path in Firefox's policies.json file
- From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
- Date: Tue, 06 Oct 2020 20:54:50 +0000
- Message-id: <[🔎] 20201006205450.Horde.go1rju88_DyXYk6YW-UABAn@mail.das-netzwerkteam.de>
Package: debian-edu-config Version: 2.11.31 Severity: normal Hi Wolfgang,I am currently facing myself with Debian Edu testing/bullseye notebooks running against a Debian Edu TJENER based on stretch.I am currently adding the Debian Edu PKI as we have them in buster + bullseye (rootCA and all that) to the stretch TJENER.When doing this, I stumbled over this: { "policies": { "Certificates": { "ImportEnterpriseRoots": true, "Install": [ "/etc/ssl/certs/Debian-Edu_rootCA.crt" ] }, "NewTabPage": false, "OverrideFirstRunPage": "" } } However, if I look into /etc/ssl/certs, I only see Debian-Edu_rootCA.pem.I am currently working around this on the Debian Edu bullseye notebooks via puppet (which has a rule to create a symlink of that name).Greets, Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.deAttachment: pgpfKyKn2SWmJ.pgp
Description: Digitale PGP-Signatur
--- End Message ---
--- Begin Message ---
- To: 971767-close@bugs.debian.org
- Subject: Bug#971767: fixed in debian-edu-config 2.11.32
- From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
- Date: Mon, 19 Oct 2020 13:49:27 +0000
- Message-id: <E1kUVXT-000IU6-RL@fasolo.debian.org>
- Reply-to: Holger Levsen <holger@debian.org>
Source: debian-edu-config Source-Version: 2.11.32 Done: Holger Levsen <holger@debian.org> We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 971767@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Holger Levsen <holger@debian.org> (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmaster@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Format: 1.8 Date: Mon, 19 Oct 2020 14:14:47 +0200 Source: debian-edu-config Architecture: source Version: 2.11.32 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers <debian-edu@lists.debian.org> Changed-By: Holger Levsen <holger@debian.org> Closes: 971767 971775 Changes: debian-edu-config (2.11.32) unstable; urgency=medium . [ Mike Gabriel ] * debian/fetch-rootca-cert: Re-try rootCA retrieval if previous retrievals ended up with an empty Debian-Edu_rootCA.crt file in /usr/local/share/ca-certificates/. (Closes: #971775). . [ Wolfgang Schweer ] * debian/debian-edu-config.fetch-rootca-cert: - Avoid execution on the main server where things are already in place. - Adjust code to let the Debian-Edu_rootCA.crt file show up in the /etc/ssl/certs/ directory more reliably. (Closes: #971767). - Fix logging messages. * debian/control: - Lower Depends on libpam-python to Recommends. This way the src:debian-edu autopkgtest might succeed (until libpam-python3 becomes available). - Adjust Description field. - Use https://blends.debian.org/edu as homepage. * Move from deprecated, unusable Samba NT4-style PDC role to standalone server one to be compatible with OpenLDAP, MIT Kerberos and GOsa²: - Drop all domain related files. - Add code to debian/debian-edu-config.postinst to get those files removed. - Adjust etc/samba/smb-debian-edu.conf accordingly (also with support for non-root user usershares and override file included). - Add share/debian-edu-config/smb.conf.edu-site as override template file. * Re-work LDAP bootstrap and configuration file. - Move entries from ldap-bootstrap/samba.ldif to ldap-bootstrap/gosa.ldif and ldap-bootstrap/root.ldif respectively, now that Samba isn't contained in LDAP anymore. - etc/ldap/slapd-debian-edu.conf: Cleanup from Samba related entries. * share/debian-edu-config/gosa.conf.template: - Remove Samba related tab to prevent it from showing up in the GUI. - Add sambaHashHook="" to prevent Samba password hashes showing up in LDAP for security reasons. * Manage Samba accounts and sambashare group membership using GOsa² hooks. - share/debian-edu-config/tools/gosa-create: Add user to sambashare group. - share/debian-edu-config/tools/gosa-sync: Create a user Samba account and keep Samba and POSIX passwords in sync. - share/debian-edu-config/tools/gosa-lock-user: Also disable Samba account. - share/debian-edu-config/tools/gosa-unlock-user: Also enable Samba account. - share/debian-edu-config/tools/kerberos-kdc-init: Add samba account and - sambashare group membership for the special case 'first user'. * Use Avahi to publish Samba shares in the local network. This will also improve support for macOS using systems: - Add share/debian-edu-config/avahi.smb.service configuration file. - cf3/cf.samba: Conditionally copy the service file to the right place. (Also create the Samba usershares directory with proper rights.) * share/debian-edu-config/tools/edu-ldap-from-scratch: - Adjust to reflect the Samba related changes. * share/debian-edu-config/passwords_stub.dat: - Drop obsolete entries now that icinga2-classicui is gone. Checksums-Sha1: 022c4c41d0d85676325a33b2516448ea46a8f1c6 1926 debian-edu-config_2.11.32.dsc d416d1adb582d80476a7fcb73305a2733a5ab1de 336584 debian-edu-config_2.11.32.tar.xz 84fdc0e3876809dfec7c441c34446a2806d69ebb 5769 debian-edu-config_2.11.32_source.buildinfo Checksums-Sha256: 8c087911d83599bd62a448f8f1595a357336c5050ad5fce1b938962f3efbdde8 1926 debian-edu-config_2.11.32.dsc 15291a800cad6b14f020c545d43f75c31eac1eea4377a0414e6288c88111a18a 336584 debian-edu-config_2.11.32.tar.xz 7e2a01e8944526c2412bea1a23628cdbae55c52ba1cda788d3ea8299be877344 5769 debian-edu-config_2.11.32_source.buildinfo Files: c9fa07e076130d631689af26fee84067 1926 misc optional debian-edu-config_2.11.32.dsc 615ae39ae8f9d3a786c7f978f9bb1bfd 336584 misc optional debian-edu-config_2.11.32.tar.xz 185e257d11138b5c4688d64501a74155 5769 misc optional debian-edu-config_2.11.32_source.buildinfo -----BEGIN PGP SIGNATURE----- iQIzBAEBCgAdFiEEuL9UE3sJ01zwJv6dCRq4VgaaqhwFAl+NhFkACgkQCRq4Vgaa qhzlnw//fnIe0N9PjsPs3QxWFgFoWZbJnhumToCi0fIxqhTKynSSry6i/4aqykTe DuXIY2Zu8/eTUuV335Wqc/oR79G6Z0VJVFFmjUMmZStPp09rYW3RfovNh2RCr8B3 PGw2gWF/7LBfV0Y+0v2c5LIj537aSJ0bFBHC/UsVKr9zEqEvGjND+Oy91oECr+Xh MnUqvEa6BJW5Nqz6QQi5vOlg1ErP8lNPkFbyJ9XYuxnk1vWP5x5uSuW2ZsJJ5dM7 SQt6Q5TcU++zN+6dE7tZYp0bJQNkq05HCkKLtDhpWh2EVT/uHFN0QJ6gdv1dw6gu sN9MG+ensgEN4C+wu/l8e04sOIOxwGE23TtC0cf1dowqQQm2epBYAXZUBG7Dcehc eUlwCzUoT30KogQljlIb58l8Tq+y44XYnVAJAdVri6Z2Mr0iK6NiB5l1Dy+6HJ9B 3ZXfiL5qOIkxc19uhRmbdwBvEcZTg3R3z43ele3P+n2RiuB6iFfEWcq6fBvnFeV0 QA3br4+FNpFxdl1Qt2ilgHnntQi3gm/6p32uD8qOmRbVJhyMCISiKnfX+kGbAS2S yPOjdOPLHqEjdbfOsl31N3ujpO2ho8zy3PpyKfy1/DL/qKkJCX2QiyB+9HO/gP4A ViJDFijrmikIA88oaEtGKu0CIzv0ywFV7Tmlds17k5ivxUHng6M= =8dsX -----END PGP SIGNATURE-----
--- End Message ---