Bug#987332: marked as done (aprx automatically starts up with really bad default config)
Your message dated Sun, 09 May 2021 23:03:27 +0000
with message-id <E1lfsSN-000IhR-6n@fasolo.debian.org>
and subject line Bug#987332: fixed in aprx 2.9.0+dfsg-3
has caused the Debian Bug report #987332,
regarding aprx automatically starts up with really bad default config
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)
--
987332: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=987332
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: submit@bugs.debian.org
- Subject: aprx automatically starts up with really bad default config
- From: Heikki Hannikainen <hessu@hes.iki.fi>
- Date: Thu, 22 Apr 2021 00:19:57 +0300 (EEST)
- Message-id: <alpine.DEB.2.21.2104220015360.26287@jazz2.he.fi>
Package: aprx
Version: 2.9.0+dfsg-2
I just noticed that many of the aprs2.net APRS-IS servers have a whole lot of
aprx 2.9.0 clients connected using the N0CALL-1 dummy callsign, having sent
zero packets. There are probably hundreds of these clients, T2UKRAINE currently
and T2FINLAND has 67. I didn't even check other servers (there's a
hundred).
After some looking around I found out that the aprx package in Debian these
days has the following flaw:
If you just install it ("apt install aprx"), it will start up automatically and
by default, and it will actually connect to the APRS-IS network using the dummy
callsign (which one should never use) and stay connected.
I suspect this bug came up in aprx (2.9.0+dfsg-2), right here:
- Update aprx.default to remove environment STARTAPRX variable for
daemon enable/disable for Debian Policy § 9.3.3.1
- Update aprx.init script to remove /etc/default check for daemon
enable/disable
The old default was that it did not automatically start up before
STARTAPRX was manually adjusted in /etc/default/aprx.
Please release a high-priority update which shuts down these clients which have
been automatically started up by this change.
- Have it not start up by default after installation, before it is configured
- Remove N0CALL-1 from the default configuration (comment the line out) so that
it will refuse to start up before configured with the callsign of the user
- Ensure that the instances which have already been started up like this will
shut down again when upgraded to the next version
Assuming that these clients run with the default configuration file
supplied, one fix would be to intentionally break the default
configuration file so that the startup fails. If the user has not modified
the config file, an upgrade would replace it.
Thank you!
- Hessu, OH7LZB (aprs.fi, aprsc server author)
--- End Message ---
--- Begin Message ---
Source: aprx
Source-Version: 2.9.0+dfsg-3
Done: Dave Hibberd <d@vehibberd.com>
We believe that the bug you reported is fixed in the latest version of
aprx, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 987332@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Dave Hibberd <d@vehibberd.com> (supplier of updated aprx package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sun, 09 May 2021 23:15:56 +0100
Source: aprx
Architecture: source
Version: 2.9.0+dfsg-3
Distribution: unstable
Urgency: medium
Maintainer: Debian Hamradio Maintainers <debian-hams@lists.debian.org>
Changed-By: Dave Hibberd <d@vehibberd.com>
Closes: 987332
Changes:
aprx (2.9.0+dfsg-3) unstable; urgency=medium
.
[ Dave Hibberd ]
* Add debian/gitlab-ci.yml
* Change installinit behaviour in debian/rules
- aprx is now disabled by default upon install
- Belt & Braces interrupting installsystemd too
* Added patch to modify default config commenting out default callsign
- Closes: #987332
[ Debian Janitor]
* Use secure URI in debian/watch.
* Use secure URI in Homepage field.
* Bump debhelper from old 11 to 12.
* Update renamed lintian tag names in lintian overrides.
Checksums-Sha1:
8ae1ce05ab0d620485bb4811165af51f478f304b 1646 aprx_2.9.0+dfsg-3.dsc
6fce8d4804efc0e68fbd89f49283a5f9e6ad5efb 8940 aprx_2.9.0+dfsg-3.debian.tar.xz
4ed351304d91512602fa2841979ffd8bad2a3e67 5612 aprx_2.9.0+dfsg-3_amd64.buildinfo
Checksums-Sha256:
c1e794f270838e87f35e34193f3116f472a4af226203cada477c69717f26d562 1646 aprx_2.9.0+dfsg-3.dsc
9d21c87f33c4e25d84af3a865c48e21c789caa51019cdd9faee1cccb0fd9e382 8940 aprx_2.9.0+dfsg-3.debian.tar.xz
996bf0732bb71a16ecf82ff8c8263b004180e85a8155e1f1d567644272940db6 5612 aprx_2.9.0+dfsg-3_amd64.buildinfo
Files:
e061b83b1306b3387a87cc6a924c5f4d 1646 hamradio optional aprx_2.9.0+dfsg-3.dsc
f20da586b6ba36286ac54df8f5784371 8940 hamradio optional aprx_2.9.0+dfsg-3.debian.tar.xz
1c2080b9b26d943e7dee49636df8d65a 5612 hamradio optional aprx_2.9.0+dfsg-3_amd64.buildinfo
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCgAdFiEERzSH56pa+zBfre1AiVnjPMqARLoFAmCYYlUACgkQiVnjPMqA
RLrDVgf/eR95iJXiECMnz3nubzSdFWjXhuHGBS17IyIBoyQjstsrhMqGIyIRNIdr
qFe+FNqS+3B4dT4Wa1oDxrE6ay4K3GjV4akJXhoWkv15ypSYdeCbFvaSxjDdbh96
bTIpwpUfx5kHj0PLTOIWahQsjtn2OO2XcBs4Bqg4ioKrjHYfEU7l2Fqk30aApi6c
GtzL24vzGFtsStHvWJDo6MWA2fGPblHqRbrQfPssx3v7gsLmXGjSF7Z3h3bAuKF0
QVaiSpkyUkRmp0DsVCfEufWSGCJI6NZFQHWLlboMbiyCY9RAI6BAC45BDVLSDIkm
/MHFArjDrqrTr7hAGdTQ8vg/p7U9aw==
=AaE7
-----END PGP SIGNATURE-----
--- End Message ---
Reply to: