Bug#695748: unblock: ferm/2.1-4
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock
Please unblock package ferm
Hi,
I fixed two nasty bugs (I think at least #694334 is RC) in 2.1-4.
#694334: ferm: modifies files under /etc:
if an admin decided to have different permissions for
/etc/ferm those will be overwritten with the wheezy update
#695677: domain within a function produces syntax error
having a function where "domain (ip ip6)" is used is rejected
by the version in wheezy which is a regression, the patch got
backported from upstreams git.
The fixes are both oneliners and I think having them in wheezy would
be good. The debdiff is attached.
diff --git a/debian/changelog b/debian/changelog
index e1109cc..d5ba908 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,13 @@
+ferm (2.1-4) unstable; urgency=low
+
+ * [4ede608] Backport a patch that fixes a regression in functions containing
+ ip and ip6 domains
+ (Closes: #695677)
+ * [22d4a48] don't modify permissions on /etc/ferm during upgrade
+ (Closes: #694334)
+
+ -- Alexander Wirt <formorer@debian.org> Tue, 11 Dec 2012 22:59:18 +0100
+
ferm (2.1-3) unstable; urgency=low
[ Salvatore Bonaccorso ]
diff --git a/debian/ferm.postinst b/debian/ferm.postinst
index 0f8ea64..ab50cb2 100644
--- a/debian/ferm.postinst
+++ b/debian/ferm.postinst
@@ -43,7 +43,7 @@ if [ "$action" = configure ]; then
sed -i "s/^ENABLED=.*$/ENABLED=\"$VALUE\"/" /etc/default/ferm
# make the firewall configuration readable only by root and group adm
- if [ -d /etc/ferm ]; then
+ if [ -d /etc/ferm ] && [ -z $version ]; then
chown -R root:adm /etc/ferm
chmod 2750 /etc/ferm
fi
diff --git a/src/ferm b/src/ferm
index b83048d..2214969 100755
--- a/src/ferm
+++ b/src/ferm
@@ -2052,7 +2052,7 @@ sub enter($$) {
new_level(%inner, \%rule);
set_domain(%inner, $domain) or next;
$script->{tokens} = [ @$tokens ];
- enter($lev, \%inner);
+ enter(0, \%inner);
}
$script->{tokens} = $old_tokens;
unblock ferm/2.1-4
Thanks in advance
Alex
Reply to: