[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#776009: marked as done (unblock: xymon/4.3.17-5)

Your message dated Sun, 01 Feb 2015 10:08:57 +0100
with message-id <54CDED29.80709@thykier.net>
and subject line Re: Bug#776009: unblock: xymon/4.3.17-5
has caused the Debian Bug report #776009,
regarding unblock: xymon/4.3.17-5
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
776009: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=776009
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Hi,

several updates for xymon have accumulated since the last upload. We'd
like to have them in Jessie, so we are asking for approval of the
changes below.

Changelog:

diff -Nru xymon-4.3.17/debian/changelog xymon-4.3.17/debian/changelog
--- xymon-4.3.17/debian/changelog	2014-10-23 16:50:53.000000000 +0200
+++ xymon-4.3.17/debian/changelog	2015-01-22 17:37:30.000000000 +0100
@@ -1,3 +1,21 @@
+xymon (4.3.17-5) unstable; urgency=medium
+
+  [ Christoph Berg ]
+  * Restore the lost ROOTFS variable in xymonclient-linux.sh, and patch
+    xymond/rrd/do_disk.c to ignore duplicate submissions for the / partition.
+    (Closes: #767901)
+  * Fix buffer overrun in web/acknowledge.c (Closes: #776007)
+  * Debconf translations, thanks!
+    + pt by Américo Monteiro (Closes: #767840)
+    + fr by Jean-Pierre Giraud (Closes: #770168)
+    + nl by Frans Spiesschaert (Closes: #771182)
+
+  [ Axel Beckert ]
+  * Fix aborting installation in cases where a hobbit user exists despite
+    hobbit-client was not installed before. (LP: #1407498)
+
+ -- Christoph Berg <christoph.berg@credativ.de>  Thu, 22 Jan 2015 17:37:26 +0100
+
 xymon (4.3.17-4) unstable; urgency=medium
 
   * Add debconf question to disable the automatic migration from hobbit to


The first patch is the buffer overrun from #776007:

diff -Nru xymon-4.3.17/debian/patches/acknowledge-malloc xymon-4.3.17/debian/patches/acknowledge-malloc
--- xymon-4.3.17/debian/patches/acknowledge-malloc	1970-01-01 01:00:00.000000000 +0100
+++ xymon-4.3.17/debian/patches/acknowledge-malloc	2015-01-22 16:49:28.000000000 +0100
@@ -0,0 +1,11 @@
+--- a/web/acknowledge.c
++++ b/web/acknowledge.c
+@@ -289,7 +289,7 @@ int main(int argc, char *argv[])
+ 					pcre *dummy;
+ 					char *re;
+ 
+-					re = (char *)malloc(8 + strlen(pagename));
++					re = (char *)malloc(8 + 2*strlen(pagename));
+ 					sprintf(re, "%s$|^%s/.+", pagename, pagename);
+ 					dummy = compileregex(re);
+ 					if (dummy) {

(This is probably exploitable, but the URL for this is only accessible
for authenticated admin users, so it's not a very bad security issue.)


The next one is the #767901 issue that causes monitoring graphs for
the / partition (disk space and inodes) to be broken. The C part
accounts for the fact that the "df" output in the default
installations have "/" listed twice, and suppresses duplicate updates
for that partitions (which cause rrd to get confused).

The hard-to-read sh diff below merely restores the ROOTFS line that's
present in the upstream version of the original file, but got lost
during some patch update.

diff -Nru xymon-4.3.17/debian/patches/disk-no-duplicate-root xymon-4.3.17/debian/patches/disk-no-duplicate-root
--- xymon-4.3.17/debian/patches/disk-no-duplicate-root	1970-01-01 01:00:00.000000000 +0100
+++ xymon-4.3.17/debian/patches/disk-no-duplicate-root	2015-01-21 16:31:46.000000000 +0100
@@ -0,0 +1,30 @@
+--- a/xymond/rrd/do_disk.c
++++ b/xymond/rrd/do_disk.c
+@@ -20,6 +20,7 @@ int do_disk_rrd(char *hostname, char *te
+ 	static int ptnsetup = 0;
+ 	static pcre *inclpattern = NULL;
+ 	static pcre *exclpattern = NULL;
++	int seen_root_fs = 0;
+ 
+ 	if (strstr(msg, "netapp.pl")) return do_netapp_disk_rrd(hostname, testname, classname, pagepaths, msg, tstamp);
+ 	if (strstr(msg, "dbcheck.pl")) return do_dbcheck_tablespace_rrd(hostname, testname, classname, pagepaths, msg, tstamp);
+@@ -163,6 +164,19 @@ int do_disk_rrd(char *hostname, char *te
+ 
+ 		/* Check include/exclude patterns */
+ 		wanteddisk = 1;
++		/*
++		 * On some systems, including the Debian Wheezy default setup,
++		 * df shows two entries for / (one for "rootfs", one for the
++		 * real device). Skip the second one or else the rrd files
++		 * produced contain ugly gaps. (A complete fix would do this
++		 * for all filesystems, but this case should be rare.)
++		 */
++		if (!strcmp(diskname, "/")) {
++			if (seen_root_fs)
++				wanteddisk = 0;
++			else
++				seen_root_fs = 1;
++		}
+ 		if (exclpattern) {
+ 			int ovector[30];
+ 			int result;
diff -Nru xymon-4.3.17/debian/patches/hobbitclient-tmpfs xymon-4.3.17/debian/patches/hobbitclient-tmpfs
--- xymon-4.3.17/debian/patches/hobbitclient-tmpfs	2014-10-01 15:41:26.000000000 +0200
+++ xymon-4.3.17/debian/patches/hobbitclient-tmpfs	2014-11-03 13:05:02.000000000 +0100
@@ -15,31 +15,27 @@
 
  -- Christoph Berg <myon@debian.org>  Sat, 05 Jul 2008 14:43:23 +0200
 
-Index: xymon/client/xymonclient-linux.sh
-===================================================================
---- xymon.orig/client/xymonclient-linux.sh	2013-05-20 16:04:13.319498276 +0200
-+++ xymon/client/xymonclient-linux.sh	2013-05-20 16:04:13.299497611 +0200
-@@ -45,9 +45,13 @@
+--- a/client/xymonclient-linux.sh
++++ b/client/xymonclient-linux.sh
+@@ -45,9 +45,14 @@ uptime
  echo "[who]"
  who
  echo "[df]"
 -EXCLUDES=`cat /proc/filesystems | grep nodev | grep -v rootfs | awk '{print $2}' | xargs echo | sed -e 's! ! -x !g'`
--ROOTFS=`readlink -m /dev/root`
--df -Pl -x iso9660 -x $EXCLUDES | sed -e '/^[^ 	][^ 	]*$/{
 +if test -f /proc/filesystems ; then # Linux
 +	EXCLUDES=`cat /proc/filesystems | grep nodev | egrep -v 'tmpfs|rootfs' | awk '{print $2}' | xargs echo | sed -e 's! ! -x !g'`
 +else # kfreebsd (or /proc not mounted)
 +	EXCLUDES=`mount | grep -v '^/' | egrep -v 'tmpfs|rootfs' | awk '{print $1}' | xargs echo | sed -e 's! ! -x !g'`
 +fi
+ ROOTFS=`readlink -m /dev/root`
+-df -Pl -x iso9660 -x $EXCLUDES | sed -e '/^[^ 	][^ 	]*$/{
 +# kfreebsd needs an extra grep -v
 +df -Pl -x iso9660 -x $EXCLUDES | grep -v '^/sys' | sed -e '/^[^ 	][^ 	]*$/{
  N
  s/[ 	]*\n[ 	]*/ /
  }' -e "s&^rootfs&${ROOTFS}&"
-Index: xymon/xymond/etcfiles/analysis.cfg
-===================================================================
---- xymon.orig/xymond/etcfiles/analysis.cfg	2013-05-20 16:04:13.319498276 +0200
-+++ xymon/xymond/etcfiles/analysis.cfg	2013-05-20 16:04:13.307497876 +0200
+--- a/xymond/etcfiles/analysis.cfg
++++ b/xymond/etcfiles/analysis.cfg
 @@ -353,6 +353,11 @@
  
  


... the inevitable debian/patches/series update for the above:

diff -Nru xymon-4.3.17/debian/patches/series xymon-4.3.17/debian/patches/series
--- xymon-4.3.17/debian/patches/series	2014-10-01 15:41:26.000000000 +0200
+++ xymon-4.3.17/debian/patches/series	2015-01-22 16:49:00.000000000 +0100
@@ -23,3 +23,5 @@
 fix-exp-values-in-ncv
 netstat-ant-vs-ipv6-address-truncating
 apache2.4
+disk-no-duplicate-root
+acknowledge-malloc


... some i18n updates:

diff -Nru xymon-4.3.17/debian/po/fr.po xymon-4.3.17/debian/po/fr.po
diff -Nru xymon-4.3.17/debian/po/nl.po xymon-4.3.17/debian/po/nl.po
diff -Nru xymon-4.3.17/debian/po/pt.po xymon-4.3.17/debian/po/pt.po


... and finally a fix for the migration from the old hobbit user that
avoids invoking "find" on non-existing directories (LP #1407498)

diff -Nru xymon-4.3.17/debian/xymon-client.postinst xymon-4.3.17/debian/xymon-client.postinst
--- xymon-4.3.17/debian/xymon-client.postinst	2014-10-23 14:57:28.000000000 +0200
+++ xymon-4.3.17/debian/xymon-client.postinst	2015-01-21 16:31:46.000000000 +0100
@@ -49,7 +49,9 @@
 		--gecos "Xymon System Monitor" xymon
 	if [ "$MIGRATE" ] && getent passwd hobbit > /dev/null; then
 	    for d in /etc/hobbit /etc/xymon /var/*/hobbit /var/*/xymon; do
-		find $d -user hobbit -print0 2>/dev/null | xargs -0 -r chown xymon
+                if [ -d $d ]; then
+		    find $d -user hobbit -print0 2>/dev/null | xargs -0 -r chown xymon
+                fi
 	    done
 	    pkill -u hobbit vmstat || true
 	    deluser hobbit || echo "Couldn't delete user hobbit, please remove it manually"
@@ -58,7 +60,9 @@
 	# Migrate old group
 	if [ "$MIGRATE" ] && getent group hobbit > /dev/null; then
 	    for d in /etc/hobbit /etc/xymon /var/*/hobbit /var/*/xymon; do
-		find $d -group hobbit -print0 2>/dev/null | xargs -0 -r chgrp xymon
+                if [ -d $d ]; then
+		    find $d -group hobbit -print0 2>/dev/null | xargs -0 -r chgrp xymon
+                fi
 	    done
 	    delgroup --only-if-empty hobbit || echo "Couldn't delete group hobbit, please remove it manually"
 	fi


I've uploaded the package to DELAYED/15. Are these ok for Jessie? I'd
either reschedule the upload for immediate release, or cancel the
upload.

Thanks,
Christoph
-- 
cb@df7cb.de | http://www.df7cb.de/

Attachment: signature.asc
Description: Digital signature


--- End Message ---
--- Begin Message --- 
On 2015-01-30 12:26, Axel Beckert wrote:
> Control: tag -1 - moreinfo
> 
> Hi Niels,
> 
> Niels Thykier wrote:
>> Please go ahead with these changes
> 
> Thanks!
> 
> I've rescheduled it and it has been accepted in unstable (and built on
> most architectures). It should reach the archive with the next
> dinstall run.
> 
>> and remove the moreinfo tag once they reach unstable.
> 
> Done.
> 
> 		Regards, Axel
> 

Unblocked, thanks.

~Niels

--- End Message ---
Reply to: