If these are known issues, let me know however a search through Nabble only returned one Bastille issue regarding hostname. I'll keep it brief and provide more detail after.
Upgrading my full install of Lenny resulted in broken plugins behind systemsettings package and no way to figure out the offending packages. The Testing netinst froze after installer selection on my VM so I went with plan C; install minimal Lenny netinst then full-upgrade then the normal distro upgrade too squeeze. (aptitude clean && aptitude update && aptitude install dpkg apt aptitude && aptitude full-upgrade - against the squeeze repositories)
So, I have a nice clean Squeeze on my laptop until today when I finally get to running through Bastille and caboom. In short:
- bastille removes all permissions from /usr/bin/ssh without any warning in the config questions
- post-rule-setup.sh was not taking effect
- /etc/init.d/bastille-firewall restart was not clearing the /var/lock/bastille
- manually clearing /var/lock/bastille allowed it to restart but still not clear the lock
- aptitude reinstall bastille and aptitude purge bastille are both a no-go:
# aptitude reinstall bastille
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Reading task descriptions... Done
The following packages will be REINSTALLED:
bastille
0 packages upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 0 not
upgraded.
Need to get 0B of archives. After unpacking 0B will be used.
Writing extended state information... Done
Setting up bastille (1:3.0.9-12) ...
update-rc.d: warning: /etc/init.d/bastille-firewall missing LSB information
update-rc.d: see <http://wiki.debian.org/LSBInitScripts>
ERROR: "/sbin/bastille-ipchains" not available!
invoke-rc.d: initscript bastille-firewall, action "start" failed.
dpkg: error processing bastille (--configure):
subprocess installed post-installation script returned error exit status 1
Processing triggers for menu ...
Errors were encountered while processing:
bastille
E: Sub-process /usr/bin/dpkg returned an error code (1)
A package failed to install. Trying to recover:
Reading package lists... Done
Building dependency tree
Reading state information... Done
Reading extended state information
Initializing package states... Done
Reading task descriptions... Done
Anyone seeing this same behavior? Would a list of my packages help? What other information can I provide?
Bastille is a fantastic start to securing a system and one of the major reasons I switched to Debian. A system feels naked without having it run before further config steps.
(also an issue with Conky and KDE4 but that seems to be more known)
Joe