[23887] in Source-Commits
/svn/athena r23497 - in trunk/debathena/config/linerva: debian files/etc files/etc/security files/usr/local/sbin files/usr/sbin
daemon@ATHENA.MIT.EDU (Nelson Elhage)
Sat Feb 28 20:50:58 2009
Date: Sat, 28 Feb 2009 20:50:09 -0500
From: Nelson Elhage <nelhage@MIT.EDU>
Message-Id: <200903010150.n211o9FX006405@drugstore.mit.edu>
To: source-commits@mit.edu
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Author: nelhage
Date: 2009-02-28 20:50:09 -0500 (Sat, 28 Feb 2009)
New Revision: 23497
Added:
trunk/debathena/config/linerva/files/etc/security/access.conf.debathena.debathena
Removed:
trunk/debathena/config/linerva/files/etc/security/access.conf.debathena
Modified:
trunk/debathena/config/linerva/debian/changelog
trunk/debathena/config/linerva/debian/control.in
trunk/debathena/config/linerva/debian/debathena-linerva.postinst
trunk/debathena/config/linerva/debian/rules
trunk/debathena/config/linerva/files/etc/motd.debathena
trunk/debathena/config/linerva/files/usr/local/sbin/linerva-install
trunk/debathena/config/linerva/files/usr/sbin/linerva-clean-setugid
Log:
Fix some bugs and update debathena-linerva for Lenny.
* Move logcheck configuration into a separate git repository.
* Fix linerva-clean-setugid in the case where there are no
unexpected set[ug]id programs
* Divert access.conf.debathena rather than access.conf
* Update the motd for lenny
Modified: trunk/debathena/config/linerva/debian/changelog
===================================================================
--- trunk/debathena/config/linerva/debian/changelog 2009-03-01 00:41:41 UTC (rev 23496)
+++ trunk/debathena/config/linerva/debian/changelog 2009-03-01 01:50:09 UTC (rev 23497)
@@ -1,3 +1,13 @@
+debathena-linerva (1.14) unstable; urgency=low
+
+ * Move logcheck configuration into a separate git repository.
+ * Fix linerva-clean-setugid in the case where there are no
+ unexpected set[ug]id programs
+ * Divert access.conf.debathena rather than access.conf
+ * Update the motd for lenny
+
+ -- Nelson Elhage <nelhage@mit.edu> Sat, 28 Feb 2009 20:17:12 -0500
+
debathena-linerva (1.13) unstable; urgency=low
[ Greg Price ]
Modified: trunk/debathena/config/linerva/debian/control.in
===================================================================
--- trunk/debathena/config/linerva/debian/control.in 2009-03-01 00:41:41 UTC (rev 23496)
+++ trunk/debathena/config/linerva/debian/control.in 2009-03-01 01:50:09 UTC (rev 23497)
@@ -7,6 +7,7 @@
Package: debathena-linerva
Architecture: all
+Pre-Depends: git-core
Depends: logcheck, screen, elinks, sysklogd, linux32, bind9
Provides: ${diverted-files}
Conflicts: ${diverted-files}
Modified: trunk/debathena/config/linerva/debian/debathena-linerva.postinst
===================================================================
--- trunk/debathena/config/linerva/debian/debathena-linerva.postinst 2009-03-01 00:41:41 UTC (rev 23496)
+++ trunk/debathena/config/linerva/debian/debathena-linerva.postinst 2009-03-01 01:50:09 UTC (rev 23497)
@@ -33,7 +33,12 @@
# make logcheck able to read its stuff
chown logcheck /var/lib/logcheck/
chown logcheck /var/lock/logcheck/
- chmod 750 /etc/logcheck
+ if [ ! -e /etc/logcheck/.git ]; then
+ mv /etc/logcheck /etc/logcheck.orig
+ git clone /mit/linerva/git/logcheck.git /etc/logcheck
+ fi
+ chmod 750 /etc/logcheck
+ chmod 750 /etc/logcheck.orig
chmod a=rwx,o+t /var/run/screen # So that screen works without setuid.
Modified: trunk/debathena/config/linerva/debian/rules
===================================================================
--- trunk/debathena/config/linerva/debian/rules 2009-03-01 00:41:41 UTC (rev 23496)
+++ trunk/debathena/config/linerva/debian/rules 2009-03-01 01:50:09 UTC (rev 23497)
@@ -2,29 +2,13 @@
DEB_DIVERT_EXTENSION = .debathena
DEB_DIVERT_FILES_debathena-linerva += \
- /etc/logcheck/logcheck.conf.debathena \
- /etc/logcheck/ignore.d.server/kernel.debathena \
- /etc/logcheck/ignore.d.server/perl.debathena \
- /etc/logcheck/ignore.d.server/ssh.debathena \
- /etc/logcheck/ignore.d.server/get_message.debathena \
- /etc/logcheck/ignore.d.server/cron.debathena \
- /etc/logcheck/ignore.d.server/fingerd.debathena \
- /etc/logcheck/ignore.d.server/automount.debathena \
- /etc/logcheck/ignore.d.server/gconfd.debathena \
- /etc/logcheck/ignore.d.server/screen.debathena \
- /etc/logcheck/violations.ignore.d/logcheck-automount.debathena \
- /etc/logcheck/violations.ignore.d/logcheck-gconfd.debathena \
- /etc/logcheck/violations.ignore.d/logcheck-get_message.debathena \
- /etc/logcheck/violations.ignore.d/logcheck-kernel.debathena \
- /etc/logcheck/violations.ignore.d/logcheck-perl.debathena \
- /etc/logcheck/violations.ignore.d/logcheck-screen.debathena \
- /etc/logcheck/violations.ignore.d/logcheck-ssh.debathena \
/usr/bin/elinks.debathena \
/etc/motd.debathena \
/etc/resolv.conf.debathena \
/etc/security/limits.conf.debathena \
/sbin/init.debathena \
- /etc/ssh/sshd_config.debathena.debathena
+ /etc/ssh/sshd_config.debathena.debathena \
+ /etc/security/access.conf.debathena.debathena
DEB_TRANSFORM_FILES_debathena-linerva += \
/etc/syslog.conf.debathena \
/etc/cron.d/logcheck.debathena
Modified: trunk/debathena/config/linerva/files/etc/motd.debathena
===================================================================
--- trunk/debathena/config/linerva/files/etc/motd.debathena 2009-03-01 00:41:41 UTC (rev 23496)
+++ trunk/debathena/config/linerva/files/etc/motd.debathena 2009-03-01 01:50:09 UTC (rev 23497)
@@ -1,6 +1,6 @@
Welcome to Linerva, the SIPB Linux dialup for MIT.
-Linerva runs Debathena on Debian etch.
+Linerva runs Debathena on Debian lenny..
http://linerva.mit.edu for more information
blanche linerva-announce -a $USER # for outage announcements
linerva@mit.edu (not IS&T) for questions and bug reports
Deleted: trunk/debathena/config/linerva/files/etc/security/access.conf.debathena
Copied: trunk/debathena/config/linerva/files/etc/security/access.conf.debathena.debathena (from rev 23496, trunk/debathena/config/linerva/files/etc/security/access.conf.debathena)
Property changes on: trunk/debathena/config/linerva/files/etc/security/access.conf.debathena.debathena
___________________________________________________________________
Name: svn:mergeinfo
+
Modified: trunk/debathena/config/linerva/files/usr/local/sbin/linerva-install
===================================================================
--- trunk/debathena/config/linerva/files/usr/local/sbin/linerva-install 2009-03-01 00:41:41 UTC (rev 23496)
+++ trunk/debathena/config/linerva/files/usr/local/sbin/linerva-install 2009-03-01 01:50:09 UTC (rev 23497)
@@ -18,7 +18,7 @@
kinit -k -t /etc/krb5.keytab
aklog sipb.mit.edu
-cd /mit/debathena/packages/meta/linerva-master
+cd /mit/debathena/packages/meta/debathena-linerva-master
for i in "$@"; do
echo "$i" >> debathena-linerva-master.equivs-add
done
Modified: trunk/debathena/config/linerva/files/usr/sbin/linerva-clean-setugid
===================================================================
--- trunk/debathena/config/linerva/files/usr/sbin/linerva-clean-setugid 2009-03-01 00:41:41 UTC (rev 23496)
+++ trunk/debathena/config/linerva/files/usr/sbin/linerva-clean-setugid 2009-03-01 01:50:09 UTC (rev 23497)
@@ -28,26 +28,42 @@
case "$1" in
--list|"")
- echo "Unexpected setuid files:"
- ls -l $(list_bad_setuid)
- echo
- echo "Unexpected setgid files:"
- ls -l $(list_bad_setgid)
- echo
- echo "Run $0 --clean to fix these."
+ found=""
+ setuid="$(list_bad_setuid)"
+ setgid="$(list_bad_setgid)"
+ if [ -n "$setuid" ]; then
+ echo "Unexpected setuid files:"
+ ls -l $(list_bad_setuid)
+ echo
+ found=1
+ fi
+ if [ -n "$setgid" ]; then
+ echo "Unexpected setgid files:"
+ ls -l $(list_bad_setgid)
+ echo
+ found=1
+ fi
+ if [ -n "$found" ]; then
+ echo "Run $0 --clean to fix these."
+ fi
;;
--clean)
setuid="$(list_bad_setuid)"
setgid="$(list_bad_setgid)"
- echo "Unexpected setuid files:"
- ls -l $setuid
- echo
- echo "Unexpected setgid files:"
- ls -l $setgid
- echo
- chmod u-s $setuid
- chmod g-s $setgid
+ if [ -n "$setuid" ]; then
+ echo "Unexpected setuid files:"
+ ls -l $setuid
+ echo
+ chmod u-s $setuid
+ fi
+
+ if [ -n "$setgid" ]; then
+ echo "Unexpected setgid files:"
+ ls -l $setgid
+ echo
+ chmod g-s $setgid
+ fi
;;
*)
