Hi Salvatore,
Am 20.09.2012 um 19:37 schrieb Salvatore Bonaccorso <car...@debian.org>: > Hi Thilo > > I had a quick look again at your current version uploaded to > mentors.d.n. Really thanks for your work you put into that package. > I'm adding only again some comments: > > current lintian reports the following two: > > W: logsurfer: hardening-no-fortify-functions usr/bin/logsurfer > N: > N: This package provides an ELF binary that lacks the use of fortified libc > N: functions. Either there are no potentially unfortified functions called > N: by any routines, all unfortified calls have already been fully validated > N: at compile-time, or the package was not built with the default Debian > N: compiler flags defined by dpkg-buildflags. If built using > N: dpkg-buildflags directly, be sure to import CPPFLAGS. > N: > N: NB: Due to false-positives, Lintian ignores some unprotected functions > N: (e.g. memcpy). > N: > N: Refer to http://wiki.debian.org/Hardening and > N: http://bugs.debian.org/673112 for details. > N: > N: Severity: normal, Certainty: possible > N: > N: Check: binaries, Type: binary, udeb > N: > > This needs patching of Makefile.in. Simply adding @CPPFLAGS@ to the > CPPFLAGS asignmend should do unless I missed something. After doing so > my resulting binary had: > > foo/usr/bin/logsurfer: > Position Independent Executable: no, normal executable! > Stack protected: yes > Fortify Source functions: yes (some protected functions found) > Read-only relocations: yes > Immediate binding: no, not found! Yes, that worked for me, too. I included the patch. > I: logsurfer: FSSTND-dir-in-manual-page > usr/share/man/man5/logsurfer.conf.5.gz:249 /var/adm/ > N: > N: The manual page references a directory that is specified in the FSSTND > N: but not in the FHS which is used by Debian. This can be an indicator of > N: a mismatch of the location of files as installed for Debian and as > N: described by the man page. > N: > N: If you have to change file locations to abide by Debian Policy please > N: also patch the man page to mention these new locations. > N: > N: Severity: wishlist, Certainty: certain > N: > N: Check: manpages, Type: binary > N: While I think that lintian show this warning because of "/var/adm", I get your point. > No files are installed into the wrong directory, but looking at the > manpage logsurfer.conf(5) I see that /usr/local/etc/logsurfer.conf is > references as default configuration file. Trying to start logsurfer: > > # logsurfer > warning: logsurfer started as root > error opening configfile /usr/local/etc/logsurfer.conf > error reading configfile /usr/local/etc/logsurfer.conf > > For more information on Configuration files[1], in particular see > 'Location' and 'Behaviour'. Location of a default configuration file > seems configurable in the configure part. > > [1]: http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files I changed the default to /etc/logsurfer.conf. The warning about /var/adm is still there, but I think that should be ok. > debian/changelog: For the initial upload it is only needed to have the > 'Initial release (Closes: #670875)' entry, the others as part of the > inital packaging could be removed. Fixed. > Hmm, maybe would be good to actually add a README.Debian to give an > introduction on how to use logsurfer on a Debian system? How to set up > monitoring of a logfile? cronjobs? Yes, I thought about that as well. For now I created a small README.Debian. But maybe it would be a good idea to include some examples like an init.d script to start logsrufer on system boot. > Hope this could help you, Yes, very much! I uploaded a new version to mentors.d.n. Thanks again, Thilo -- To UNSUBSCRIBE, email to debian-wnpp-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/bb0551f1-46f2-44e2-95b1-0a33c5b42...@uttendorfer.net
