Bug#1041323: CFEngine agent connection errors
Hi Guido, On Mi 09 Aug 2023 13:17:03 CEST, Guido Berhoerster wrote: On Thu, 20 Jul 2023 11:25:09 +0200 Guido Berhoerster wrote: Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) TRUST FAILED, server presented untrusted key: MD5=42d62c2c4be843a78dafffb40dd40277 Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) No suitable server found for '/var/lib/cfengine3/inputs' Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) Promise belongs to bundle 'failsafe_cfe_internal_update' in file '/var/lib/cfengine3/inputs/failsafe.cf' near line 121 Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) Errors encountered when actuating files promise '/var/lib/cfengine3/inputs' Jul 20 10:35:34 tjener.intern cf-serverd[1168]:error: ::1> SSL_write: underlying network error (Broken pipe) Jul 20 10:35:34 tjener.intern cf-serverd[1168]: CFEngine(server) ::1> SSL_write: underlying network error (Broken pipe) Jul 20 10:35:34 tjener.intern cf-serverd[1168]: notice: ::1> Connection was hung up! Jul 20 10:35:34 tjener.intern cf-serverd[1168]: CFEngine(server) ::1> Connection was hung up! Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) TRUST FAILED, server presented untrusted key: MD5=42d62c2c4be843a78dafffb40dd40277 Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) No suitable server found for '/var/lib/cfengine3/modules' Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) Promise belongs to bundle 'failsafe_cfe_internal_update' in file '/var/lib/cfengine3/inputs/failsafe.cf' near line 130 Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) Errors encountered when actuating files promise '/var/lib/cfengine3/modules' Jul 20 10:35:34 tjener.intern cf-serverd[1168]:error: ::1> SSL_write: underlying network error (Broken pipe) Jul 20 10:35:34 tjener.intern cf-serverd[1168]: CFEngine(server) ::1> SSL_write: underlying network error (Broken pipe) Jul 20 10:35:34 tjener.intern cf-serverd[1168]: notice: ::1> Connection was hung up! Jul 20 10:35:34 tjener.intern cf-serverd[1168]: CFEngine(server) ::1> Connection was hung up! Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) TRUST FAILED, server presented untrusted key: MD5=42d62c2c4be843a78dafffb40dd40277 Jul 20 10:35:34 tjener.intern cf-serverd[1168]:error: ::1> Connection was hung up while receiving line: Jul 20 10:35:34 tjener.intern cf-serverd[1168]: CFEngine(server) ::1> Connection was hung up while receiving line: Jul 20 10:35:34 tjener.intern cf-serverd[1168]: notice: ::1> Client closed connection early! He probably does not trust our key... Jul 20 10:35:34 tjener.intern cf-serverd[1168]: CFEngine(server) ::1> Client closed connection early! He probably does not trust our key... Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) No suitable server found for '/var/lib/cfengine3/inputs' Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) Promise belongs to bundle 'failsafe_cfe_internal_update' in file '/var/lib/cfengine3/inputs/failsafe.cf' near line 144 Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) Comment is 'If we failed to fetch policy we try again using the legacy default in case we are fetching policy from a hub that is not serving mastefiles via a shortcut.' Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) Errors encountered when actuating files promise '/var/lib/cfengine3/inputs' Jul 20 10:35:34 tjener.intern cf-agent[4722]: CFEngine(agent) Method 'failsafe_cfe_internal_update' failed in some repairs Jul 20 10:35:34 tjener.intern cf-agent[4734]: CFEngine(agent) TRUST FAILED, server presented untrusted key: MD5=42d62c2c4be843a78dafffb40dd40277 Jul 20 10:35:34 tjener.intern cf-agent[4734]: CFEngine(agent) No suitable server found for '/var/lib/cfengine3/inputs/cf_promises_validated' Jul 20 10:35:34 tjener.intern cf-agent[4734]: CFEngine(agent) Promise belongs to bundle 'cfe_internal_update_policy_cpv' in file '/var/lib/cfengine3/inputs/cfe_internal/update/update_policy.cf' near line 229 Jul 20 10:35:34 tjener.intern cf-agent[4734]: CFEngine(agent) Comment is 'Check whether a validation stamp is available for a new policy update to reduce the distributed load' The untrusted server key issue can be fixed by following the procedure on manually establishing trust described in https://cfengine.com/blog/2015/securely-deplo
Bug#1041323: CFEngine agent connection errors
Am 10.08.23 um 11:12 schrieb Mike Gabriel: > Indeed, cfengine3 for Debian Edu is only designed to be used for post-install > adjustments, not for regular / continuous config management. > > So, disabling the cfagent (cf-execd) service should be the way to go (we > won't loose functionality compared to previous Debian Edu versions), the > cf-agent run should happen only based on the local configuration files > shipped by debian-edu-config. Before we start changing anything here it needs to be cleared up with the cfengine3 maintainers what the default of cfengine should be. Right now it is inconsistent,depening on whether systemd is installed or not, see https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043353 -- Guido Berhoerster
Bug#1043407: configure-edu-gateway does not enable nat/ip forwarding due to missing iptables
Package: debian-edu-config Version: 2.12.33 Setting up a router following the documentation at https://wiki.debian.org/DebianEdu/Documentation/Bookworm/Requirements by doing a minimal install and and running the setup script /usr/share/debian-edu-config/tools/configure-edu-gateway --firewall=no does not suffice to create a working router because iptables is not installed and the enable-nat service/init script will not configure forwarding. This could be fixed by 1. amending the documentation to manually install iptables 2. installing iptables in the configure-edu-gateway script 3. adding iptables to the minimal installation Suggestions? -- Guido Berhoerster
Bug#1043407: configure-edu-gateway does not enable nat/ip forwarding due to missing iptables
Hi Guido, On Do 10 Aug 2023 11:46:21 UTC, Guido Berhoerster wrote: Package: debian-edu-config Version: 2.12.33 Setting up a router following the documentation at https://wiki.debian.org/DebianEdu/Documentation/Bookworm/Requirements by doing a minimal install and and running the setup script /usr/share/debian-edu-config/tools/configure-edu-gateway --firewall=no does not suffice to create a working router because iptables is not installed and the enable-nat service/init script will not configure forwarding. This could be fixed by 1. amending the documentation to manually install iptables 2. installing iptables in the configure-edu-gateway script 3. adding iptables to the minimal installation Suggestions? -- Guido Berhoerster or: document how to install debian-edu-router-config??? https://packages.debian.org/unstable/debian-edu-router-config ??? Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de
Bug#1043407: configure-edu-gateway does not enable nat/ip forwarding due to missing iptables
Am 10.08.23 um 13:59 schrieb Mike Gabriel: > On Do 10 Aug 2023 11:46:21 UTC, Guido Berhoerster wrote: > >> Package: debian-edu-config >> Version: 2.12.33 >> >> Setting up a router following the documentation at >> https://wiki.debian.org/DebianEdu/Documentation/Bookworm/Requirements >> by doing a minimal install and and running the setup script >> >> /usr/share/debian-edu-config/tools/configure-edu-gateway --firewall=no >> >> does not suffice to create a working router because iptables is not >> installed and the enable-nat service/init script will not configure >> forwarding. >> >> This could be fixed by >> 1. amending the documentation to manually install iptables >> 2. installing iptables in the configure-edu-gateway script >> 3. adding iptables to the minimal installation >> >> Suggestions? >> -- >> Guido Berhoerster > > or: document how to install debian-edu-router-config??? > > https://packages.debian.org/unstable/debian-edu-router-config Sure, but what about configure-edu-gateway, should we remove it then? -- Guido Berhoerster
Bug#1043407: configure-edu-gateway does not enable nat/ip forwarding due to missing iptables
Hi Guido, On Do 10 Aug 2023 12:15:38 UTC, Guido Berhoerster wrote: Am 10.08.23 um 13:59 schrieb Mike Gabriel: On Do 10 Aug 2023 11:46:21 UTC, Guido Berhoerster wrote: Package: debian-edu-config Version: 2.12.33 Setting up a router following the documentation at https://wiki.debian.org/DebianEdu/Documentation/Bookworm/Requirements by doing a minimal install and and running the setup script /usr/share/debian-edu-config/tools/configure-edu-gateway --firewall=no does not suffice to create a working router because iptables is not installed and the enable-nat service/init script will not configure forwarding. This could be fixed by 1. amending the documentation to manually install iptables 2. installing iptables in the configure-edu-gateway script 3. adding iptables to the minimal installation Suggestions? -- Guido Berhoerster or: document how to install debian-edu-router-config??? https://packages.debian.org/unstable/debian-edu-router-config Sure, but what about configure-edu-gateway, should we remove it then? -- Guido Berhoerster I'd drop the script and update the documentation (and explain how to install debian-edu-router-config, basically an apt-get install debian-edu-router-config with pressing enter for most of the debconf questions). Mike -- DAS-NETZWERKTEAM c\o Technik- und Ökologiezentrum Eckernförde Mike Gabriel, Marienthaler Str. 17, 24340 Eckernförde mobile: +49 (1520) 1976 148 landline: +49 (4351) 850 8940 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de pgpDDcMNH_Dqz.pgp Description: Digitale PGP-Signatur
Processing of debian-edu-config_2.12.34_source.changes
debian-edu-config_2.12.34_source.changes uploaded successfully to localhost along with the files: debian-edu-config_2.12.34.dsc debian-edu-config_2.12.34.tar.xz debian-edu-config_2.12.34_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org)
Bug#1039698: gosa postcreate/postmodify command fails when adding/modifying a system
Control: reassign -1 src:gosa Control: found -1 2.8~git20230116.d119cff+dfsg-1 On Di 18 Jul 2023 11:17:41 CEST, Guido Berhoerster wrote: None of the command hooks using sudo work. The issue is that the scripts seem to be executed by gosa without sudo as www-data. The problem seem to be that plugin::callHook() method erroneously strips off the sudo command (see https://github.com/gosa-project/gosa-core/blob/2b22a5550089bab108177a41254f3f9de07eb20c/include/class_plugin.inc#L1612). However I don't see any changes in git blame since 2016, not sure why this used to work in bullseye. -- Guido Berhoerster The issue needs to be resolved via GOsa², so reassigning the bug report. Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgp4jYAWDm74W.pgp Description: Digitale PGP-Signatur
Processed: Re: Bug#1039698: gosa postcreate/postmodify command fails when adding/modifying a system
Processing control commands: > reassign -1 src:gosa Bug #1039698 [debian-edu-config] gosa postcreate/postmodify command fails when adding/modifying a system Bug reassigned from package 'debian-edu-config' to 'src:gosa'. No longer marked as found in versions debian-edu-config/2.12.32. Ignoring request to alter fixed versions of bug #1039698 to the same values previously set > found -1 2.8~git20230116.d119cff+dfsg-1 Bug #1039698 [src:gosa] gosa postcreate/postmodify command fails when adding/modifying a system Marked as found in versions gosa/2.8~git20230116.d119cff+dfsg-1. -- 1039698: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039698 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1039699: Adding students/teachers with gosa fails due to LDAP and postcreate command errors
Control: reassign -1 src:gosa Control: found -1 2.8~git20230203.10abe45+dfsg-4 On Fr 04 Aug 2023 13:29:00 CEST, Guido Berhoerster wrote: On Fri, 21 Jul 2023 11:34:21 +0200 Guido Berhoerster wrote: I must have done something wrong before, with the newstudent template applied gosa creates the following on bullseye, which looks more correct/as expected: I just noticed that a "posixUser" class is only added if one clicks on the "POSIX" tab at least once (even without changing anything). That explains the difference. Not sure if that is intended behavior, it is surprising to say the least. -- Guido Berhoerster Also reassigning this to GOsa. The hook script execution will probably be fixed with upcoming upload of gosa 2.8~git20230203.10abe45+dfsg-5. Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgpTJdKhxNZh9.pgp Description: Digitale PGP-Signatur
Processed: Re: Bug#1039699: Adding students/teachers with gosa fails due to LDAP and postcreate command errors
Processing control commands: > reassign -1 src:gosa Bug #1039699 [debian-edu-config] Adding students/teachers with gosa fails due to LDAP and postcreate command errors Bug reassigned from package 'debian-edu-config' to 'src:gosa'. No longer marked as found in versions debian-edu-config/2.12.32. Ignoring request to alter fixed versions of bug #1039699 to the same values previously set > found -1 2.8~git20230203.10abe45+dfsg-4 Bug #1039699 [src:gosa] Adding students/teachers with gosa fails due to LDAP and postcreate command errors Marked as found in versions gosa/2.8~git20230203.10abe45+dfsg-4. -- 1039699: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039699 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
Bug#1030116: marked as done (d-edu-config: drop support for running against main server from Stretch)
Your message dated Thu, 10 Aug 2023 16:08:02 + with message-id and subject line Bug#1030116: fixed in debian-edu-config 2.12.34 has caused the Debian Bug report #1030116, regarding d-edu-config: drop support for running against main server from Stretch to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1030116: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1030116 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: debian-edu-config Version: 2.12.26 Severity: normal Dear Maintainer, debian/debian-edu-config.fetch-ldap-cert has this: ### BEGIN INIT INFO # Provides: fetch-ldap-cert ### ### FIXME: Legacy init script for Debian Edu clients. ### ###--- Remove for Debian Edu bookworm+1 --- ### ###Warning: Removing this script will drop support for clients running ###against Debian Edu main servers based on Debian Edu stretch and ###earlier. ### I think we should drop this once Bullseye has been released, as I feel uncomfortable removing it now just before the freeze... Filing a bug to remind us to do this. -- cheers, Holger ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ holger@(debian|reproducible-builds|layer-acht).org ⢿⡄⠘⠷⠚⠋⠀ OpenPGP: B8BF54137B09D35CF026FE9D 091AB856069AAA1C ⠈⠳⣄ It ain't no revolution, just because you can dance to it. signature.asc Description: PGP signature --- End Message --- --- Begin Message --- Source: debian-edu-config Source-Version: 2.12.34 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1030...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12.34) unstable; urgency=medium . [ Mike Gabriel ] * Start 2.12.34 development. * debian/debian-edu-config.lintian-overrides: + Update existing overrides (line numbers and such). + Drop missing-systemd-service-for-init.d-script overrides. Systemd service files are now provided. + Drop init.d-script-does-not-implement-status-option override for fetch-ldap-cert. Init script is now gone. * testsuite: Install to pkglibexecdir rather than libexecdir. Thanks lintian. * Makefile: Adjust white-spacing in variable declarations. * Makefile: Use $(NULL) variable at end of file lists. Allow for better git- patch readability. * Convert CRON configuration to systemd timers. * sbin/*-for-netgroup-hosts: Some noop + white-spacing beautifications. * Move d-e-c-*-for-netgroup-hosts scripts to pkglibexecdir. * debian/debian-edu-config.postinst: + Assure runlevel de-registering of init script fetch-ldap-cert. * debian/debian-edu-config.maintscript: + Assure removal of /etc/init.d/fetch-ldap-cert conffile. * debian/debian-edu-config.cron.*: + Only run scripts if they exist. Thanks piuparts. . [ Daniel Teichmann ] * etc/dhcp/dhcp-debian-edu.conf: + ldap-server. 'ldap' -> 'ldap.intern'. (Closes: #1039966). * share/debian-edu-config/tools/gosa-remove: + Fix kadmin.local, Use '-force' to disable interaction via stdin. . [ Guido Berhoerster ] * ldap-tools/ldap-createuser-krb5: + Fix user creation. (Closes: #1042456). Remove Samba NT4 domain support, add samba user using smbpasswd. Add root CA for new users (copied from gosa-create). + Fix new UID/GID selection. Exclude special users (UID/GID >= 1) when looking for the highest UID/GID. + Add CLI options for uid/gid/department. Also ensure script is run as root. + Add additional attributes based on template users. + Add support for additional groups. + Send welcome email in order t
Bug#1039966: marked as done (isc-dhcp-server.service: Could not get Tjener LDAP object (but it exists).)
Your message dated Thu, 10 Aug 2023 16:08:02 + with message-id and subject line Bug#1039966: fixed in debian-edu-config 2.12.34 has caused the Debian Bug report #1039966, regarding isc-dhcp-server.service: Could not get Tjener LDAP object (but it exists). to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1039966: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039966 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: debian-edu-config Severity: important Error messages popping up in syslog on newly installed systems.. gber (Guido Berhörster) can reproduce this issue. less /var/log/syslog: ``` 2023-06-30T10:02:19.424921+02:00 tjener systemd[1]: Starting isc-dhcp-server.service - DHCP server... 2023-06-30T10:02:19.439804+02:00 tjener kernel: [158732.008135] audit: type=1400 audit(1688112139.433:56880): apparmor="DENIED" operation="open" profile="/usr/sbin/dhcpd" name="/proc/sys/net/ipv4/ip_local_port_range" pid=138165 comm="dhcpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 2023-06-30T10:02:19.439829+02:00 tjener kernel: [158732.008359] audit: type=1400 audit(1688112139.433:56881): apparmor="DENIED" operation="open" profile="/usr/sbin/dhcpd" name="/proc/sys/net/ipv4/ip_local_port_range" pid=138165 comm="dhcpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 2023-06-30T10:02:20.655827+02:00 tjener kernel: [158733.222839] audit: type=1400 audit(1688112140.649:56882): apparmor="DENIED" operation="open" profile="/usr/sbin/dhcpd" name="/etc/gss/mech.d/" pid=138165 comm="dhcpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 2023-06-30T10:02:20.655852+02:00 tjener kernel: [158733.224031] audit: type=1400 audit(1688112140.649:56883): apparmor="DENIED" operation="open" profile="/usr/sbin/dhcpd" name="/proc/sys/net/ipv4/ip_local_port_range" pid=138165 comm="dhcpd" requested_mask="r" denied_mask="r" fsuid=0 ouid=0 2023-06-30T10:02:21.863147+02:00 tjener dhcpd[138165]: Cannot find host LDAP entry tjener (&(objectClass=dhcpServer)(cn=tjener)) 2023-06-30T10:02:21.863502+02:00 tjener dhcpd[138165]: Configuration file errors encountered -- exiting 2023-06-30T10:02:21.863661+02:00 tjener dhcpd[138165]: 2023-06-30T10:02:21.863791+02:00 tjener dhcpd[138165]: If you think you have received this message due to a bug rather 2023-06-30T10:02:21.863902+02:00 tjener dhcpd[138165]: than a configuration issue please read the section on submitting 2023-06-30T10:02:21.864040+02:00 tjener dhcpd[138165]: bugs on either our web page at www.isc.org or in the README file 2023-06-30T10:02:21.864147+02:00 tjener dhcpd[138165]: before submitting a bug. These pages explain the proper 2023-06-30T10:02:21.864252+02:00 tjener dhcpd[138165]: process and the information we find helpful for debugging. 2023-06-30T10:02:21.864353+02:00 tjener dhcpd[138165]: 2023-06-30T10:02:21.864450+02:00 tjener dhcpd[138165]: exiting. 2023-06-30T10:02:21.865527+02:00 tjener systemd[1]: isc-dhcp-server.service: Control process exited, code=exited, status=1/FAILURE 2023-06-30T10:02:21.865864+02:00 tjener systemd[1]: isc-dhcp-server.service: Failed with result 'exit-code'. 2023-06-30T10:02:21.866119+02:00 tjener systemd[1]: Failed to start isc-dhcp-server.service - DHCP server. 2023-06-30T10:02:23.893575+02:00 tjener systemd[1]: isc-dhcp-server.service: Scheduled restart job, restart counter is at 9475. ``` --- End Message --- --- Begin Message --- Source: debian-edu-config Source-Version: 2.12.34 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1039...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12
Bug#1040015: marked as done (share/debian-edu-config/tools/edu-icinga-setup: Uses static password for DB setup)
Your message dated Thu, 10 Aug 2023 16:08:02 + with message-id and subject line Bug#1040015: fixed in debian-edu-config 2.12.34 has caused the Debian Bug report #1040015, regarding share/debian-edu-config/tools/edu-icinga-setup: Uses static password for DB setup to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1040015: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1040015 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: debian-edu-config Version: 2.12.33 Severity: important The script share/debian-edu-config/tools/edu-icinga-setup helps us with setting up an Icinga2 system on the Debian Edu main server for the Debian Edu network. I that script, the MySQL DB for Icinga2 is set up with a hard-coded password (which is equal across all tjener installations). From my understanding, this can be avoided by uses pwgen for each individual script run, so all icinga2 setups on the various tjener installations becomes unique. See grep -r v64nhbe27dfBjR3T in d-e-c's base folder: share/debian-edu-config/tools/edu-icinga-setup: IDENTIFIED BY 'v64nhbe27dfBjR3T'; share/debian-edu-config/tools/edu-icinga-setup: sed -i "/password/ s%\".*\"%\"v64nhbe27dfBjR3T\"%" "/etc/icinga2/features-available/ido-mysql.conf" share/debian-edu-config/tools/edu-icinga-setup: IDENTIFIED BY 'v64nhbe27dfBjR3T'; share/debian-edu-config/tools/edu-icinga-setup: password = "v64nhbe27dfBjR3T" share/debian-edu-config/tools/edu-icinga-setup: password = "v64nhbe27dfBjR3T" light+love Mike -- mike gabriel aka sunweaver (Debian Developer) mobile: +49 (1520) 1976 148 landline: +49 (4351) 486 14 27 GnuPG Fingerprint: 9BFB AEE8 6C0A A5FF BF22 0782 9AF4 6B30 2577 1B31 mail: sunwea...@debian.org, http://sunweavers.net pgp71LQgREH4t.pgp Description: Digitale PGP-Signatur --- End Message --- --- Begin Message --- Source: debian-edu-config Source-Version: 2.12.34 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1040...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12.34) unstable; urgency=medium . [ Mike Gabriel ] * Start 2.12.34 development. * debian/debian-edu-config.lintian-overrides: + Update existing overrides (line numbers and such). + Drop missing-systemd-service-for-init.d-script overrides. Systemd service files are now provided. + Drop init.d-script-does-not-implement-status-option override for fetch-ldap-cert. Init script is now gone. * testsuite: Install to pkglibexecdir rather than libexecdir. Thanks lintian. * Makefile: Adjust white-spacing in variable declarations. * Makefile: Use $(NULL) variable at end of file lists. Allow for better git- patch readability. * Convert CRON configuration to systemd timers. * sbin/*-for-netgroup-hosts: Some noop + white-spacing beautifications. * Move d-e-c-*-for-netgroup-hosts scripts to pkglibexecdir. * debian/debian-edu-config.postinst: + Assure runlevel de-registering of init script fetch-ldap-cert. * debian/debian-edu-config.maintscript: + Assure removal of /etc/init.d/fetch-ldap-cert conffile. * debian/debian-edu-config.cron.*: + Only run scripts if they exist. Thanks piuparts. . [ Daniel Teichmann ] * etc/dhcp/dhcp-debian-edu.conf: + ldap-server. 'ldap' -> 'ldap.intern'. (Closes: #1039966). * share/debian-edu-config/tools/gosa-remove: + Fix kadmin.local, Use '-force' to disable interaction via stdin. . [ Guido Berhoerster ] * ldap-tools/ldap-createuser-krb5: + Fix user creation. (Closes: #1042456). Remove Samba NT4 doma
Bug#1041322: marked as done (ldap_start_tls(): Unable to start TLS: Operations error)
Your message dated Thu, 10 Aug 2023 16:08:02 + with message-id and subject line Bug#1041322: fixed in debian-edu-config 2.12.34 has caused the Debian Bug report #1041322, regarding ldap_start_tls(): Unable to start TLS: Operations error to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1041322: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1041322 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: gosa Version: 2.8~git20230203.10abe45+dfsg-4 Running gosa on DebianEdu server results in the following error message for every LDAP operation, yet it connects to the locally running LDAP server just fine: Jul 17 13:22:29 tjener.intern apache2[12310]: GOsa[server-admin]: (view) error : PHP error: Undefined property: LDAP::$cid (/usr/share/gosa/include/class_config.inc, line 358) Jul 17 13:22:29 tjener.intern apache2[12310]: GOsa[server-admin]: (view) error : PHP error: ldap_start_tls(): Unable to start TLS: Operations error (/usr/share/gosa/include/class_ldap.inc, line 236) -- Guido Berhoerster --- End Message --- --- Begin Message --- Source: debian-edu-config Source-Version: 2.12.34 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1041...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12.34) unstable; urgency=medium . [ Mike Gabriel ] * Start 2.12.34 development. * debian/debian-edu-config.lintian-overrides: + Update existing overrides (line numbers and such). + Drop missing-systemd-service-for-init.d-script overrides. Systemd service files are now provided. + Drop init.d-script-does-not-implement-status-option override for fetch-ldap-cert. Init script is now gone. * testsuite: Install to pkglibexecdir rather than libexecdir. Thanks lintian. * Makefile: Adjust white-spacing in variable declarations. * Makefile: Use $(NULL) variable at end of file lists. Allow for better git- patch readability. * Convert CRON configuration to systemd timers. * sbin/*-for-netgroup-hosts: Some noop + white-spacing beautifications. * Move d-e-c-*-for-netgroup-hosts scripts to pkglibexecdir. * debian/debian-edu-config.postinst: + Assure runlevel de-registering of init script fetch-ldap-cert. * debian/debian-edu-config.maintscript: + Assure removal of /etc/init.d/fetch-ldap-cert conffile. * debian/debian-edu-config.cron.*: + Only run scripts if they exist. Thanks piuparts. . [ Daniel Teichmann ] * etc/dhcp/dhcp-debian-edu.conf: + ldap-server. 'ldap' -> 'ldap.intern'. (Closes: #1039966). * share/debian-edu-config/tools/gosa-remove: + Fix kadmin.local, Use '-force' to disable interaction via stdin. . [ Guido Berhoerster ] * ldap-tools/ldap-createuser-krb5: + Fix user creation. (Closes: #1042456). Remove Samba NT4 domain support, add samba user using smbpasswd. Add root CA for new users (copied from gosa-create). + Fix new UID/GID selection. Exclude special users (UID/GID >= 1) when looking for the highest UID/GID. + Add CLI options for uid/gid/department. Also ensure script is run as root. + Add additional attributes based on template users. + Add support for additional groups. + Send welcome email in order to create maildir. Without this the maildir in /var/mail/ will not exist and Dovecot will refuse to let the user log in as it cannot create this directory. + Set LDAP password when creating users. This allows users to use GOsa² to change their password. * Add systemd services for configu
Bug#1042456: marked as done (/usr/bin/ldap-createuser-krb5 does not work)
Your message dated Thu, 10 Aug 2023 16:08:02 + with message-id and subject line Bug#1042456: fixed in debian-edu-config 2.12.34 has caused the Debian Bug report #1042456, regarding /usr/bin/ldap-createuser-krb5 does not work to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1042456: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042456 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: debian-edu-config Version: 2.12.33 Running ldap-createuser-krb5 in order to create a user as recommended in the documentation does not work and returns a LDAP error, e.g. $ /usr/bin/ldap-createuser-krb5 gber 'Guido Berhoerster,,,' error: unable to find sambaDomain LDAP object This is rather unfortunate since creating users via gosa is broken as well due to bug #1039699. -- Guido Berhoerster --- End Message --- --- Begin Message --- Source: debian-edu-config Source-Version: 2.12.34 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1042...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12.34) unstable; urgency=medium . [ Mike Gabriel ] * Start 2.12.34 development. * debian/debian-edu-config.lintian-overrides: + Update existing overrides (line numbers and such). + Drop missing-systemd-service-for-init.d-script overrides. Systemd service files are now provided. + Drop init.d-script-does-not-implement-status-option override for fetch-ldap-cert. Init script is now gone. * testsuite: Install to pkglibexecdir rather than libexecdir. Thanks lintian. * Makefile: Adjust white-spacing in variable declarations. * Makefile: Use $(NULL) variable at end of file lists. Allow for better git- patch readability. * Convert CRON configuration to systemd timers. * sbin/*-for-netgroup-hosts: Some noop + white-spacing beautifications. * Move d-e-c-*-for-netgroup-hosts scripts to pkglibexecdir. * debian/debian-edu-config.postinst: + Assure runlevel de-registering of init script fetch-ldap-cert. * debian/debian-edu-config.maintscript: + Assure removal of /etc/init.d/fetch-ldap-cert conffile. * debian/debian-edu-config.cron.*: + Only run scripts if they exist. Thanks piuparts. . [ Daniel Teichmann ] * etc/dhcp/dhcp-debian-edu.conf: + ldap-server. 'ldap' -> 'ldap.intern'. (Closes: #1039966). * share/debian-edu-config/tools/gosa-remove: + Fix kadmin.local, Use '-force' to disable interaction via stdin. . [ Guido Berhoerster ] * ldap-tools/ldap-createuser-krb5: + Fix user creation. (Closes: #1042456). Remove Samba NT4 domain support, add samba user using smbpasswd. Add root CA for new users (copied from gosa-create). + Fix new UID/GID selection. Exclude special users (UID/GID >= 1) when looking for the highest UID/GID. + Add CLI options for uid/gid/department. Also ensure script is run as root. + Add additional attributes based on template users. + Add support for additional groups. + Send welcome email in order to create maildir. Without this the maildir in /var/mail/ will not exist and Dovecot will refuse to let the user log in as it cannot create this directory. + Set LDAP password when creating users. This allows users to use GOsa² to change their password. * Add systemd services for configuring Chromium/Firefox from LDAP. Factor out logic from init script into separate script which are then called from both the init script and systemd services. * Add systemd service enabling NAT for thin clients.
Bug#1043397: marked as done (cups misconfigured, does not allow root access)
Your message dated Thu, 10 Aug 2023 16:08:02 + with message-id and subject line Bug#1043397: fixed in debian-edu-config 2.12.34 has caused the Debian Bug report #1043397, regarding cups misconfigured, does not allow root access to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1043397: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1043397 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: debian-edu-config Version: 2.12.33 The debian-edu-config additions to the cups configuration remove access by root via the SystemGroup setting, this e.g. disallows root to cancel all jobs and causes debian-edu-cups-queue-autoflush.service to fail. -- Guido Berhoerster --- End Message --- --- Begin Message --- Source: debian-edu-config Source-Version: 2.12.34 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1043...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12.34) unstable; urgency=medium . [ Mike Gabriel ] * Start 2.12.34 development. * debian/debian-edu-config.lintian-overrides: + Update existing overrides (line numbers and such). + Drop missing-systemd-service-for-init.d-script overrides. Systemd service files are now provided. + Drop init.d-script-does-not-implement-status-option override for fetch-ldap-cert. Init script is now gone. * testsuite: Install to pkglibexecdir rather than libexecdir. Thanks lintian. * Makefile: Adjust white-spacing in variable declarations. * Makefile: Use $(NULL) variable at end of file lists. Allow for better git- patch readability. * Convert CRON configuration to systemd timers. * sbin/*-for-netgroup-hosts: Some noop + white-spacing beautifications. * Move d-e-c-*-for-netgroup-hosts scripts to pkglibexecdir. * debian/debian-edu-config.postinst: + Assure runlevel de-registering of init script fetch-ldap-cert. * debian/debian-edu-config.maintscript: + Assure removal of /etc/init.d/fetch-ldap-cert conffile. * debian/debian-edu-config.cron.*: + Only run scripts if they exist. Thanks piuparts. . [ Daniel Teichmann ] * etc/dhcp/dhcp-debian-edu.conf: + ldap-server. 'ldap' -> 'ldap.intern'. (Closes: #1039966). * share/debian-edu-config/tools/gosa-remove: + Fix kadmin.local, Use '-force' to disable interaction via stdin. . [ Guido Berhoerster ] * ldap-tools/ldap-createuser-krb5: + Fix user creation. (Closes: #1042456). Remove Samba NT4 domain support, add samba user using smbpasswd. Add root CA for new users (copied from gosa-create). + Fix new UID/GID selection. Exclude special users (UID/GID >= 1) when looking for the highest UID/GID. + Add CLI options for uid/gid/department. Also ensure script is run as root. + Add additional attributes based on template users. + Add support for additional groups. + Send welcome email in order to create maildir. Without this the maildir in /var/mail/ will not exist and Dovecot will refuse to let the user log in as it cannot create this directory. + Set LDAP password when creating users. This allows users to use GOsa² to change their password. * Add systemd services for configuring Chromium/Firefox from LDAP. Factor out logic from init script into separate script which are then called from both the init script and systemd services. * Add systemd service enabling NAT for thin clients. * Add systemd service for fetching the RootCA file from the main server. * Drop init script for fetching LDAP SSL publi
debian-edu-config_2.12.34_source.changes ACCEPTED into unstable
Thank you for your contribution to Debian. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12.34) unstable; urgency=medium . [ Mike Gabriel ] * Start 2.12.34 development. * debian/debian-edu-config.lintian-overrides: + Update existing overrides (line numbers and such). + Drop missing-systemd-service-for-init.d-script overrides. Systemd service files are now provided. + Drop init.d-script-does-not-implement-status-option override for fetch-ldap-cert. Init script is now gone. * testsuite: Install to pkglibexecdir rather than libexecdir. Thanks lintian. * Makefile: Adjust white-spacing in variable declarations. * Makefile: Use $(NULL) variable at end of file lists. Allow for better git- patch readability. * Convert CRON configuration to systemd timers. * sbin/*-for-netgroup-hosts: Some noop + white-spacing beautifications. * Move d-e-c-*-for-netgroup-hosts scripts to pkglibexecdir. * debian/debian-edu-config.postinst: + Assure runlevel de-registering of init script fetch-ldap-cert. * debian/debian-edu-config.maintscript: + Assure removal of /etc/init.d/fetch-ldap-cert conffile. * debian/debian-edu-config.cron.*: + Only run scripts if they exist. Thanks piuparts. . [ Daniel Teichmann ] * etc/dhcp/dhcp-debian-edu.conf: + ldap-server. 'ldap' -> 'ldap.intern'. (Closes: #1039966). * share/debian-edu-config/tools/gosa-remove: + Fix kadmin.local, Use '-force' to disable interaction via stdin. . [ Guido Berhoerster ] * ldap-tools/ldap-createuser-krb5: + Fix user creation. (Closes: #1042456). Remove Samba NT4 domain support, add samba user using smbpasswd. Add root CA for new users (copied from gosa-create). + Fix new UID/GID selection. Exclude special users (UID/GID >= 1) when looking for the highest UID/GID. + Add CLI options for uid/gid/department. Also ensure script is run as root. + Add additional attributes based on template users. + Add support for additional groups. + Send welcome email in order to create maildir. Without this the maildir in /var/mail/ will not exist and Dovecot will refuse to let the user log in as it cannot create this directory. + Set LDAP password when creating users. This allows users to use GOsa² to change their password. * Add systemd services for configuring Chromium/Firefox from LDAP. Factor out logic from init script into separate script which are then called from both the init script and systemd services. * Add systemd service enabling NAT for thin clients. * Add systemd service for fetching the RootCA file from the main server. * Drop init script for fetching LDAP SSL public key from legacy main servers. This drops support for clients running behind a main server based on Debian Edu stretch. (Closes: #1030116). * Update debian/rules for init scripts and systemd services. (Closes: #1039166). * Generate a random password for the icinga/icingaweb databases. (Closes: #1040015). * update-dlw-krb5-keytabs: Handle missing/empty diskless-workstation-hosts. * Followup fixes for ntpsec transition. * Add systemd support to debian-edu-restart-services: This uses a list of service units which was compiled on a main server + ltsp installation. Uses stop and start to force restart reverse-dependencies. It also makes sure that drop in files are recognized. (Closes: #1042940). * Configure gosa not to use STARTTLS since TLS is already used. ldapTLS configures the use of STARTTLS, not TLS per se which is enabled by the use of ldaps: protocol in URLs. (Closes: #1041322). * Allow root access to cups via SystemGroups. 'root' access is allowed in the default configuration and e.g. necessary for services like debian-edu-cups-queue-autoflush.service to work. (Closes: #1043397). * cf3/promises.cf: fix typo and allow connections from localhost and network. Checksums-Sha1: 27d4c64e319df5b490ab1838148018072b5e7530 2017 debian-edu-config_2.12.34.dsc 14a8058548a537bde7a9df84424c4529d433415c 356584 debian-edu-config_2.12.34.tar.xz 5b1390db22ca008e7896321a95f135d1441b3ff0 6733 debian-edu-config_2.12.34_source.buildinfo Checksums-Sha256: 6cc4c747f85c222aff4c721d3cc9d2046c70fe7ffcad4727aad09e527049888a 2017 debian-edu-config_2.12.34.dsc b8c6765a1735bd81e045c0214443d67035066c40b3e5971474eef17dd47c327f 356584 debian-edu-config_2.12.34.tar.xz 3f540373d71cfa1a01b1539a26e3ef997a3a50602195f2b5c8b8c60b1ebf652b 6733 debian-edu-config_2.12.34_source.buildinfo Files: 463eb95f9f0f
Processing of sitesummary_0.1.53_source.changes
sitesummary_0.1.53_source.changes uploaded successfully to localhost along with the files: sitesummary_0.1.53.dsc sitesummary_0.1.53.tar.xz sitesummary_0.1.53_source.buildinfo Greetings, Your Debian queue daemon (running on host usper.debian.org)
Bug#1039166: marked as done (debian-edu-config: ships sysv-init script without systemd unit)
Your message dated Thu, 10 Aug 2023 16:08:02 + with message-id and subject line Bug#1039166: fixed in debian-edu-config 2.12.34 has caused the Debian Bug report #1039166, regarding debian-edu-config: ships sysv-init script without systemd unit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1039166: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039166 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: debian-edu-config Severity: important User: bl...@debian.org Usertags: missing-systemd-service Dear Maintainer(s), debian-edu-config has been flagged by Lintian as shipping a sysv-init script without a corresponding systemd unit file. The default init system in Debian is systemd, and so far this worked because a transitional sysv-init-to-unit generator was shipped by systemd. This is in the process of being deprecated and will be removed by the time Trixie ships, so the remaining packages that ship init scripts without systemd units will stop working. There are various advantages to using native units, for example the legacy generator cannot tell the different between a oneshot service and a long running daemon. Also, sanboxing and security features become available for services. For more information, consult the systemd documentation: https://www.freedesktop.org/software/systemd/man/systemd.unit.html You can find the Lintian warning here: https://lintian.debian.org/sources/debian-edu-config In case this is a false positive, please add a Lintian override to silence it and then close this bug. Thanks! --- End Message --- --- Begin Message --- Source: debian-edu-config Source-Version: 2.12.34 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1039...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12.34) unstable; urgency=medium . [ Mike Gabriel ] * Start 2.12.34 development. * debian/debian-edu-config.lintian-overrides: + Update existing overrides (line numbers and such). + Drop missing-systemd-service-for-init.d-script overrides. Systemd service files are now provided. + Drop init.d-script-does-not-implement-status-option override for fetch-ldap-cert. Init script is now gone. * testsuite: Install to pkglibexecdir rather than libexecdir. Thanks lintian. * Makefile: Adjust white-spacing in variable declarations. * Makefile: Use $(NULL) variable at end of file lists. Allow for better git- patch readability. * Convert CRON configuration to systemd timers. * sbin/*-for-netgroup-hosts: Some noop + white-spacing beautifications. * Move d-e-c-*-for-netgroup-hosts scripts to pkglibexecdir. * debian/debian-edu-config.postinst: + Assure runlevel de-registering of init script fetch-ldap-cert. * debian/debian-edu-config.maintscript: + Assure removal of /etc/init.d/fetch-ldap-cert conffile. * debian/debian-edu-config.cron.*: + Only run scripts if they exist. Thanks piuparts. . [ Daniel Teichmann ] * etc/dhcp/dhcp-debian-edu.conf: + ldap-server. 'ldap' -> 'ldap.intern'. (Closes: #1039966). * share/debian-edu-config/tools/gosa-remove: + Fix kadmin.local, Use '-force' to disable interaction via stdin. . [ Guido Berhoerster ] * ldap-tools/ldap-createuser-krb5: + Fix user creation. (Closes: #1042456). Remove Samba NT4 domain support, add samba user using smbpasswd. Add root CA for new users (copied from gosa-create). + Fix new UID/GID selection. Exclude special users (UID/GID >= 1) when looking for the highest UID/GID. + Add CLI optio
Bug#1042940: marked as done (/usr/sbin/debian-edu-restart-services needs systemd support)
Your message dated Thu, 10 Aug 2023 16:08:02 + with message-id and subject line Bug#1042940: fixed in debian-edu-config 2.12.34 has caused the Debian Bug report #1042940, regarding /usr/sbin/debian-edu-restart-services needs systemd support to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1042940: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1042940 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: debian-edu-config Version: 2.12.33 debian-edu-restart-services is based around sysvinit, directly looks into /etc/rc*.d/ and tries to kill services which haven't been stopped successfully by itself. On systemd-based systems it should use systemd facilities instead. -- Guido Berhoerster --- End Message --- --- Begin Message --- Source: debian-edu-config Source-Version: 2.12.34 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of debian-edu-config, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1042...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated debian-edu-config package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 16:47:59 +0200 Source: debian-edu-config Architecture: source Version: 2.12.34 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 1030116 1039166 1039966 1040015 1041322 1042456 1042940 1043397 Changes: debian-edu-config (2.12.34) unstable; urgency=medium . [ Mike Gabriel ] * Start 2.12.34 development. * debian/debian-edu-config.lintian-overrides: + Update existing overrides (line numbers and such). + Drop missing-systemd-service-for-init.d-script overrides. Systemd service files are now provided. + Drop init.d-script-does-not-implement-status-option override for fetch-ldap-cert. Init script is now gone. * testsuite: Install to pkglibexecdir rather than libexecdir. Thanks lintian. * Makefile: Adjust white-spacing in variable declarations. * Makefile: Use $(NULL) variable at end of file lists. Allow for better git- patch readability. * Convert CRON configuration to systemd timers. * sbin/*-for-netgroup-hosts: Some noop + white-spacing beautifications. * Move d-e-c-*-for-netgroup-hosts scripts to pkglibexecdir. * debian/debian-edu-config.postinst: + Assure runlevel de-registering of init script fetch-ldap-cert. * debian/debian-edu-config.maintscript: + Assure removal of /etc/init.d/fetch-ldap-cert conffile. * debian/debian-edu-config.cron.*: + Only run scripts if they exist. Thanks piuparts. . [ Daniel Teichmann ] * etc/dhcp/dhcp-debian-edu.conf: + ldap-server. 'ldap' -> 'ldap.intern'. (Closes: #1039966). * share/debian-edu-config/tools/gosa-remove: + Fix kadmin.local, Use '-force' to disable interaction via stdin. . [ Guido Berhoerster ] * ldap-tools/ldap-createuser-krb5: + Fix user creation. (Closes: #1042456). Remove Samba NT4 domain support, add samba user using smbpasswd. Add root CA for new users (copied from gosa-create). + Fix new UID/GID selection. Exclude special users (UID/GID >= 1) when looking for the highest UID/GID. + Add CLI options for uid/gid/department. Also ensure script is run as root. + Add additional attributes based on template users. + Add support for additional groups. + Send welcome email in order to create maildir. Without this the maildir in /var/mail/ will not exist and Dovecot will refuse to let the user log in as it cannot create this directory. + Set LDAP password when creating users. This allows users to use GOsa² to change their password. * Add systemd services for configuring Chromium/Firefox from LDAP. Factor out logic from init script into separate script which are then called from both the init script and systemd services. * Add systemd service enabling NAT for thin clients. * Add systemd service for fetching the RootCA file from the main server. * Drop init scr
Bug#762652: marked as done (sitesummary: Rewrite to place munin config in /etc/munin/munin-conf.d/)
Your message dated Thu, 10 Aug 2023 18:21:24 + with message-id and subject line Bug#762652: fixed in sitesummary 0.1.53 has caused the Debian Bug report #762652, regarding sitesummary: Rewrite to place munin config in /etc/munin/munin-conf.d/ to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 762652: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=762652 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sitesummary Version: 0.1.17 Upgrades would be easier if the munin autoconfiguration done by sitesummary would place the list of nodes to check in /etc/munin/munin-conf.d/ instead of replacing /etc/munin/munin.conf -- Happy hacking Petter Reinholdtsen --- End Message --- --- Begin Message --- Source: sitesummary Source-Version: 0.1.53 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of sitesummary, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 762...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated sitesummary package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 18:00:37 +0200 Source: sitesummary Architecture: source Version: 0.1.53 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 762652 1039369 Changes: sitesummary (0.1.53) unstable; urgency=medium . [ Dominik George ] * Remove myself from Uploaders. . [ Guido Berhoerster ] * Place munin configuration in include file. (Closes: #762652). * Add systemd timer unit for sitesummary-client. (Closes: #1039369). * Add systemd timer for sitesummary maintenance. . [ Debian Janitor ] * Apply multi-arch hints. + libsitesummary-perl: Add Multi-Arch: foreign. Checksums-Sha1: 46b5aba52078e9dd8335810c5ae527e61a2509a7 1980 sitesummary_0.1.53.dsc 2070ffef1190888d0f7618222e23a0e8740446a9 67260 sitesummary_0.1.53.tar.xz 18d20c233c802e684885a303d72f0328d9c14cb2 6705 sitesummary_0.1.53_source.buildinfo Checksums-Sha256: c01015a2535a98f0608e3190a589b66c5e92580d960355937628899d07fa738f 1980 sitesummary_0.1.53.dsc 99430c6a986fb60b4ffc0511dff313cf41e7645feb569954cdb909dc2f2e3576 67260 sitesummary_0.1.53.tar.xz 6f9fa8335089f51d0cc793e1d31d639746f136927a83aa94006d564ebb9946b5 6705 sitesummary_0.1.53_source.buildinfo Files: 89cad697488b911e97cfb59e7d1ac516 1980 misc optional sitesummary_0.1.53.dsc be3b8dba4b0a2683a28511932b63073f 67260 misc optional sitesummary_0.1.53.tar.xz 9b09d0f3f89fd30aebc25d5cd310a6dc 6705 misc optional sitesummary_0.1.53_source.buildinfo -BEGIN PGP SIGNATURE- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmTVCekVHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxpOIP/0yFCbqxtnHAjvmuWdqdJWGeJssE melEEs26l2dAZXfn+NZJeKmW7wwNsyZKPwjURv27YElD//dLo6U1/LL+Lm2FlVJM KTEP3WSkyBy4sJgTQd10aUPlY0UOvGi5XaUV2uDPrv3QOlW5NgESU5Wxsd4DS4S3 ySArPqCdlE3B5s1qiLV/sCVbNBjEJH+7LB03sPoRuBnS6tFRjpg6WROg6KTH3GLp R+ni2JZVMS5or1lg5LmRKCYVbucBic+QATbyWjKhpWycvq4TQaLmvsUr5l/mBM0k s20NBxj2e9WszF4vzCs49hZD+9ISyiL1ytywNH+wUr/lYo0rEkjKht2u17Lsrgd4 LdVJzwsZSGhkCwsa1xGdA5NAdrUUx4AfiWJLQqZ9wzrMvqZmAHPV/BT+OlDn5/00 7PafiXgZmOLmV1sBirBsaNAEEpRcoQoLa6sTNZLAldG2/K5OqwOQA7FDvMIlAxQQ bmQQEDhRrvwJofz7OjuR/CM5lsCkpr7Mp/G/AgF/6Xy0vnjau0rPkMYYn2VenP5/ HrwyPH1YZPu2GFdpf89rR7rDqUHu+HUiXB45NehyitvwkH+irEYjphmxfxZ7itqm 8on5oK6cocN7X8RjBZs0hQku+9e7IYVfJTWzLf9TRoCFQqyr+61c7OJ8Ls2vFEkE eIVh+uEUQhxfNyuV =t0zr -END PGP SIGNATURE End Message ---
sitesummary_0.1.53_source.changes ACCEPTED into unstable
Thank you for your contribution to Debian. Accepted: -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 18:00:37 +0200 Source: sitesummary Architecture: source Version: 0.1.53 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 762652 1039369 Changes: sitesummary (0.1.53) unstable; urgency=medium . [ Dominik George ] * Remove myself from Uploaders. . [ Guido Berhoerster ] * Place munin configuration in include file. (Closes: #762652). * Add systemd timer unit for sitesummary-client. (Closes: #1039369). * Add systemd timer for sitesummary maintenance. . [ Debian Janitor ] * Apply multi-arch hints. + libsitesummary-perl: Add Multi-Arch: foreign. Checksums-Sha1: 46b5aba52078e9dd8335810c5ae527e61a2509a7 1980 sitesummary_0.1.53.dsc 2070ffef1190888d0f7618222e23a0e8740446a9 67260 sitesummary_0.1.53.tar.xz 18d20c233c802e684885a303d72f0328d9c14cb2 6705 sitesummary_0.1.53_source.buildinfo Checksums-Sha256: c01015a2535a98f0608e3190a589b66c5e92580d960355937628899d07fa738f 1980 sitesummary_0.1.53.dsc 99430c6a986fb60b4ffc0511dff313cf41e7645feb569954cdb909dc2f2e3576 67260 sitesummary_0.1.53.tar.xz 6f9fa8335089f51d0cc793e1d31d639746f136927a83aa94006d564ebb9946b5 6705 sitesummary_0.1.53_source.buildinfo Files: 89cad697488b911e97cfb59e7d1ac516 1980 misc optional sitesummary_0.1.53.dsc be3b8dba4b0a2683a28511932b63073f 67260 misc optional sitesummary_0.1.53.tar.xz 9b09d0f3f89fd30aebc25d5cd310a6dc 6705 misc optional sitesummary_0.1.53_source.buildinfo -BEGIN PGP SIGNATURE- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmTVCekVHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxpOIP/0yFCbqxtnHAjvmuWdqdJWGeJssE melEEs26l2dAZXfn+NZJeKmW7wwNsyZKPwjURv27YElD//dLo6U1/LL+Lm2FlVJM KTEP3WSkyBy4sJgTQd10aUPlY0UOvGi5XaUV2uDPrv3QOlW5NgESU5Wxsd4DS4S3 ySArPqCdlE3B5s1qiLV/sCVbNBjEJH+7LB03sPoRuBnS6tFRjpg6WROg6KTH3GLp R+ni2JZVMS5or1lg5LmRKCYVbucBic+QATbyWjKhpWycvq4TQaLmvsUr5l/mBM0k s20NBxj2e9WszF4vzCs49hZD+9ISyiL1ytywNH+wUr/lYo0rEkjKht2u17Lsrgd4 LdVJzwsZSGhkCwsa1xGdA5NAdrUUx4AfiWJLQqZ9wzrMvqZmAHPV/BT+OlDn5/00 7PafiXgZmOLmV1sBirBsaNAEEpRcoQoLa6sTNZLAldG2/K5OqwOQA7FDvMIlAxQQ bmQQEDhRrvwJofz7OjuR/CM5lsCkpr7Mp/G/AgF/6Xy0vnjau0rPkMYYn2VenP5/ HrwyPH1YZPu2GFdpf89rR7rDqUHu+HUiXB45NehyitvwkH+irEYjphmxfxZ7itqm 8on5oK6cocN7X8RjBZs0hQku+9e7IYVfJTWzLf9TRoCFQqyr+61c7OJ8Ls2vFEkE eIVh+uEUQhxfNyuV =t0zr -END PGP SIGNATURE-
Bug#1039369: marked as done (sitesummary: ships sysv-init script without systemd unit)
Your message dated Thu, 10 Aug 2023 18:21:24 + with message-id and subject line Bug#1039369: fixed in sitesummary 0.1.53 has caused the Debian Bug report #1039369, regarding sitesummary: ships sysv-init script without systemd unit to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 1039369: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1039369 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems --- Begin Message --- Package: sitesummary Severity: important User: bl...@debian.org Usertags: missing-systemd-service Dear Maintainer(s), sitesummary has been flagged by Lintian as shipping a sysv-init script without a corresponding systemd unit file. The default init system in Debian is systemd, and so far this worked because a transitional sysv-init-to-unit generator was shipped by systemd. This is in the process of being deprecated and will be removed by the time Trixie ships, so the remaining packages that ship init scripts without systemd units will stop working. There are various advantages to using native units, for example the legacy generator cannot tell the different between a oneshot service and a long running daemon. Also, sanboxing and security features become available for services. For more information, consult the systemd documentation: https://www.freedesktop.org/software/systemd/man/systemd.unit.html You can find the Lintian warning here: https://lintian.debian.org/sources/sitesummary In case this is a false positive, please add a Lintian override to silence it and then close this bug. Thanks! --- End Message --- --- Begin Message --- Source: sitesummary Source-Version: 0.1.53 Done: Mike Gabriel We believe that the bug you reported is fixed in the latest version of sitesummary, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 1039...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Mike Gabriel (supplier of updated sitesummary package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Format: 1.8 Date: Thu, 10 Aug 2023 18:00:37 +0200 Source: sitesummary Architecture: source Version: 0.1.53 Distribution: unstable Urgency: medium Maintainer: Debian Edu Developers Changed-By: Mike Gabriel Closes: 762652 1039369 Changes: sitesummary (0.1.53) unstable; urgency=medium . [ Dominik George ] * Remove myself from Uploaders. . [ Guido Berhoerster ] * Place munin configuration in include file. (Closes: #762652). * Add systemd timer unit for sitesummary-client. (Closes: #1039369). * Add systemd timer for sitesummary maintenance. . [ Debian Janitor ] * Apply multi-arch hints. + libsitesummary-perl: Add Multi-Arch: foreign. Checksums-Sha1: 46b5aba52078e9dd8335810c5ae527e61a2509a7 1980 sitesummary_0.1.53.dsc 2070ffef1190888d0f7618222e23a0e8740446a9 67260 sitesummary_0.1.53.tar.xz 18d20c233c802e684885a303d72f0328d9c14cb2 6705 sitesummary_0.1.53_source.buildinfo Checksums-Sha256: c01015a2535a98f0608e3190a589b66c5e92580d960355937628899d07fa738f 1980 sitesummary_0.1.53.dsc 99430c6a986fb60b4ffc0511dff313cf41e7645feb569954cdb909dc2f2e3576 67260 sitesummary_0.1.53.tar.xz 6f9fa8335089f51d0cc793e1d31d639746f136927a83aa94006d564ebb9946b5 6705 sitesummary_0.1.53_source.buildinfo Files: 89cad697488b911e97cfb59e7d1ac516 1980 misc optional sitesummary_0.1.53.dsc be3b8dba4b0a2683a28511932b63073f 67260 misc optional sitesummary_0.1.53.tar.xz 9b09d0f3f89fd30aebc25d5cd310a6dc 6705 misc optional sitesummary_0.1.53_source.buildinfo -BEGIN PGP SIGNATURE- iQJJBAEBCAAzFiEEm/uu6GwKpf+/IgeCmvRrMCV3GzEFAmTVCekVHHN1bndlYXZl ckBkZWJpYW4ub3JnAAoJEJr0azAldxsxpOIP/0yFCbqxtnHAjvmuWdqdJWGeJssE melEEs26l2dAZXfn+NZJeKmW7wwNsyZKPwjURv27YElD//dLo6U1/LL+Lm2FlVJM KTEP3WSkyBy4sJgTQd10aUPlY0UOvGi5XaUV2uDPrv3QOlW5NgESU5Wxsd4DS4S3 ySArPqCdlE3B5s1qiLV/sCVbNBjEJH+7LB03sPoRuBnS6tFRjpg6WROg6KTH3GLp R+ni2JZVMS5or1lg5LmRKCYVbucBic+QATbyWjKhpWycvq4TQaLmvsUr5l/mBM0k s20NBxj2e9WszF4vzCs49hZD+9ISyiL1ytywNH+wUr/lYo0rEkjKht2u17Lsrgd4 LdVJzwsZSGhkCwsa1xGdA5NAdrUUx4AfiWJLQqZ9wzrMvqZmAHPV/BT+OlDn5/00 7PafiXgZmOLmV1sBirBsaNAEEpRcoQoLa6sTNZLAldG2/K5OqwOQA7FDvMIlAxQQ bmQQEDhRrvwJofz7OjuR/CM5lsCkpr7Mp/G/AgF/6Xy0vnjau0rPkMYYn2VenP5/ HrwyPH1YZPu2GF
