Solar Designer | 9 Nov 19:38 2003

Owl-current 2003/11/03 ISO image / CDs available; pam_passwdqc 0.7.5

Hi,

As Openwall GNU/*/Linux (Owl) is approaching a new release, I have
started generating ISO images of the current branch snapshots.  The
latest snapshot dated 2003/11/03 is also available with the CD orders
you may place off the web page:

	http://www.openwall.com/Owl/orders.shtml

Alternatively, it may be downloaded from /pub/Owl/current/iso/ on the
FTP mirrors listed at:

	http://www.openwall.com/Owl/DOWNLOAD.shtml

This is the first Owl ISO image / CD to officially use Linux 2.4.x
kernels (2.4.22-ow1 currently).  Linux 2.2.x remains supported too.

On another topic, there's a new version of pam_passwdqc, the password
strength checking PAM module.  pam_passwdqc 0.7.5 will now assume
invocation by root only if both the UID is 0 and the PAM service name
is "passwd"; this should fix changing expired passwords on Solaris
and HP-UX and make "enforce=users" safe.  The proper English
explanations of requirements for strong passwords will now be
generated for a wider variety of possible settings.  pam_passwdqc is
available at:

	http://www.openwall.com/passwdqc/

Of course, this new version of pam_passwdqc is also a part of the
Owl-current snapshot above.
(Continue reading)

Maciek Pasternacki | 26 Nov 16:47 2003

Bug in Postfix remove script

I use Owl with qmail as MTA, so I don't need Postfix on my system;
when I try to uninstall Postfix, rpm script quits with an error
message:

rmdir: `/var/spool/postfix/[^m]*': No such file or directory

When I create any subdirectory under /var/spool/postfix not starting
with `m', everything works fine, but IMHO this is a bug in Postfix'
preun script.  Following patch (made against current CVS version of
the native tree) should fix the problem:

#v+
diff -u -r1.19 postfix.spec
--- packages/postfix/postfix.spec	30 Oct 2003 21:15:47 -0000	1.19
+++ packages/postfix/postfix.spec	26 Nov 2003 15:45:32 -0000
 <at>  <at>  -183,7 +183,7  <at>  <at> 
 	rm -f /etc/postfix/aliases.db
 	find /var/spool/postfix \( -type p -o -type s \) -delete
 	rm -f /var/spool/postfix/{pid,etc,lib}/*
-	rmdir /var/spool/postfix/[^m]*
+	rmdir /var/spool/postfix/[^m]* || true
 fi

 %files -f filelist
#v-

--

-- 
__    Maciek Pasternacki <maciekp <at> japhy.fnord.org> [ http://japhy.fnord.org/ ]
`| _   |_\  / { ...you claimed all this time that you would die for me,
,|{-}|}| }\/ why then are you so surprised when you hear your own eulogy... }
(Continue reading)

Andreas Ericsson | 26 Nov 17:44 2003
Picon

Re: Bug in Postfix remove script

> rmdir: `/var/spool/postfix/[^m]*': No such file or directory
>
> When I create any subdirectory under /var/spool/postfix not starting
> with `m', everything works fine, but IMHO this is a bug in Postfix'
> preun script.  Following patch (made against current CVS version of
> the native tree) should fix the problem:
>

> #v+
> diff -u -r1.19 postfix.spec
> --- packages/postfix/postfix.spec	30 Oct 2003 21:15:47 -0000	1.19
> +++ packages/postfix/postfix.spec	26 Nov 2003 15:45:32 -0000
>  <at>  <at>  -183,7 +183,7  <at>  <at> 
>  	rm -f /etc/postfix/aliases.db
>  	find /var/spool/postfix \( -type p -o -type s \) -delete
>  	rm -f /var/spool/postfix/{pid,etc,lib}/*
> -	rmdir /var/spool/postfix/[^m]*
> +	rmdir /var/spool/postfix/[^m]* || true
> fi
>
> %files -f filelist
> #v-

This will cause rpm to happily move on no matter what the error, which
isn't the intended behaviour.
'find' will fail on access violations only, which will work properly in
case rpm administration has been delegated (to wheel, for instance).
The neater fix follows.

#v+
(Continue reading)

Solar Designer | 26 Nov 18:54 2003

Re: Bug in Postfix remove script

On Wed, Nov 26, 2003 at 04:47:16PM +0100, Maciek Pasternacki wrote:
> I use Owl with qmail as MTA, so I don't need Postfix on my system;
> when I try to uninstall Postfix, rpm script quits with an error
> message:
> 
> rmdir: `/var/spool/postfix/[^m]*': No such file or directory
> 
> When I create any subdirectory under /var/spool/postfix not starting
> with `m', everything works fine, but IMHO this is a bug in Postfix'
> preun script.

Thank you for reporting this.  However, I cannot reproduce it here.

Those directories are normally created by the invocation of
"/usr/sbin/postfix check" from the %post script.  This means that if
you've installed Postfix cleanly and didn't mess with the install, it
will also uninstall cleanly.  It does here.

--

-- 
Alexander Peslyak <solar <at> openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Solar Designer | 26 Nov 18:59 2003

Re: Bug in Postfix remove script

On Wed, Nov 26, 2003 at 05:44:15PM +0100, Andreas Ericsson wrote:
> > -	rmdir /var/spool/postfix/[^m]*
> > +	rmdir /var/spool/postfix/[^m]* || true

> This will cause rpm to happily move on no matter what the error, which
> isn't the intended behaviour.

Actually it is.

The purpose of this rmdir is to remove directories which are empty,
but leave around those which aren't such that you don't lose your
queued e-mail messages just because you happened to (temporarily?)
uninstall Postfix.

If you install Postfix but don't use it and just uninstall, then
everything gets removed cleanly.

> -	rmdir /var/spool/postfix/[^m]*
> +	find /var/spool/postfix \( -type d -name "[^m]*" \) -delete

This is very different: find is recursive.  A similar effect to the
rmdir may be achieved with find -maxdepth 1, but I don't see the need.

--

-- 
Alexander Peslyak <solar <at> openwall.com>
GPG key ID: B35D3598  fp: 6429 0D7E F130 C13E C929  6447 73C3 A290 B35D 3598
http://www.openwall.com - bringing security into open computing environments

Andreas Ericsson | 26 Nov 19:27 2003
Picon

Re: Bug in Postfix remove script

> On Wed, Nov 26, 2003 at 05:44:15PM +0100, Andreas Ericsson wrote:
> > > -	rmdir /var/spool/postfix/[^m]*
> > > +	rmdir /var/spool/postfix/[^m]* || true
>
> > This will cause rpm to happily move on no matter what the error, which
> > isn't the intended behaviour.
>
> Actually it is.
>
Then what's the point of having rpm break on errors?

> The purpose of this rmdir is to remove directories which are empty,
> but leave around those which aren't such that you don't lose your
> queued e-mail messages just because you happened to (temporarily?)
> uninstall Postfix.
>
And with the fix, everything but the 'maildrop' directory and
any directory the user hasn't got access to will be removed.
Isn't that the general idea? (I'm trying to learn something here)

> If you install Postfix but don't use it and just uninstall, then
> everything gets removed cleanly.
>
With exception of the rare times when installation halts before or
during %post due to some error or the user pressing Ctrl-C because
they don't want postfix.

/Andreas

--
(Continue reading)

Solar Designer | 26 Nov 19:38 2003

Re: Bug in Postfix remove script

On Wed, Nov 26, 2003 at 07:27:21PM +0100, Andreas Ericsson wrote:
> > On Wed, Nov 26, 2003 at 05:44:15PM +0100, Andreas Ericsson wrote:
> > > > -	rmdir /var/spool/postfix/[^m]*
> > > > +	rmdir /var/spool/postfix/[^m]* || true
> >
> > > This will cause rpm to happily move on no matter what the error, which
> > > isn't the intended behaviour.
> >
> > Actually it is.
> 
> Then what's the point of having rpm break on errors?

It depends.  In %prep, %build, and %install scripts, we don't want a
broken package to get built.  In %pre, we don't want to install a
package if we can't do the preparations.  However, when it comes to
%post, %preun, and especially %postun, we most often want to continue
on errors (this does not imply we ignore them: we may choose to act
differently or at least to let an error message get displayed).

> > The purpose of this rmdir is to remove directories which are empty,
> > but leave around those which aren't such that you don't lose your
> > queued e-mail messages just because you happened to (temporarily?)
> > uninstall Postfix.
> 
> And with the fix,

I'm not sure which fix you're referring to here.

> everything but the 'maildrop' directory

(Continue reading)

Andreas Ericsson | 26 Nov 19:51 2003
Picon

Re: Bug in Postfix remove script

Ah. I see things clearar now. ;)

/Andreas (too tired, too hungry, and still at work)

On Wed, 26 Nov 2003, Solar Designer wrote:

> On Wed, Nov 26, 2003 at 07:27:21PM +0100, Andreas Ericsson wrote:
> > > On Wed, Nov 26, 2003 at 05:44:15PM +0100, Andreas Ericsson wrote:
> > > > > -	rmdir /var/spool/postfix/[^m]*
> > > > > +	rmdir /var/spool/postfix/[^m]* || true
> > >
> > > > This will cause rpm to happily move on no matter what the error, which
> > > > isn't the intended behaviour.
> > >
> > > Actually it is.
> >
> > Then what's the point of having rpm break on errors?
>
> It depends.  In %prep, %build, and %install scripts, we don't want a
> broken package to get built.  In %pre, we don't want to install a
> package if we can't do the preparations.  However, when it comes to
> %post, %preun, and especially %postun, we most often want to continue
> on errors (this does not imply we ignore them: we may choose to act
> differently or at least to let an error message get displayed).
>
> > > The purpose of this rmdir is to remove directories which are empty,
> > > but leave around those which aren't such that you don't lose your
> > > queued e-mail messages just because you happened to (temporarily?)
> > > uninstall Postfix.
> >
(Continue reading)


Gmane