Custom Query (1145 matches)
Results (343 - 345 of 1145)
Ticket | Resolution | Summary | Owner | Reporter |
---|---|---|---|---|
#1276 | fixed | debathena-metrics is broken (again) | jweiss | |
Description |
based on the stats, almost all machines stopped logging between 8/12 and 8/19 2012. We're still receiving logs from one machine that is running debathena-metrics 1.5.1~ubuntu11.04. (note 11.04, not 12.04, tho I don't know if that is actually relevant). |
|||
#820 | fixed | debathena-metrics should only accept messages from the kernel | nelhage | |
Description |
Since auditing for this seems to be my thing lately.... Any process can send a netlink message to any other userspace netlink socket on the system, so users can fake arbitrary proc-connector events. You need to verify the sender was actually the kernel by checking the pid on the received address. You probably don't really care for debathena-metrics, but the connector code is written to be generic, so we might as well fix it lest someone else grab it for another purpose. diff --git a/debathena/metrics/connector.pyx b/debathena/metrics/connector.pyx index 5900556..1f0c44d 100644 --- a/debathena/metrics/connector.pyx +++ b/debathena/metrics/connector.pyx @@ -270,14 +270,16 @@ cdef class Connector: cdef proc_event *ev cdef object ret - from_addr.nl_family = AF_NETLINK - from_addr.nl_groups = CN_IDX_PROC - from_addr.nl_pid = 1 s = sizeof(from_addr) - if recvfrom(self.sock, buf, sizeof(buf), 0, - <sockaddr *>&from_addr, &s) == -1: - raise IOError(errno, strerror(errno)) + while True: + if recvfrom(self.sock, buf, sizeof(buf), 0, + <sockaddr *>&from_addr, &s) == -1: + raise IOError(errno, strerror(errno)) + + if from_addr.nl_pid != 0: + # Ignore messages that don't come from the kernel + continue |
|||
#385 | fixed | debathena-misc-glue has undeclared conflict with acroread | geofft | |
Description |
The debathena-misc-glue package installs a /usr/bin/acroread attachandrun script, which conflicts with installing Acrobat from the Ubuntu partner repository: Selecting previously deselected package acroread. (Reading database ... 400376 files and directories currently installed.) Unpacking acroread (from .../acroread_9.1.3-1jaunty1_i386.deb) ... dpkg: error processing /var/cache/apt/archives/acroread_9.1.3-1jaunty1_i386.deb (--unpack): trying to overwrite `/usr/bin/acroread', which is also in package debathena-misc-glue Importantly, debathena-misc-glue does not declare a conflict with the acroread package. This would be an RC bug if this were Debian/Ubuntu?... However, even with the declared conflict, the package is a hard dependency of debathena-login-graphical, so we need to do something more:
Thoughts? See also 1019855, which could be solved with a local install of 64-bit acroread... but more generally, on systems with Debathena installed that don't have reliable AFS, we shouldn't prevent installing a local acroread. |