First Last Prev Next    No search results available      Search page      Enter new bug
Bug#: 111373
Alias:
Product:
Component:
Status: RESOLVED
Resolution: FIXED
Assigned To: Netmon Herd <netmon@gentoo.org>
Hardware:
OS:
Version:
Priority:
Severity:
Reporter: Wolfram Schlich <wschlich@gentoo.org>
Add CC:
CC:
URL:
Summary:
Status Whiteboard:
Keywords:

Filename Description Type Creator Created Size Actions
Create a New Attachment (proposed patch, testcase, etc.) View All

Bug 111373 depends on: Show dependency tree
Bug 111373 blocks:
Votes: 0    Show votes for this bug    Vote for this bug

Additional Comments: (this is where you put emerge --info)


Not eligible to see or edit group visibility for this bug.






View Bug Activity   |   Format For Printing   |   XML   |   Clone This Bug

Description:   Opened: 2005-11-03 10:11 0000 
arpwatch gets patched with arpwatch-2.1.11-r1.diff.gz
this patch adds the -u option to the manpage but not to
the program itself. as I'd like to be able to actually
use that option for security reasons (it would make
arpwatch drop root privs), can we please have the
functionality added?
also it would make sense to add a special user and group
to the system, both named arpwatch and have -u enabled
by default in the /etc/init.d/arpwatch or at least
/etc/conf.d/arpwatch. /var/arpwatch/ will then have to be
owned by that user/group combination as well.

------- Comment #1 From Benjamin Smee (strerror) (RETIRED) 2005-11-03 12:21:41 0000 ------- 
I just had a look at this bug. After reading the patch there is nothing in
there
that would create the drop privs so its not a question of the patch
misapplying,
rather there needs be a different patch with that functionality. I had a quick
look over at packages.debian.org and couldn't see it there so unless you can
point me to the patch that gives this functionality i'm tempted to remove the
changes to the man page and close this bug (perhaps after changing the ebuild a
little to be a bit more compliant in its file placement, ie to
/var/lib/arpwatch).

------- Comment #2 From Wolfram Schlich 2005-11-03 14:57:25 0000 ------- 
The RedHat SRPM contains that patch, along with others:
http://ftp.redhat.com/pub/redhat/linux/enterprise/4/en/os/i386/SRPMS/tcpdump-3.8.2-7.src.rpm
Can we please merge it?

------- Comment #3 From Wolfram Schlich 2005-11-10 02:00:25 0000 ------- 
Any news here?

------- Comment #4 From Wolfram Schlich 2005-11-26 07:06:25 0000 ------- 
*push*

Any reason no to merge the forementioned patch?!

------- Comment #5 From Benjamin Smee (strerror) (RETIRED) 2005-11-26 10:42:15 0000 ------- 
The reason was that all the patches we had and the one you gave me conflicted.
Anyway given that I was in a nice mood I rewrote the relevant ones and made a
new patchfile. I have rewritten the ebuild and revbumped it while I was at it.
Check out cvs and let me know how it is.

------- Comment #6 From Sune Kloppenborg Jeppesen 2005-12-06 16:03:40 0000 ------- 
It missses the pkg_setup so a new user is new user created.

------- Comment #7 From Wolfram Schlich 2005-12-06 16:39:44 0000 ------- 
--8<--
pkg_postinst() {
        einfo "If you want arpwatch to at boot then type:"
        ewarn "      rc-update add arpwatch default"
}
--8<--
it should say "to START at boot"...

------- Comment #8 From Benjamin Smee (strerror) (RETIRED) 2005-12-07 06:55:04 0000 ------- 
Fixed the typo in init script. Rewrote the part that was causing problems with
the previous version of arpwatch. I would like to do something about the current
"stable" version as well as it does not work in its current form, but i'll open
another bug about that. Thanks input.
First Last Prev Next    No search results available      Search page      Enter new bug