Debian Bug report logs - #604053
nsca: starts as daemon although disabled in debconf

version graph

Package: nsca; Maintainer for nsca is Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>; Source for nsca is src:nsca.

Reported by: Bernd Zeimetz <bzed@debian.org>

Date: Fri, 19 Nov 2010 20:18:01 UTC

Severity: serious

Found in version nsca/2.7.2

Fixed in version nsca/2.7.2+nmu1

Done: Xavier Oswald <xoswald@debian.org>

Bug is archived. No further changes may be made.

Toggle useless messages

View this report as an mbox folder, status mbox, maintainer mbox


Report forwarded to debian-bugs-dist@lists.debian.org, Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>:
Bug#604053; Package nsca. (Fri, 19 Nov 2010 20:18:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Bernd Zeimetz <bzed@debian.org>:
New Bug report received and forwarded. Copy sent to Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>. (Fri, 19 Nov 2010 20:18:04 GMT) Full text and rfc822 format available.

Message #5 received at submit@bugs.debian.org (full text, mbox):

From: Bernd Zeimetz <bzed@debian.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: nsca: starts as daemon although disabled in debconf
Date: Fri, 19 Nov 2010 21:14:34 +0100
Package: nsca
Version: 2.7.2
Severity: serious

Installing nsca and answering 'no' to the debcanf question which asks if
you want to run the nsca daemon still results in a running daemon with a
pretty unusual PID:

4294967295 12373   1  0 21:08 ?        00:00:00 /usr/sbin/nsca --daemon -c /etc/nsca.cfg

I'm filing this as serious as I consider daemons which run and listen on
tcp ports without being configured to do so as a security issue.
Especially when they run with a UID which might b in use otherwise.
I'd guess it tries to use -1 as UID as that was the UID of nobody some
ancient times ago.

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (500, 'testing'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.35.7-think (SMP w/2 CPU cores; PREEMPT)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages nsca depends on:
ii  debconf [debconf-2.0]         1.5.36     Debian configuration management sy
ii  libc6                         2.11.2-7   Embedded GNU C Library: Shared lib
ii  libmcrypt4                    2.5.8-3.1  De-/Encryption Library

nsca recommends no packages.

Versions of packages nsca suggests:
pn  nagios                        <none>     (no description available)
ii  nagios-plugins                1.4.15-2   Plugins for the nagios network mon
ii  nagios-plugins-basic          1.4.15-2   Plugins for the nagios network mon

-- Configuration Files:
/etc/init.d/nsca changed:
DAEMON=/usr/sbin/nsca
NAME=nsca
DESC="Nagios Service Check Acceptor"
CONF=/etc/nsca.cfg
OPTS="--daemon -c $CONF"
PIDFILE="/var/run/nsca.pid"
if [ ! -x $DAEMON ]; then
	exit 0
fi
get_config(){
	grep "^[[:space:]]*$1=" $CONF 2>/dev/null | tail | cut -d= -f2-
}
PIDFILE=`get_config pid_file`
if [ -z "$PIDFILE" ];  then 
	# then this is the default PIDFILE
	PIDFILE="/var/run/nsca.pid"
	# run nsca in the foreground, and have s-s-d fork it for us
	OPTS="-f $OPTS"
	# and then this is how we call SSD
	SSD_STARTOPTS="--background --pidfile $PIDFILE --make-pidfile"
	SSD_STOPOPTS="--pidfile $PIDFILE"
else
	# but if pid_file is set, we don't have to do anything
	SSD_STARTOPTS="--pidfile $PIDFILE"
	SSD_STOPOPTS="--pidfile $PIDFILE"
fi
SSD_START="/sbin/start-stop-daemon --oknodo -S $SSD_STARTOPTS --exec $DAEMON"
SSD_STOP="/sbin/start-stop-daemon --oknodo -K $SSD_STOPOPTS --exec $DAEMON"
die(){
	echo $@
	exit 1
}
case "$1" in
start)
	echo -n "Starting $DESC: "
	if [ ! -d "/var/run/nagios" ]; then
		mkdir -p /var/run/nagios || die "ERROR: couldn't create /var/run/nagios"
	fi
	$SSD_START -- $OPTS || die "ERROR: could not start $NAME."
	echo "$NAME."
;;
stop)
	echo -n "Stopping $DESC: "
	$SSD_STOP -- $OPTS || die "ERROR: could not stop $NAME."
	rm -f $PIDFILE
	echo "$NAME."
;;
reload|force-reload)
	echo -n "Reloading $DESC: "
	$SSD_STOP --signal HUP -- $OPTS || die "ERROR: could not reload $NAME."
	echo "$NAME."
;;
restart)
	$0 stop
	$0 start
;;
esac

/etc/nsca.cfg changed:
pid_file=/var/run/nsca.pid
server_port=5667
nsca_user=nagios
nsca_group=nogroup
debug=0
command_file=/var/lib/nagios3/rw/nagios.cmd
alternate_dump_file=/var/run/nagios/nsca.dump
aggregate_writes=0
append_to_file=0
max_packet_age=30
decryption_method=1

/etc/send_nsca.cfg changed:
encryption_method=1


-- debconf information:
  nsca/run-nsca-daemon:




Information forwarded to debian-bugs-dist@lists.debian.org, Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>:
Bug#604053; Package nsca. (Sat, 27 Nov 2010 14:03:04 GMT) Full text and rfc822 format available.

Acknowledgement sent to Xavier Oswald <xoswald@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>. (Sat, 27 Nov 2010 14:03:04 GMT) Full text and rfc822 format available.

Message #10 received at 604053@bugs.debian.org (full text, mbox):

From: Xavier Oswald <xoswald@debian.org>
To: pkg-nagios-devel@lists.alioth.debian.org
Cc: 604053@bugs.debian.org, Bernd Zeimetz <bzed@debian.org>
Subject: nsca: starts as daemon although disabled in debconf
Date: Sat, 27 Nov 2010 15:01:00 +0100
[Message part 1 (text/plain, inline)]
Hi,

I can reproduce it too.

> Installing nsca and answering 'no' to the debcanf question which asks if
> you want to run the nsca daemon still results in a running daemon with a
> pretty unusual PID:
>
> 4294967295 12373   1  0 21:08 ?        00:00:00 /usr/sbin/nsca --daemon -c /etc/nsca.cfg
>
>
> I'm filing this as serious as I consider daemons which run and listen on
> tcp ports without being configured to do so as a security issue.
> Especially when they run with a UID which might b in use otherwise.
> I'd guess it tries to use -1 as UID as that was the UID of nobody some
> ancient times ago.

True. Let me know if I can help in any way.

Greetings,
-- 
Xavier Oswald <xoswald@debian.org>
GNU/Linux Debian Developer - http://www.debian.org/
GPG key ID: 0x464B8DE3
[signature.asc (application/pgp-signature, inline)]

Information forwarded to debian-bugs-dist@lists.debian.org, Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>:
Bug#604053; Package nsca. (Sun, 28 Nov 2010 13:15:09 GMT) Full text and rfc822 format available.

Acknowledgement sent to Xavier Oswald <xoswald@debian.org>:
Extra info received and forwarded to list. Copy sent to Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>. (Sun, 28 Nov 2010 13:15:09 GMT) Full text and rfc822 format available.

Message #15 received at 604053@bugs.debian.org (full text, mbox):

From: Xavier Oswald <xoswald@debian.org>
To: 604053@bugs.debian.org
Cc: formorer@debian.org
Subject: nsca: diff for NMU version 2.7.2+nmu1
Date: Sun, 28 Nov 2010 14:11:59 +0100
[Message part 1 (text/plain, inline)]
tags 604053 + pending
thanks

Dear maintainer,

I've prepared an NMU for nsca (versioned as 2.7.2+nmu1) and
uploaded it to DELAYED/2. Please feel free to tell me if I
should delay it longer.

Regards.

-- 
Xavier Oswald <xoswald@debian.org>
GNU/Linux Debian Developer - http://www.debian.org/
GPG key ID: 0x464B8DE3
[nsca-2.7.2+nmu1-nmu.diff (text/x-diff, attachment)]
[signature.asc (application/pgp-signature, inline)]

Added tag(s) pending. Request was from Xavier Oswald <xoswald@debian.org> to control@bugs.debian.org. (Sun, 28 Nov 2010 13:15:13 GMT) Full text and rfc822 format available.

Reply sent to Xavier Oswald <xoswald@debian.org>:
You have taken responsibility. (Tue, 30 Nov 2010 13:36:04 GMT) Full text and rfc822 format available.

Notification sent to Bernd Zeimetz <bzed@debian.org>:
Bug acknowledged by developer. (Tue, 30 Nov 2010 13:36:04 GMT) Full text and rfc822 format available.

Message #22 received at 604053-close@bugs.debian.org (full text, mbox):

From: Xavier Oswald <xoswald@debian.org>
To: 604053-close@bugs.debian.org
Subject: Bug#604053: fixed in nsca 2.7.2+nmu1
Date: Tue, 30 Nov 2010 13:32:21 +0000
Source: nsca
Source-Version: 2.7.2+nmu1

We believe that the bug you reported is fixed in the latest version of
nsca, which is due to be installed in the Debian FTP archive:

nsca_2.7.2+nmu1.dsc
  to main/n/nsca/nsca_2.7.2+nmu1.dsc
nsca_2.7.2+nmu1.tar.gz
  to main/n/nsca/nsca_2.7.2+nmu1.tar.gz
nsca_2.7.2+nmu1_amd64.deb
  to main/n/nsca/nsca_2.7.2+nmu1_amd64.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 604053@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Xavier Oswald <xoswald@debian.org> (supplier of updated nsca package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Sun, 28 Nov 2010 10:59:05 +0100
Source: nsca
Binary: nsca nsca-client
Architecture: source amd64
Version: 2.7.2+nmu1
Distribution: unstable
Urgency: low
Maintainer: Debian Nagios Maintainer Group <pkg-nagios-devel@lists.alioth.debian.org>
Changed-By: Xavier Oswald <xoswald@debian.org>
Description: 
 nsca       - Nagios service monitor agent
 nsca-client - Nagios service monitor agent - client package
Closes: 604053
Changes: 
 nsca (2.7.2+nmu1) unstable; urgency=low
 .
   * Non-maintainer upload.
   * Fix nsca starting as daemon when disabled in debconf and using an unusual
     PID (Closes: #604053).
Checksums-Sha1: 
 509f8fcd53fd7ee7444750c170fa1365502decb1 1551 nsca_2.7.2+nmu1.dsc
 2f941a43222faab726eb86d9651f8a2cc0da6dfb 129467 nsca_2.7.2+nmu1.tar.gz
 4c9cdf7520089147a59e5fcfd6abfcb22891b54e 45630 nsca_2.7.2+nmu1_amd64.deb
Checksums-Sha256: 
 723d49be9ba7b73b66cc6d0c0e98a05d967fbc3fec3d3069a0a884f5b02bf04f 1551 nsca_2.7.2+nmu1.dsc
 fa7d3f4f79ccca446bc941e3e558853f03b88d41931275f43ca629fd2e7a52c9 129467 nsca_2.7.2+nmu1.tar.gz
 b2eb367ab4e77b2753d1caac31e3e02405a2621f8345445110c061da4a3e0f32 45630 nsca_2.7.2+nmu1_amd64.deb
Files: 
 f4492ccb35d21535e7084632332b08e7 1551 net optional nsca_2.7.2+nmu1.dsc
 f13242d2aa89210cd97c18a3565016e6 129467 net optional nsca_2.7.2+nmu1.tar.gz
 86c7179e784856115b20b93e254cd7c6 45630 net optional nsca_2.7.2+nmu1_amd64.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBCAAGBQJM8lMsAAoJEIW5DSNGS43jOyMP/1ZRVODrDbMgUW6M29OnoO1e
Ft+6CiEMN1WEJImCe8scVShnB5G1xPIsbps+WTPkVGjxoXezRhvs6lFTwqHb3nWr
jeP8qUkaVApK43meD2mAkWURPqIiBMJqWoejfqm8eJVliSqfOPQ28ivucw0xmyf7
TMhUqSJj2ojXCipRHgA9dFAeyhTuGc/r8hCtf0z9rgm3IPUXiYMuU78ZdzIeX69j
sqtxJAD8AO1ULUIDIlCYW1Myehig1/wAmz7NZSIYUpNifmm+e+4ySjzQ5VDPgcgR
bS8vIDTjHaJIbf5qq90SEFVb5vh1vKW7p+wXJYiGpEZEm4dLQfvALoWC/Xu5B6Ao
uiuJRCJXx/pPmD8yrgSq+ynmwDwBnSc5T/pYC+grvnlv/NpTdZS5mkHFVI6D4IVS
RXVTVf7gEyFkuAzR6e6dswMhp8t3MEUWdUWdRVh5cJXBUuiVuB76sRXLrnn7niyF
PQWoCa9e9R8aIwDFZGcY73Shw3boXMw8PlHUk6m2AzaSptRt1We3aECQaOD2NEee
AjuZJYspeNLyFhLDAwJzEEag9rLHps6RcYCyIH+okgnxCVuE52UX2cC5UAAz1YKQ
gzg7rfPQVRICY5Ui2qrb+HqZWt4xOGQBqdV4z5z3w8M4GfctrLslJpQ6aiFt/55N
nilWa2uX5giD0zJIWhS+
=Z4l6
-----END PGP SIGNATURE-----





Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Wed, 29 Dec 2010 07:32:47 GMT) Full text and rfc822 format available.

Send a report that this bug log contains spam.


Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Sun Apr 20 21:10:46 2014; Machine Name: beach.debian.org

Debian Bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.