From 1f6aaec71768f001154faa03e648e9a731d2ca40 Mon Sep 17 00:00:00 2001 From: Valentin Vidic Date: Fri, 28 Dec 2007 16:04:04 +0100 Subject: [PATCH] Workarounds for config file problems. --- usr/share/carnet-upgrade/actions/main.queue | 38 ++----- .../files/etc/postgrey/whitelist_clients | 87 +++++++++++++++ usr/share/carnet-upgrade/functions.sh | 115 ++++++++++++++++++-- 3 files changed, 199 insertions(+), 41 deletions(-) create mode 100644 usr/share/carnet-upgrade/files/etc/postgrey/whitelist_clients diff --git a/usr/share/carnet-upgrade/actions/main.queue b/usr/share/carnet-upgrade/actions/main.queue index 50bb5b1..161b2dc 100644 --- a/usr/share/carnet-upgrade/actions/main.queue +++ b/usr/share/carnet-upgrade/actions/main.queue @@ -24,40 +24,20 @@ true create_sources_list true update # apt-get update & download true check_disk_space ! debconf_priority check debconf_priority set # utisaj debconf +pkg apt-listchanges-cn pkgrm apt-listchanges-cn # ne postoji vise +true upgrade_libc +true install_keyrings # popravi konfiguracije koje stvaraju probleme -pkg amavisd-cn restore_config /etc/amavis/amavisd.conf -pkg mysql-cn restore_config /etc/mysql/my.cnf -pkg php4-cn restore_config /etc/php4/apache/php.ini -pkg php4-cn restore_config /etc/php4/cgi/php.ini -pkg php4-cn restore_config /etc/php4/cli/php.ini -pkg dovecot-cn restore_config /etc/dovecot/dovecot.conf -pkg bind9-cn restore_config /etc/bind/named.conf.options -pkg kernel-2.6-cn restore_config /etc/security/limits.conf -pkg mysql-cn restore_config /etc/init.d/mysql -pkg openldap-aai restore_config /etc/init.d/slapd -pkg openldap-aai restore_config /etc/default/slapd -pkg xinetd-cn restore_config /etc/xinetd.conf -pkg vsftpd-cn restore_config /etc/vsftpd.conf -pkg ntp-cn restore_config /etc/ntp.conf -pkg ntp-cn restore_config /etc/default/ntpdate -pkg squirrelmail-cn restore_config /etc/squirrelmail/apache.conf -pkg oidentd-cn restore_config /etc/default/oidentd -pkg postfix-cn restore_config /etc/default/postgrey -pkg postfix-cn restore_config /etc/default/saslauthd -#pkg x restore_config /etc/sysctl.conf -#pkg x restore_config /etc/apt/sources.list -#pkg x restore_config /etc/default/aide -#pkg x restore_config /etc/logrotate.d/mysql-server -#pkg x restore_config /etc/aide/aide.conf -#pkg x restore_config /etc/cron.daily/aide -#pkg x restore_config /etc/issue.net -#pkg x restore_config /etc/issue -#pkg x restore_config /etc/pam.d/login +true restore_configs pkg mrtg-cn pkgrm mrtg mrtg-cn # zamjenjeno sa munin # konacno, instalacija novih paketa -pkg amavisd-cn restore_amavis_init +pkg amavisd-cn upgrade_amavis pkg apache-cn upgrade_apache pkg mrtg-cn pkgadd munin-cn +pkg postfix-cn upgrade_postfix +pkg dovecot-cn upgrade_dovecot +pkg openldap-aai upgrade_openldap +pkg ntp-cn upgrade_ntp true upgrade first # neki paketi moraju rucno true upgrade second # neke pakete zelimo ranije pkg freeradius-cn lt 2:1.0.1-2 install_freeradius # neki su totalno poremeceni # fix 2.1.4 diff --git a/usr/share/carnet-upgrade/files/etc/postgrey/whitelist_clients b/usr/share/carnet-upgrade/files/etc/postgrey/whitelist_clients new file mode 100644 index 0000000..f4cc9b4 --- /dev/null +++ b/usr/share/carnet-upgrade/files/etc/postgrey/whitelist_clients @@ -0,0 +1,87 @@ +# postgrey whitelist for mail client hostnames +# -------------------------------------------- +# put this file in /etc/postgrey or specify its path +# with --whitelist-clients=xxx + +# Debian-specific additions +gluck.debian.org +haydn.debian.org +klecker.debian.org +master.debian.org +merkel.debian.org +murphy.debian.org +newmurphy.debian.org +newraff.debian.org +spohr.debian.org + +# greylisting.org: Southwest Airlines (unique sender, no retry) +southwest.com +# greylisting.org: Yahoo Groups servers (no retry) +scd.yahoo.com +# greylisting.org: isp.belgacom.be (wierd retry pattern) +isp.belgacom.be +# greylisting.org: Ameritrade (no retry) +ameritradeinfo.com +# greylisting.org: Amazon.com (unique sender with letters) +amazon.com +# 2004-05-20: Linux kernel mailing-list (unique sender with letters) +vger.kernel.org +# 2004-06-02: karger.ch, no retry +karger.ch +# 2004-06-02: lilys.ch, (slow: 4 hours) +server-x001.hostpoint.ch +# 2004-06-09: roche.com (no retry) +gw.bas.roche.com +# 2004-06-09: newsletter (no retry) +mail.hhlaw.com +# 2004-06-09: no retry (reported by Ralph Hildebrandt) +prd051.appliedbiosystems.com +# 2004-06-17: swissre.com (no retry) +swissre.com +# 2004-06-17: dowjones.com newsletter (unique sender with letters) +returns.dowjones.com +# 2004-06-18: switch.ch (works but personnel is confused by the error) +domin.switch.ch +# 2004-06-23: accor-hotels.com (slow: 6 hours) +accor-hotels.com +# 2004-06-29: rr.com (no retry, reported by Duncan Hill) +/^ms-smtp.*\.rr\.com$/ +# 2004-06-29: cox.net (no retry, reported by Duncan Hill) +/^lake.*mta.*\.cox\.net$/ +# 2004-06-29: motorola.com (no retry) +mot.com +# 2004-07-01: nic.fr (address verification, reported by Arnaud Launay) +nic.fr +# 2004-07-01: verizon.net (address verification, reported by Bill Moran and Eric) +/^sc\d+pub\.verizon\.net$/ +# 2004-07-02: cs.columbia.edu (no retry) +cs.columbia.edu +# 2004-07-02: papersinvited.com (no retry) +66.216.126.174 +# 2004-07-02: telekom.de (slow: 6 hours) +/^mail\d+\.telekom\.de$/ +# 2004-07-04: tiscali.dk (slow: 12 hours, reported by Klaus Alexander Seistrup) +/^smtp\d+\.tiscali\.dk$/ +# 2004-07-04: freshmeat.net (address verification) +freshmeat.net +# 2004-07-11: zd-swx.com (unique sender with letters, reported by Bill Landry) +zd-swx.com +# 2004-07-11: lockergnome.wc09.net (unique sender with letters, reported by Bill Landry) +lockergnome.wc09.net +# 2004-07-19: mxlogic.net (no retry, reported by Eric) +p01m168.mxlogic.net +p02m169.mxlogic.net +# 2004-09-08: intel.com (pool on different subnets) +/^fmr\d+\.intel\.com$/ +# 2004-09-17: cox-internet.com (no retry, reported by Rod Roark) +/^fe\d+\.cox-internet\.com$/ +# 2004-10-11: logismata.ch (no retry) +logismata.ch +# 2004-11-25: brief.cw.reum.de (no retry, reported by Manuel Oetiker) +brief.cw.reum.de +# 2004-12-03: ingeno.ch (no retry) +qmail.ingeno.ch +# 2004-12-06: rein.ch (no retry) +mail1.thurweb.ch +# 2005-01-26: tu-ilmenau.de (no retry) +piggy.rz.tu-ilmenau.de diff --git a/usr/share/carnet-upgrade/functions.sh b/usr/share/carnet-upgrade/functions.sh index 54e8903..16f3d23 100644 --- a/usr/share/carnet-upgrade/functions.sh +++ b/usr/share/carnet-upgrade/functions.sh @@ -391,16 +391,68 @@ restore_config () { local file for file in "$@"; do - # backup changes - if [ -e "$file" -a ! -e "$file.cn3-upgrade" ]; then - mv "$file" "$file.cn3-upgrade" + if [ -e "$file" ]; then + # backup changes + [ ! -e "$file.cn3-upgrade" ] && mv "$file" "$file.cn3-upgrade" + + # install original + cp "/usr/share/carnet-upgrade/files/$file" "$file" fi + done +} - # install original - cp "/usr/share/carnet-upgrade/files/$file" "$file" +# restore modified config to their package defaults +# so the upgrade doesn't complain so much +restore_configs () { + restore_config /etc/bind/named.conf.options + restore_config /etc/default/ntpdate + restore_config /etc/default/oidentd + restore_config /etc/default/postgrey + restore_config /etc/default/saslauthd + restore_config /etc/default/slapd + restore_config /etc/dovecot/dovecot.conf + restore_config /etc/init.d/mysql + restore_config /etc/init.d/slapd + restore_config /etc/issue + restore_config /etc/issue.net + restore_config /etc/logrotate.d/mysql-server + restore_config /etc/mysql/my.cnf + restore_config /etc/ntp.conf + restore_config /etc/pam.d/login + restore_config /etc/php4/apache/php.ini + restore_config /etc/php4/cgi/php.ini + restore_config /etc/php4/cli/php.ini + restore_config /etc/postgrey/whitelist_clients + restore_config /etc/security/limits.conf + restore_config /etc/squirrelmail/apache.conf + restore_config /etc/sysctl.conf + restore_config /etc/vsftpd.conf + restore_config /etc/xinetd.conf + + # orphaned config file - no owner + rm -f /etc/logcheck/ignore.d.server/imap + + # aide switched to ucf, move old configs aside + for file in /etc/aide/aide.conf /etc/cron.daily/aide /etc/default/aide; do + [ ! -e "$file.cn3-upgrade" ] && mv "$file" "$file.cn3-upgrade" + rm -f "$file" done } +# make a silent installation of carnet and srce keyrings +install_keyrings () { + pkgadd carnet-keyring srce-keyring + pkgadd dpkg apt + + dpkg-reconfigure carnet-keyring srce-keyring + update +} + +# make a silent upgrade to new libc6 +upgrade_libc () { + DEBIAN_FRONTEND=noninteractive pkgadd libc6 +} + # upgrade apache -> apache2 upgrade_apache () { # bugfix for apache2-cn postinst @@ -408,16 +460,55 @@ upgrade_apache () { touch /etc/apache2/httpd.conf pkgadd php4-odbc php4-xslt mktemp - pkgadd apache2 squirrelmail apache2-cn squirrelmail-cn + + # apache2 conflicts with these + pkgrm apache aosi-aai aosi-www-aai php4-cn squirrelmail-cn + + # apache2-cn postinst needs new mktemp + pkgadd apache2-cn php5-cn aosi-aai aosi-www-aai # squirrelmail-cn } -# restore amavis init script -restore_amavis_init () { +upgrade_amavis () { # remove diversion if [ -L /etc/init.d/amavis -a -f /etc/init.d/amavis.amavisd-new ]; then rm -f /etc/init.d/amavis - dpkg-divert --remove --package amavis-cn --rename /etc/init.d/amavis --quiet - fi + dpkg-divert --quiet --remove /etc/init.d/amavis + fi + + # move old config aside + local conf=/etc/amavis/amavisd.conf + if [ -e $conf -a ! -e $conf.cn3-upgrade ]; then + mv $conf $conf.cn3-upgrade + fi + + pkgadd amavisd-cn amavisd-new +} + +# fix openldap-aai postinst user handling +upgrade_openldap () { + apt-get -y$s install openldap-aai || true + chown -R openldap:openldap /var/lib/ldap + /etc/init.d/slapd restart + dpkg --configure -a +} + +# workaround postfix-cn dependencies +upgrade_postfix () { + pkgadd sasl2-bin + pkgadd postfix postfix-cn +} + +# workaround dovecot-cn dependencies +upgrade_dovecot () { + pkgadd dovecot-imapd dovecot-pop3d + pkgadd dovecot-cn +} + +# workaround ntp-cn dependencies +upgrade_ntp () { + pkgadd ntp ntpdate + # pkgrm ntp-server + pkgadd ntp-cn } # instaliraj zadnji freeradius; uvjeti u queue fileovima @@ -473,11 +564,11 @@ fix_aidexfer_conf() { fix_issue () { cat > /etc/issue < /etc/issue.net <