bastille (1:2.1.1-13) unstable; urgency=low * Make next Debian release supported. (Closes: #396189) * Add a binary-indep target (Closes: #395671) * This package is Binary: all -- Javier Fernandez-Sanguino Pen~a Wed, 1 Nov 2006 11:14:29 +0100 bastille (1:2.1.1-12) unstable; urgency=low * The "closing bugs before I package new upstream version" * Adjust the grub test so it uses /boot/grub/menu.lst instead of the /etc/grub.conf file (Closes: #312182) * Use modprobe instead of insmod to load the ip_nat modules (Closes: #328870) * Restrict use of all the fsck tools under /sbin, not just 'fsck' (Closes: #320662) * Use dpkg-statoverride in Debian systems to preserve filesystem changes even on the even of package upgrades (Closes: #182494) * Use debhelper compatibility version 4 -- Javier Fernandez-Sanguino Pen~a Thu, 3 Nov 2005 19:24:20 +0100 bastille (1:2.1.1-11) unstable; urgency=low * Fixed bastille-firewall to use /var/lock/bastille/bastille-firewall instead of /var/lock/subsys (Closes: #282419) -- Javier Fernandez-Sanguino Pen~a Tue, 23 Nov 2004 11:27:57 +0100 bastille (1:2.1.1-10) unstable; urgency=low * Improved the description in the control field with the patch provided by Thomas Hood (Closes: #281170) -- Javier Fernandez-Sanguino Pen~a Sun, 14 Nov 2004 12:38:18 +0100 bastille (1:2.1.1-9) unstable; urgency=low * Have the postrm script behave better when purging (Closes: #280379) -- Javier Fernandez-Sanguino Pen~a Sun, 14 Nov 2004 01:15:20 +0100 bastille (1:2.1.1-8) unstable; urgency=low * Modified bastille so that the user is warned to use 'bastille -c' if he cannot run the (default) X11 interface due to missing libraries. Also, if no DISPLAY is defined the Curses interface is used unless specified differently in the command line. (Closes: #274464) * [bastille] moved the root check down so that all users can run 'bastille -h' * [InteractiveBastille] Print the Usage information if it tries to use the Curses interface but the libraries are not available. -- Javier Fernandez-Sanguino Pen~a Sun, 3 Oct 2004 12:26:17 +0200 bastille (1:2.1.1-7) unstable; urgency=low * Add support for Debian sarge (DB3.1) (Closes: #263599) * Quote strings of the menu file * Fixed PSAD configuration of the EMAIL_ADDRESS (Closes: #236785) * Allow LOCAL access in /etc/hosts.allow to avoid having issues with local services (FAM and printer services mostly) * Modified Questions.txt so that it describes that you need to permit echo-request if you want incoming ICMP probes (Closes: #232265) * Start the bastille-firewall at S40 so that it can work when filesystems are up (i.e. it starts later than lvm or NFS) (Closes: #214744) * Added lintian.override -- Javier Fernandez-Sanguino Pen~a Thu, 5 Aug 2004 15:13:18 +0200 bastille (1:2.1.1-6) unstable; urgency=low * bastille script now uses bash since it uses 'set +o privileged', I can't find if this is POSIX so I'm fixing it this way (Closes: #237792) -- Javier Fernandez-Sanguino Pen~a Sat, 13 Mar 2004 23:20:55 +0100 bastille (1:2.1.1-5) unstable; urgency=low * Install Bastille modules in /usr/share/perl5 instead of on /usr/lib/perl5 * Fixed spelling error in README. * Make a manpage symlink for UndoBastille. * Proper copyright in debian/copyright. * Updated Standards-Version. -- Javier Fernandez-Sanguino Pen~a Fri, 23 Jan 2004 18:18:47 +0100 bastille (1:2.1.1-4) unstable; urgency=low * Added missing GLOBAL definitions (Closes: #225878) * Clarified (even more) in the README.Debian file why the dependancies are set the way they are. I'm even placing this element the first one in the list just for the lazy readers and also copying this information to the manpages (bastille and InteractiveBastille) (Closes: #210399, #212156) * Add a note in the README.Debian about debootstrap (to setup a chroot test environment, works like a charm) * Added notes in the Questions.txt regarding how Amanda might break if the settings are applied, this might avoid people getting bitten by #118613 and #155510 (but "it's not a bug, it's a feature") -- Javier Fernandez-Sanguino Pen~a Fri, 9 Jan 2004 16:12:56 +0100 bastille (1:2.1.1-3) unstable; urgency=low * Fixed properly API.pm now. -- Javier Fernandez-Sanguino Pen~a Tue, 15 Jul 2003 16:10:40 +0200 bastille (1:2.1.1-2) unstable; urgency=low * Fixed API.pm which made bastille break due to a syntax error (missing parenthesis) (Closes: #200979) -- Javier Fernandez-Sanguino Pen~a Sat, 12 Jul 2003 19:11:48 +0200 bastille (1:2.1.1-1) unstable; urgency=low * The "It's been a while since I tinkered with Bastille" release (many of the changes in this package need to be pushed upstream). * New upstream version. - This upstream version works properly wrt to syslog settings (Closes: #158918) - UndoBastille no longer exists (Closes: #194355) * Removed the Credits file from /usr/share/bastille (it's already under the documentation) and replace it with a symlink * Added the *config files to the examples dir. * Modified debian/rules to create a symbolic link for UndoBastille since it's no longer there. Also, the UndoBastille manpage has been modified to be used for RevertBastille and all manpages point to RevertBastille. * Added find_bastille_affected_files.pl to the examples. * Added docs/bastille.1m to the manpages * Moved the documentation calls in debian/rules to debian/docs so that it's easier to follow. * Modified the chroot script for makejail to use coreutils instead of fileutils. * Fixed the bastille-ipchains script as described by Henrik Johansson and have the package recommend bind9-host or host. Notice that I cannot add a dependancy since not all users will be setting up a local firewall (Closes: #184767) * Modified API/Bastille.pm so that chkconfig_off in Debian also removes the 'S' links. Notice that not _all_ rc files are removed since this would mean that on upgrade all the files would be recreated. Also the chkconfig_on code has been modified to work with Debian even if it's not used (calls to it from Firewall.pm and PSAD.pm have been disabled since the packages provide already init.d scripts and their rc.d links) (Closes: #193906) * Modified the installation of the bastille-firewall so that it runs on the system at priority 20 which means that it should be started before any network services, it is also stopped at level 89. * Reapplied the changes to Bastille/IOLoader.pm to add new DebugLogs. * Modified Questions.txt to fit Debian specific stuff. * Modified docs/bastille.1m to include some of the undocumented options as well as the Debian-specific information. Also modified all trailing '.C' to '.B' * Changed 'LINUX' to refer also to 'DB' * Added /var/log/Bastille/revert/backup to the directories to remove stuff from if we purge the package (Closes: #185951) * Fixed API.pm so that /var/log/Bastille/revert is used instead of /var/log/Bastillerevert (missing '/') * Modified Bastille/PSAD.pm so that it does not attempt to install PSAD, also the location of the PSAD init script has been modified for Debian. Modified also Questions.txt to add a dependancy for the 'psad' file so that it will only run if the PSAD package has been installed. With this changes bastille now configures PSAD properly if available (Closes: #147153) -- Javier Fernandez-Sanguino Pen~a Tue, 24 Jun 2003 10:26:53 +0200 bastille (1:2.0.4-3) unstable; urgency=low * Changed the Dependancies so that the X interfaces are only installed if the user asks for them, the curses interface is always installed now (Closes: #164227) * Improved the package description (hopefully) following some of the guidelines on the Developer's Reference, including a Homepage * Fixed the debian/control file using the patch provided in the bug report. Thanks to James A. Morrison. (Closes: #184179) (I still need to write proper manpages for many of the scripts...) -- Javier Fernandez-Sanguino Pen~a Tue, 25 Mar 2003 00:09:07 +0100 bastille (1:2.0.4-2) unstable; urgency=low * Added /var/log/Bastille/Revert and /var/log/Bastille/old-config to the list of directories to remove (Closes: #182919) * Changed the init file so it does not offer the HINT if asked to stop (so that it is not presented when removing/purging the package) -- Javier Fernandez-Sanguino Pen~a Sun, 2 Mar 2003 10:29:59 +0100 bastille (1:2.0.4-1) unstable; urgency=low * New upstream release * Added proper references to ping6/traceroute6 * Enabled psad configuration since 'psad' package is now available in Debian * Fixed Questions.txt for apache configuration (mentioned httpd) * Added a note on BUGS and on the README.Debian file regarding the Amanda issues. They are not a bug, they are simply a user's shooting himself on the foot by retricting too much the system. This is related to bugs #118613 and #155510. A debconf note might be added if enough users report this. * Added a Conflicts to libcurses-widget-perl as a quick way to avoid bug #164227. The Bastille upstream team will probably need to decide how to tackle this. -- Javier Fernandez-Sanguino Pen~a Sun, 24 Nov 2002 22:52:38 +0100 bastille (1:2.0.1-1) unstable; urgency=low * New upstream release. * Now provides a postrm to remove all logs and configuration files placed by Bastille (could be useful if a user installs Bastille, uses it and then removes it from the system. Note: in this case the firewall would not work, of course) * Removed psad (there's a New Maintainer packaging it, it will be integrated into Bastille as soon as the package is done). Bastille now Recommends: psad (should it recommended firewalling code too???) * IMPROVED: Added a new debugging option (-d) for those #print statements in API.pm (should be used by developers to populate other modules) Changed bastille to provide the -v, -d and -l options to the Backends Also changed InteractiveBastille to reflect what API.pm says Questions.txt now includes some information specific to Debian (chkconfig stuff mostly) Added a bastille-makejail.py example for 'makejail' to build a chrooted testing environment (works for me, YMMV) * FIXED: InteractiveBastille did not show Usage because GLOBAL_ERROR was not exported in API.pm *and* because API.pm was not loaded before showUsage was called RootTTYLogins fixed to remove *all* ttys, not just tty1-tty6, tty10-tty60.... Bastille manpage now properly displays valid options Some links (called chkconfig) are provided for Debian (need to provide more by checking which runlevel/number is used by some packages) * CHANGED: The init script will not launch if no bastille-firewall.cfg exist There is no /var/lock/subsys, /var/lock/bastille used instead * TODO: Port the fixes done to previous versions. -- Javier Fernandez-Sanguino Pen~a Mon, 19 Aug 2002 13:21:12 +0200 bastille (1:1.3.0-6) unstable; urgency=medium * Changed exit 1 to exit 0 in the bastille-firewall script so installation/postinstallation works ok (Closes: #149424) -- Javier Fernandez-Sanguino Pen~a Mon, 10 Jun 2002 14:22:31 +0200 bastille (1:1.3.0-5) unstable; urgency=high * Changed the init.d script to *not* run if there is no /etc/Bastille/bastille-firewall.cfg this should work when the user has answered questions in InteractiveBastille and created the cfg file. * Added a pre-configuration of the firewall just as bastille-firewall-install does. Instead of changing Bastille/Firewall.pm to add Debian to the configuration (line 338) this is IMHO a better approach since changes in the init.d script or the software does not require re-installation of the firewall. * This closes bug #147643 for sid, but woody configuration does give the user a sense of "false security" since they configure the firewall but it's not enabled either after installation or on reboot. * Added some missing dirs to debian/dirs * Added /etc files to conffiles (Note: the bastille-firewall.cfg is not since is not provided yet in the package, it is generated through the Bastille programs) -- Javier Fernandez-Sanguino Pen~a Tue, 21 May 2002 11:27:29 +0200 bastille (1:1.3.0-4) unstable; urgency=medium * Added /var/lock/subsys to debian/dirs so that the firewall runs nicely. * Fixed an unreported bug in INCs that prevented it from finding Bastille_Tk.pm (due to it being moved in 1.3.0-3) * Edited the psad installation to work non-interactively (install.debian.pl) * Removed psad from debian/rules so that it is not activated by Bastille. This software is not ready for release in Debian since installation should be done in a separate package (sorry guys, you will need to take the source package to make it work) * Edited InstallBastille to remove DB from the LINUX alias in order to *not* ask about Psad (in Questions.txt it is linked to LINUX) -- Javier Fernandez-Sanguino Pen~a Thu, 16 May 2002 09:52:12 +0200 bastille (1:1.3.0-3) unstable; urgency=medium * Move /usr/lib/Bastille to /usr/share/perl5/ to comply with the FHS * Removed creation of /usr/share/Bastille/Psad.pm since it was not being used. * Fixed Bastille/Logging.pm (typo, an if was missing) (Closes: #146921) * Made /usr/share/Bastille/PSAD.pm a symlink to Psad.pm * Made changes in debian/rules to conform to Debian's Perl policy. -- Javier Fernandez-Sanguino Pen~a Tue, 14 May 2002 13:13:28 +0200 bastille (1:1.3.0-2) unstable; urgency=low * Removed man1 manpages (since they were in the psad directories debhelper decided to add them too!) (Closes: #141217) -- Javier Fernandez-Sanguino Pen~a Fri, 5 Apr 2002 15:33:21 +0200 bastille (1:1.3.0-1) unstable; urgency=low * New upstream version. * New upstream version (and if case you wonder: "yes, this package was also made during my last vacations"). * The new version provides support for Debian (changes made in previous releases have been included). This version, however, recognises '3.0' as a valid release name and supports it along with 2.2 * Fixed (somewhat) the Questions.txt * Included DB into the "LINUX" definition in Questions.txt (so that it shows all the Questions for Debian) -- Javier Fernandez-Sanguino Pen~a Fri, 29 Mar 2002 00:26:03 +0100 bastille (1:1.2.0-6) unstable; urgency=low * Fixed Bastille Firewall.pm and bastille-firewall-reset so proper substitution is being made for the RC and INIT directories (Closes: 129635) -- Javier Fernandez-Sanguino Pen~a Thu, 17 Jan 2002 10:19:24 +0100 bastille (1:1.2.0-5) unstable; urgency=low * Changed Logging.pm so that it works in Debian properly noticed that Debian's default behavior already provides for syslog and kern.log rotationi (Closes: #129480) -- Javier Fernandez-Sanguino Pen~a Wed, 16 Jan 2002 14:29:56 +0100 bastille (1:1.2.0-4) unstable; urgency=medium * Fixed API/Logging.pm (Closes: #123860) * Removed CVS directory from /usr/share/doc/ (Closes: #123890) * Fixed typo in README.Debian * Added proper dependencies for c-shell * Updated standards version * Added a if-then clause to remove the chkconfig errors if it is not available (Closes: #122193) -- Javier Fernandez-Sanguino Pen~a Tue, 15 Jan 2002 11:55:20 +0100 bastille (1:1.2.0-3) unstable; urgency=high * Changed setting of debian version in preparation for upcoming 3.0 release. Bastille know acknowledges woody existence (Closes: #123809) -- Javier Fernandez-Sanguino Pen~a Thu, 13 Dec 2001 14:23:31 +0100 bastille (1:1.2.0-2) unstable; urgency=low * Fixed Questions.txt so that bastille firewall is disabled in Debian (will not close 122193 bug, just retitle it and file it as wishlist) -- Javier Fernandez-Sanguino Pen~a Mon, 3 Dec 2001 14:59:57 +0100 bastille (1:1.2.0-1) unstable; urgency=low * New upstream version * Fixed Questions.txt so the tempdir feature is disabled in Debian (Closes: #114641) * Changed message when /etc/debian_version is not from a stable release. Added information on unstable support in README.Debian (Closes: #115300) * Applied patch submitted by Era Eriksson for manoages (Closes: #110775) * More verbose when Curses.pm, Gtk.pm or Tk.pm not found added info to README.Debian (Closes: #112572, #113013, #112626) * Added SuSE detection borrowed from Marc's Heuse harden-suse (TODO: add security hardening done here too...) * Used epochs since they forced me too with the rcXXX :( -- Javier Fernandez-Sanguino Pen~a Mon, 12 Nov 2001 22:49:33 +0100 bastille (1.2.0.rc6-3) unstable; urgency=low * Fixed final } in AutomatedBastille -- Javier Fernandez-Sanguino Pen~a Fri, 14 Sep 2001 23:58:26 +0200 bastille (1.2.0.rc6-2) unstable; urgency=low * Fixed menu entry (Closes: #110533) -- Javier Fernandez-Sanguino Pen~a Wed, 29 Aug 2001 15:50:15 +0200 bastille (1.2.0.rc6-1) unstable; urgency=low * Initial Release. * Beta-release for Debian configuration (not thoroughly tested to see that it works) * Changed API in order to recognise Debian * Modified PatchDownload in order to upgrade from security.debian.org * Added notes regarding process accounting (need to install acctlog) * Fixed some errors and warnings in the scripts which made them not run correctly * Wrote manpages for all binaries (InteractiveBastille, AutomatedBastille, UndoBastille, BastilleBackend, BastilleChooser) and for the package (Bastille) -- Javier Fernandez-Sanguino Pen~a Thu, 10 May 2001 11:42:29 +0200 Local variables: mode: debian-changelog End: