Hello all: I'm using ispconfig 2 (2.2.40) on a debian 6.0.3 machine, and today i updated bind as per advisory cve-2011-tbd (i was hit by it), the problem is that the update is not complete, the log has the following messages: Configuring bind9 (1:9.7.3.dfsg-1~squeeze4) ... Stopping domain name service...: bind9 waiting for pid 24874 to die. Starting domain name service...: bind9. insserv: warning: script 'S99ispconfig_server' missing LSB tags and overrides insserv: warning: script 'ispconfig_server' missing LSB tags and overrides insserv: warning: script 'bastille-firewall' missing LSB tags and overrides insserv: There is a loop between service rmnologin and mountnfs if started insserv: loop involving service mountnfs at depth 8 insserv: loop involving service nfs-common at depth 7 insserv: There is a loop between service rmnologin and checkroot if started insserv: loop involving service checkroot at depth 5 insserv: loop involving service hostname at depth 4 insserv: Starting ispconfig_server depends on rmnologin and therefore on system facility `$all' which can not be true! (repeated 99 times) insserv: Max recursions depth 99 reached insserv: loop involving service quota at depth 12 insserv: There is a loop between service ispconfig_server and mountall if started insserv: loop involving service mountall at depth 8 insserv: loop involving service checkfs at depth 7 insserv: loop involving service mtab at depth 6 insserv: loop involving service module-init-tools at depth 6 insserv: There is a loop at service rmnologin if started insserv: There is a loop between service ispconfig_server and ifupdown-clean if started insserv: loop involving service ifupdown-clean at depth 6 insserv: There is a loop at service ispconfig_server if started insserv: There is a loop between service rmnologin and mountoverflowtmp if started insserv: loop involving service mountoverflowtmp at depth 1 insserv: loop involving service courier-pop-ssl at depth 13 insserv: loop involving service ispconfig_server at depth 1 insserv: loop involving service networking at depth 10 insserv: loop involving service mountall-bootclean at depth 1 insserv: exiting now without changing boot order! update-rc.d: error: insserv rejected the script header dpkg: error processing bind9 (--configure): the post-install script install subprocess returned error code 1 configured to not write apport reports There are errors processing: bind9 E: Sub-process /usr/bin/dpkg returned an error code (1) One package can't be installed. Trying recovering: And the message repeats. The service ispconfig-server was stopped and i've to restart it manually. Supposedly all is ok, but i can't confirm if the update was really installed or not, and i can't update any other package because the bind9 package is not completely installed. Is there's something i can do to manually solve this problem or is better just to discard all, and reinstall the entire server just in case?? Thanks in advance.
REPLACE: /etc/init.d/bastille-firewall WITH: Code: #!/bin/bash # ### BEGIN INIT INFO # Provides: bastille-firewall # Required-Start: $network # Required-Stop: $network # Default-Start: S # Default-Stop: 0 6 # Short-Description: Load/unload ipchains rulesets # Description: A firewall/packet-filter script for Linux systems # that allows the machine to be used as a gateway system ### END INIT INFO # # chkconfig: 2345 5 98 # # $Id: bastille-firewall,v 1.6 2002/02/24 17:19:14 peterw Exp $ # Copyright (c) 1999-2002 Peter Watkins # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA # # Thanks to David Ranch, Brad A, Don G, and others for their suggestions # # This script is designed to be used as a SysV-style init script. # # It should be run with a "start" argument # 1) as an rc?.d "S" script, _before_ the "network" script # [copy this to /etc/rc.d/init.d/bastille-firewall (or your equivalent of # /etc/rc.d/init.d) and run 'chkconfig -add bastille-firewall' ] # 2) any time an interface is brought up or changed, e.g. # establishing a PPP conection or renewing a DHCP lease # [copy 'bastille-firewall-reset', 'bastille-firewall-schedule' # and 'ifup-local' to /sbin/] # # Normally you Do Not _Ever_ Want to run this with a "stop" argument! # # Note that running this with "stop" will disable the firewall and open # your system to all network traffic; if you make changes to these rules, # apply them by running the script again with a "start" argument. # # ** As of 0.99-beta1, this script merely kicks off the real script, # either /sbin/bastille-ipchains or /sbin/bastille-netfilter # Default is to use the 'ipchains' script, which will load the # ipchains compatibility module if you're using a 2.4 kernel REALSCRIPT=/sbin/bastille-ipchains PATH=/sbin:/bin:/usr/sbin:/usr/bin # exit function to be called in place of regular Bourne exit clean_exit() { rmdir /var/lock/bastille-firewall 2>/dev/null exit $1 } [ ! -d /var/lock ] && mkdir -m 0755 /var/lock mkdir -m 0700 /var/lock/bastille-firewall 2>/dev/null if [ $? -ne 0 ]; then if [ -n "${BASTILLE_FWALL_QUIET_FAIL}" ]; then exit 0; fi echo "ERROR: bastille-firewall currently being reset or lock is stuck." echo "To un-stick, remove the directory /var/lock/bastille-firewall" exit 1 fi if [ -n "$(uname -r | awk -F. ' $1 == 2 && $2 > 2 {print}')" ]; then # We are using Linux 2.3 or newer; use the netfilter script if available if [ -x /sbin/bastille-netfilter ]; then REALSCRIPT=/sbin/bastille-netfilter fi fi if [ ! -x ${REALSCRIPT} ]; then echo "ERROR: \"${REALSCRIPT}\" not available!" clean_exit 1 fi ${REALSCRIPT} "$1" bretval=$? # Use "subsys" locks to indicate our status case "$1" in start|restart|reload) if [ $bretval -eq 0 ]; then touch /var/lock/subsys/bastille-firewall; fi ;; stop) rm -f /var/lock/subsys/bastille-firewall ;; esac clean_exit $bretval REPLACE: /etc/init.d/ispconfig_server WITH: Code: #!/bin/bash # ### BEGIN INIT INFO # Provides: ispconfig_server # Required-Start: $network $syslog # Required-Stop: $network # Default-Start: 2 3 5 # Default-Stop: 0 1 6 # Description: Start or stop the ISPConfig server ### END INIT INFO # ############################################################################### # Copyright (c) 2005, projektfarm Gmbh, Till Brehm, Falko Timme # All rights reserved. # # Redistribution and use in source and binary forms, with or without modification, # are permitted provided that the following conditions are met: # # * Redistributions of source code must retain the above copyright notice, # this list of conditions and the following disclaimer. # * Redistributions in binary form must reproduce the above copyright notice, # this list of conditions and the following disclaimer in the documentation # and/or other materials provided with the distribution. # * Neither the name of ISPConfig nor the names of its contributors # may be used to endorse or promote products derived from this software without # specific prior written permission. # # THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS IS" AND # ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED # WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. # IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, # INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, # BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, # DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY # OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING # NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, # EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. ############################################################################### ################################### # # ISPConfig Server-Startscript # ################################### TMPDIR=/tmp PATH=/sbin:/usr/sbin:/bin:/usr/bin:/usr/local/sbin:/usr/local/bin:/usr/X11R6/bin case "$1" in start) echo "Starting ISPConfig system..." /etc/init.d/mysqld start &> /dev/null /etc/init.d/mysql start &> /dev/null sleep 3 /root/ispconfig/httpd/bin/apachectl startssl /root/ispconfig/sv/ispconfig_wconf &> /dev/null & mkdir -p /var/lock/subsys /root/ispconfig/php/php -q /root/ispconfig/scripts/shell/firewall.php if ps ax | grep -iw '/home/admispconfig/ispconfig/tools/clamav/bin/freshclam' | grep -iv 'grep' &> /dev/null ;then echo "FreshClam is already running!" else /home/admispconfig/ispconfig/tools/clamav/bin/freshclam -d -c 10 --datadir=/home/admispconfig/ispconfig/tools/clamav/share/clamav fi echo "ISPConfig system is now up and running!" ;; stop) echo "Shutting down ISPConfig system..." array=(`ps ax | grep -iw '/root/ispconfig/sv/ispconfig_wconf' | grep -iv 'grep' | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`) element_count=${#array[@]} index=0 while [ "$index" -lt "$element_count" ] do kill -9 ${array[$index]} let "index = $index + 1" done /root/ispconfig/httpd/bin/apachectl stop array=(`ps ax | grep -iw '/home/admispconfig/ispconfig/tools/clamav/bin/freshclam' | grep -iv 'grep' | awk '{print $1}' | cut -f1 -d/ | tr '\n' ' '`) element_count=${#array[@]} index=0 while [ "$index" -lt "$element_count" ] do kill -9 ${array[$index]} let "index = $index + 1" done echo "ISPConfig system stopped!" ;; restart) $0 stop && sleep 3 $0 start # Remember status and be quiet ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 esac exit 0 Only valid for actual version!
