Bug#867860: forensics-all should not hard-depend (if at all) on grr-server

Axel Beckert abe at debian.org
Sun Jul 9 23:55:54 UTC 2017

Package: forensics-all
Version: 1.6
Severity: important


the new forensics-all metapackage at version 1.6 pulls in
grr-server. grr-server is the server side of an incident response
framework. It is surely not meant for what forensics-all is meant
according to the package description:

> This package provides the core components for a forensics
> environment. […] This metapackage includes the most programs to data
> recovery, rootkit and exploit search, filesystems and memory
> analysis, image acquisition, volume inspection, special actions over
> the hardware and many other activities. […] This package is useful
> for pentesters, ethical hackers and forensics experts.

From my point of view, grr-server is surely wrong in this metapackage,
not only because of its purpose but also because such a metapackage
should never hard-depend on any packages which start daemons or server

Please either move the dependency on grr-server to one of the other
(maybe more fitting) forensic metapackages or at least downgrade the
dependency to a "Recommends" if not "Suggests".

Setting the severity to "important" as this makes this metapackage
more or less unusable, at least IMHO. (Feel free to downgrade if you

-- System Information:
Debian Release: buster/sid
  APT prefers unstable
  APT policy: (990, 'unstable'), (600, 'testing'), (500, 'unstable-debug'), (500, 'buildd-unstable'), (110, 'experimental'), (1, 'experimental-debug'), (1, 'buildd-experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 4.11.0-trunk-amd64 (SMP w/8 CPU cores)
Locale: LANG=C.UTF-8, LC_CTYPE=C.UTF-8 (charmap=UTF-8), LANGUAGE=C.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages forensics-all (1.5) depends on:
ii  aesfix                     1.0.1-5
ii  aeskeyfind                 1:1.0-4
ii  afflib-tools               3.7.15-1
ii  bruteforce-salted-openssl  1.3.3-1
ii  cewl                       5.3-1
ii  chaosreader                0.96-2
ii  crack-md5 [crack]          5.0a-11
ii  dc3dd                      7.2.646-1
ii  dislocker                  0.6.1-7
ii  ed2k-hash                  0.3.3+deb2-3
ii  ewf-tools                  20140608-6+b2
ii  exifprobe                  2.0.1-11
ii  ext3grep                   0.10.2-3+b1
ii  ext4magic                  0.3.2-7
ii  extundelete                0.2.4-1+b2
ii  fcrackzip                  1.0-8
ii  forensics-colorize         1.1-2
ii  galleta                    1.0+20040505-8
ii  gpart                      1:0.3-3
ii  grokevt                    0.4.1-10
ii  guymager                   0.8.3-1
ii  hashrat                    1.8.7+dfsg-2
ii  mac-robber                 1.02-5
ii  magicrescue                1.1.9-4
ii  memdump                    1.01-7+b1
ii  metacam                    1.2-9
ii  missidentify               1.0-8
ii  myrescue                   0.9.4-9
ii  nasty                      0.6-3
ii  outguess                   1:0.2-8
ii  pasco                      20040505-2
ii  pff-tools                  20120802-5+b2
ii  pipebench                  0.40-4
ii  plaso                      1.5.1+dfsg-3
ii  pompem                     0.2.0-2
ii  recoverdm                  0.20-4
ii  recoverjpeg                2.6.1-1
ii  reglookup                  1.0.1+svn287-6
ii  rekall-core                1.6.0+dfsg-2
ii  rephrase                   0.2-2
ii  rifiuti                    20040505-1
ii  rifiuti2                   0.6.1-5
ii  rkhunter                   1.4.4-1
ii  rsakeyfind                 1:1.0-4
ii  safecopy                   1.7-2
ii  scalpel                    1.60-4
ii  scrounge-ntfs              0.9-8
ii  shed                       1.15-3+b1
ii  sleuthkit                  4.4.0-5
ii  ssdeep                     2.13-3
ii  steghide                   0.5.1-12
ii  tableau-parm               0.2.0-4
ii  undbx                      0.21-1
ii  unhide                     20130526-1
ii  unhide.rb                  22-2
ii  vinetto                    1:0.07-7
ii  volatility                 2.6-1
ii  volatility-tools           2.6-1
ii  winregfs                   0.7-1
ii  wipe                       0.24-2
ii  yara                       3.6.2+dfsg-4

Versions of packages forensics-all recommends:
ii  hashdeep  4.4-4

Versions of packages forensics-all suggests:
pn  forensics-extra      <none>
pn  forensics-extra-gui  <none>
pn  forensics-full       <none>

-- no debconf information

More information about the forensics-devel mailing list