Your message dated Sun, 18 Sep 2011 10:23:37 +0200
with message-id <[email protected]>
and subject line Re: Bug#617810: exim4 postinst unconditionally trashes
permissions of log dir
has caused the Debian Bug report #617810,
regarding exim4-base.postinst overrides admin-set permissions on /var/log/exim4
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
617810: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=617810
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: exim4-base
Version: 4.69-9+lenny4
Severity: normal
[ /var/lib/dpkg/info/exim4-base.postinst ]
| case "$1" in
| configure)
[...]
| # Create directories for log etc
| # install also fixes permissions.
| install -d -oDebian-exim -gadm -m2750 /var/log/exim4
This overrides any permissions the admin set for /var/log/exim4 unconditionally
and without a way through, say, dpkg-statoverride. I think it should check
if the directory exists and it's writeable by Debian-exim, but that's about it.
In my case I want that directoryto be 2755 or the group being list, but both
would be overridden on the next update.
Squeeze is likewise affected, didn't check unstable.
-- System Information:
Debian Release: 5.0.8
APT prefers oldstable-proposed-updates
APT policy: (500, 'oldstable-proposed-updates'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-2-amd64 (SMP w/1 CPU core)
Locale: LANG=en_GB.UTF-8, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages exim4-base depends on:
ii adduser 3.110 add and remove users and groups
ii cron 3.0pl1-105 management of regular background p
ii debconf [debconf-2.0] 1.5.24 Debian configuration management sy
ii exim4-config [exim4-config 4.69-9+lenny4 configuration for the Exim MTA (v4
ii libc6 2.7-18lenny7 GNU C Library: Shared libraries
ii libdb4.6 4.6.21-11 Berkeley v4.6 Database Libraries [
ii lsb-base 3.2-20 Linux Standard Base 3.2 init scrip
ii netbase 4.34 Basic TCP/IP networking system
Versions of packages exim4-base recommends:
ii bsd-mailx [mailx] 8.1.2-0.20071201cvs-3 A simple mail user agent
ii perl-modules 5.10.0-19lenny3 Core Perl modules
ii psmisc 22.6-1 Utilities that use the proc filesy
Versions of packages exim4-base suggests:
ii bsd-mailx [mail-re 8.1.2-0.20071201cvs-3 A simple mail user agent
pn exim4-doc-html | e <none> (no description available)
pn eximon4 <none> (no description available)
ii file 4.26-1 Determines file type using "magic"
pn libmail-spf-query- <none> (no description available)
ii mutt [mail-reader] 1.5.18-6 text-based mailreader supporting M
ii openssl 0.9.8g-15+lenny11 Secure Socket Layer (SSL) binary a
ii swaks 0+20061116.0-2 SMTP command-line test tool
-- debconf information:
exim4/purge_spool: false
exim4-base/drec:
exim4/move_exim3_spool: false
--- End Message ---
--- Begin Message ---
On 2011-04-16 Andreas Metzler <[email protected]> wrote:
> On 2011-03-11 Ian Jackson <[email protected]> wrote:
> > Package: exim4-base
> > Version: 4.69-9+lenny4
> > Tags: patch
> > I just did the exim4 security update and it reset the permissions of
> > my /var/log/exim4 to 600, due to this in the postinst:
> > install -d -oDebian-exim -gadm -m2750 /var/log/exim4
> > On my system the policy is that the logs are supposed to be readable.
> > I suggest this patch, as a band-aid.
> [...]
> Hello,
> You should be able to use dpkg-statoverride to preserve the
> permissions, exim4-base's postinst should respect that.
Closing.
--- End Message ---
