Your message dated Wed, 16 Dec 2015 15:55:37 -0500
with message-id <[email protected]>
and subject line Re: Bug#808178: opendkim complains about directory permissions
that the sendmail package creates
has caused the Debian Bug report #808178,
regarding opendkim complains about directory permissions that the sendmail
package creates
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
808178: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=808178
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: opendkim
Version: 2.10.3-3+b1
Severity: normal
Dear Maintainer,
The sendmail package makes /etc/mail owned by `smmta`. Opendkim complains
about this:
Dec 16 11:20:04 [mymachine] opendkim[3373]: [mydomain]: key data is not secure:
/etc/mail is writeable and owned by uid 112 which is not the executing uid
(100) or the superuser
I'm currently "fixing" this by chowning /etc/mail to root.
But everytime the sendmail package upgrades it resets it back to smmta and
all my mail starts getting deferred again.
Since Debian is setting this to smmta, can we get a patch to opendkim so it
understands this is correct? It's frustrating to have 2 packages that butt
heads like this.
-David
-- System Information:
Debian Release: stretch/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 4.2.0-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages opendkim depends on:
ii adduser 3.113+nmu3
ii dns-root-data 2015052300+h+1
ii init-system-helpers 1.24
ii libbsd0 0.7.0-2
ii libc6 2.19-22
ii libdb5.3 5.3.28-11
ii libldap-2.4-2 2.4.42+dfsg-2
ii liblua5.1-0 5.1.5-8
ii libmemcached11 1.0.18-4.1
ii libmemcachedutil2 1.0.18-4.1
ii libmilter1.0.1 8.15.2-3
ii libopendbx1 1.4.6-9+b1
ii libopendkim10 2.10.3-3+b1
ii librbl1 2.10.3-3+b1
ii libssl1.0.2 1.0.2d-3
ii libunbound2 1.5.6-1
ii libvbr2 2.10.3-3+b1
ii lsb-base 9.20150917
opendkim recommends no packages.
Versions of packages opendkim suggests:
pn opendkim-tools <none>
pn unbound <none>
-- Configuration Files:
/etc/dkimkeys/README.PrivateKeys [Errno 13] Permission denied:
u'/etc/dkimkeys/README.PrivateKeys'
/etc/opendkim.conf changed [not included]
-- no debconf information
--- End Message ---
--- Begin Message ---
On December 16, 2015 3:10:03 PM EST, David Caldwell <[email protected]> wrote:
>Package: opendkim
>Version: 2.10.3-3+b1
>Severity: normal
>
>Dear Maintainer,
>
>The sendmail package makes /etc/mail owned by `smmta`. Opendkim
>complains
>about this:
>
>Dec 16 11:20:04 [mymachine] opendkim[3373]: [mydomain]: key data is not
>secure: /etc/mail is writeable and owned by uid 112 which is not the
>executing uid (100) or the superuser
>
>I'm currently "fixing" this by chowning /etc/mail to root.
>
>But everytime the sendmail package upgrades it resets it back to smmta
>and
>all my mail starts getting deferred again.
>
>Since Debian is setting this to smmta, can we get a patch to opendkim
>so it
>understands this is correct? It's frustrating to have 2 packages that
>butt
>heads like this.
Opendkim is operating as designed. In this case I'd recommend putting your
DKIM keys in a directory that isn't modified by sendmail. I don't think
sendmail creates that directory (I have it even though I use postfix), so I'm
not certain it's right that it changes the owned.
--- End Message ---
