Your message dated Tue, 11 Mar 2025 07:23:17 +0100
with message-id <[email protected]>
and subject line icingaweb2-common: please don't unconditionally re-add
www-data to icingaweb2 on upgrades
has caused the Debian Bug report #831787,
regarding icingaweb2-common: please don't unconditionally re-add www-data to
icingaweb2 on upgrades
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
831787: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=831787
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: icingaweb2-common
Version: git master
Severity: wishlist
Tags: security
Hi.
I've seen that with commit a7f069b24a2da4bd48f60899b252dfb32079edc6
the user www-data will be readded to the group icingaweb2
on every package configure, which AFAIU also includes updates.
Could you please either
- don't do this at all (since it's be no means sure that www-data
actually needs or should have access to icingaweb2 content)
or
- at least do it only once on the original installation?
This would make leave the setup with the mod_php SAPI continue to
work out of the box, while not interfering with the setups of
people which deliberately choose to remove www-data from icingaweb2.
This makes especially sense in order to not grant anything running in
the webserver's context access to the whole Icinga Web 2 configuration
which likely includes passwords to databases, or e.g. SSH keys.
Best wishes,
Chris.
--- End Message ---
--- Begin Message ---
tags 831787 wontfix
thanks
This happened yet and is unlikely to ever happen.
Kind Regards,
Bas
--
GPG Key ID: 4096R/6750F10AE88D4AF1
Fingerprint: 8182 DE41 7056 408D 6146 50D1 6750 F10A E88D 4AF1
--- End Message ---
