Package: radicale
Version: 0.7-1
Severity: important
Tags: patch

Currently, the package assumes the only way to run Radicale is as a
standalone server (which is wrong by itself), and for some reason the
directories for storing logs and data files are created at server's
startup, in its init script.

This is wrong for two reasons:
1) If Radicale is started by a web server, it's unusable as it
   tries to access its data and log directories, which do not
   exist as they are not created when the package is configured.
2) Only the /var/run directory is allowed to be transient,
   so it has to be re-created, if needed, at server's startup.
   The log and data directories are "stable" and hence should
   be managed by the postinst script.

These changes are required for Radicale to be useful when set up to be
run by a web server (via WSGI).

Another (minor but nagging) problem with the way this package sets the
log directory up is that it's not readable by the members of the `adm'
group which (by the policy) should have read access to the system logs.

The attached patch fixes all these problems.

-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: i386 (i686)

Kernel: Linux 3.2.0-3-686-pae (SMP w/1 CPU core)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages radicale depends on:
ii  python           2.7.3~rc2-1
pn  python-radicale  <none>

radicale recommends no packages.

radicale suggests no packages.
commit f4def11c19dd3dc2a332b417839eae980d626b0c
Author: Konstantin Khomoutov <[email protected]>
Date:   Wed Jul 18 22:30:01 2012 +0400

    Create log and data dirs when configuring package
    
    Also the log directory gets more sensible access permissions
    by allowing reading to the members of the `adm' group.

diff --git a/debian/radicale.init b/debian/radicale.init
index 92aabb3..f5eb92d 100755
--- a/debian/radicale.init
+++ b/debian/radicale.init
@@ -21,8 +21,6 @@ DAEMON_UID=radicale
 DAEMON_GID=radicale
 RUNDIR=/var/run/$NAME
 PIDFILE=$RUNDIR/$NAME.pid
-CALDIR=/var/lib/$NAME
-LOGDIR=/var/log/$NAME
 SCRIPTNAME=/etc/init.d/$NAME
 
 # Exit if the package is not installed
@@ -63,15 +61,11 @@ do_start()
 	#   1 if daemon was already running
 	#   2 if daemon could not be started
 
-	for dir in $RUNDIR $CALDIR $LOGDIR; do
-		if [ ! -d $dir ]; then
-			mkdir -p $dir
-		fi
-		if ! dpkg-statoverride --list $dir >/dev/null 2>&1; then
-			chown $DAEMON_UID:$DAEMON_GID $dir
-			chmod g-w,o-rwx $dir
-		fi
-	done
+	test -d $RUNDIR || mkdir -p $RUNDIR
+	if ! dpkg-statoverride --list $RUNDIR >/dev/null 2>&1; then
+		chown $DAEMON_UID:$DAEMON_GID $RUNDIR
+		chmod g-w,o-rwx $dir
+	fi
 
 	start-stop-daemon --start --quiet --pidfile $PIDFILE --startas $DAEMON \
 		--name $NAME --test > /dev/null \
diff --git a/debian/radicale.postinst b/debian/radicale.postinst
index 93d7596..fe8b1b6 100644
--- a/debian/radicale.postinst
+++ b/debian/radicale.postinst
@@ -8,6 +8,7 @@ ACCOUNTNAME=$NAME
 DAEMON_UID=$ACCOUNTNAME
 DAEMON_GID=$ACCOUNTNAME
 CALDIR=/var/lib/$NAME
+LOGDIR=/var/log/$NAME
 ACCOUNTHOME=$CALDIR
 GECOS="Radicale CalDAV server"
 
@@ -18,6 +19,16 @@ case "$1" in
 			--gecos "$GECOS" --group --disabled-password \
 			--quiet $ACCOUNTNAME
 	fi
+	test -d $CALDIR || mkdir -p $CALDIR
+	if ! dpkg-statoverride --list $CALDIR >/dev/null 2>&1; then
+		chown $DAEMON_UID:$DAEMON_GID $CALDIR
+		chmod 0750 $CALDIR
+	fi
+	test -d $LOGDIR || mkdir -p $LOGDIR
+	if ! dpkg-statoverride --list $LOGDIR >/dev/null 2>&1; then
+		chown $DAEMON_UID:adm $LOGDIR
+		chmod 2750 $LOGDIR
+	fi
 	;;
 esac
 

Reply via email to