Bug#863553: opendkim: postinst should not rely on dpkg-statoverride for /var/run/opendkim

Sun, 28 May 2017 05:51:38 -0700 

Package: opendkim
Version: 2.11.0~alpha-10
Severity: normal

The ownership and permissions of /var/run/opendkim are determined in normal
operation by tmpfiles.d if you are running systemd or /etc/default/opendkim
if not.

        # Set ownership if the admin has not overriden it.
        if ! dpkg-statoverride --list /var/run/opendkim >/dev/null; then
                chown opendkim:opendkim /var/run/opendkim
        fi
        if ! dpkg-statoverride --list /etc/dkimkeys >/dev/null; then
                chown opendkim:opendkim /etc/dkimkeys
                chmod 0700 /etc/dkimkeys
        fi

But when the opendkim package is upgraded the above code from the postinst
causes the ownership to be set to opendkim:opendkim if the sysadmin hasn't
used dpkg-statoverride.

dpkg-statoverride --add opendkim postfix 750 /var/run/opendkim

It seems that a dpkg-statoverride comand like the above is required to get a
system to upgrade correctly when non-default permissions are used for that
directory.

I think that the problem is even worse with /etc/dkimkeys as there's no good
reason for the package to modify a directory under /etc anyway, it doesn't
go away on reboot!

-- System Information:
Debian Release: 9.0
  APT prefers testing
  APT policy: (500, 'testing')
Architecture: amd64
 (x86_64)

Kernel: Linux 4.9.0-3-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages opendkim depends on:
ii  adduser              3.115
ii  dns-root-data        2015052300+h+1
ii  init-system-helpers  1.48
ii  libbsd0              0.8.3-1
ii  libc6                2.24-10
ii  libdb5.3             5.3.28-12+b1
ii  libldap-2.4-2        2.4.44+dfsg-4+b1
ii  liblua5.1-0          5.1.5-8.1+b2
ii  libmemcached11       1.0.18-4.1
ii  libmemcachedutil2    1.0.18-4.1
ii  libmilter1.0.1       8.15.2-8
ii  libopendbx1          1.4.6-11+b1
ii  libopendkim11        2.11.0~alpha-10
ii  librbl1              2.11.0~alpha-10
ii  libssl1.1            1.1.0e-2
ii  libunbound2          1.6.0-3
ii  libvbr2              2.11.0~alpha-10
ii  lsb-base             9.20161125

opendkim recommends no packages.

Versions of packages opendkim suggests:
ii  opendkim-tools  2.11.0~alpha-10
pn  unbound         <none>

-- Configuration Files:
/etc/default/opendkim [Errno 2] No such file or directory: 
'/etc/default/opendkim'
/etc/opendkim.conf changed [not included]

-- no debconf information

-- debsums errors found:
debsums: changed file /usr/lib/tmpfiles.d/opendkim.conf (from opendkim package)

Reply via email to