Control: severity -1 normal
Control: tags -1 + patch
Andreas Beckmann writes ("Bug#1035361: sauce: Potentially dangerous mode on
/etc/logrotate.d/sauce: 0755"):
> While the package works fine after a fresh install in sid or bookworm,
> the issue is still present after an upgrade from bullseye to bookworm.
> File permissions of conffiles do net seem to get updated on upgrades,
> this needs to be fixed manually in the postinst, e.g. (untested)
>
> if dpkg --compare-versions "$2" lt-nl "0.9.3~"
> then
> chmod -v -x /etc/logrotate.d/sauce
> fi
Indeed.
However, I decided not to make that change so late in the freeze. I
didn't want to add a risk that the maintscript fregemnt would be
wrong (despite the testing I would naturally do).
Cribbing from my commit message:
This is a conffile, so old installs don't get the updated mode.
Ideally we would add something to the postinst to fix them but
that seems too complex at this stage of the Debian release cycle.
Users who are annoyed with the warning can change the mode by
hand.
I will probably do something like you suggest when sid has reopened,
for the benefit of downstreams with a different release cycle, users
skip-upgrading, etc.
I don't intend to prepare a stable update for bookworm myself. But
if, after I've done this fixup in sid, someone would like to drive
that, I would be happy to review the proposed update and lend my
support.
Thanks,
Ian.
--
Ian Jackson <ijack...@chiark.greenend.org.uk> These opinions are my own.
Pronouns: they/he. If I emailed you from @fyvzl.net or @evade.org.uk,
that is a private address which bypasses my fierce spamfilter.
