Version: 2.2.13-19 Hi,
thanks for catching that, I have further optimized the code in cyrus-imapd-2.4 to: find "$confdir" \( -not -user cyrus -or -not -group mail \) -execdir chown cyrus:mail '{}' \; find "$i" \( -not -user cyrus -or -not -group mail \) -execdir chown cyrus:mail '{}' \; find "$sievedir" \( -not -user cyrus -or -not -group mail \) -execdir chown cyrus:mail '{}' \; Anyway in cyrus-imapd-2.4 there's a code which runs this code only on new installs. I am afraid that oldstable will not receive this optimization, it's not security related. And squeeze has this optimization: if [ "$2" = "" ] || dpkg --compare-versions "$( echo $2 | cut -d- -f2)" lt "2.2.13" ; then cyrus-makedirs --cleansquat fi So it should not be run on upgrade from lenny to squeeze and I think I can close this bug for squeeze and sid. O. On Tue, Sep 27, 2011 at 13:32, Bas van Sisseren <b...@quarantainenet.nl> wrote: > Hello, > > It would help a lot to change these lines in /usr/sbin/cyrus-makedirs: > > (line 92) > find "$confdir" -print0 \( -not -user cyrus -or -not -group mail \) | xargs > -r -0 chown cyrus:mail > > (line 105) > find "$i" -print0 \( -not -user cyrus -or -not -group mail \) | xargs -r -0 > chown cyrus:mail > > (line 118) > find "$sievedir" -print0 \( -not -user cyrus -or -not -group mail \) | > xargs -r -0 chown cyrus:mail > > > into: > > (line 92) > find "$confdir" \( -not -user cyrus -or -not -group mail \) -print0 | xargs > -r -0 chown cyrus:mail > > (line 105) > find "$i" \( -not -user cyrus -or -not -group mail \) -print0 | xargs -r -0 > chown cyrus:mail > > (line 118) > find "$sievedir" \( -not -user cyrus -or -not -group mail \) -print0 | > xargs -r -0 chown cyrus:mail > > > This way the file is only chowned when the user/group is incorrect. With the > -print0 statement in the front, just all files are printed, user cyrus or > not.. > > If another security update will be released for oldstable, I would really > like this fix. Without the fix, the upgrade took me more than 1.5 hours > downtime. With the fix, this will probably be only 5 minutes. > > > Regards, > > Bas van Sisseren > > -- > Bas van Sisseren <b...@quarantainenet.nl> > Quarantainenet > > > > _______________________________________________ > Pkg-Cyrus-imapd-Debian-devel mailing list > Pkg-Cyrus-imapd-Debian-devel@lists.alioth.debian.org > http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-cyrus-imapd-debian-devel > -- Ondřej Surý <ond...@sury.org> _______________________________________________ Pkg-Cyrus-imapd-Debian-devel mailing list Pkg-Cyrus-imapd-Debian-devel@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-cyrus-imapd-debian-devel