Bug#818349: exim4-base: Still warns about purging the environment, even with add_environment set

Wed Mar 16 18:39:18 UTC 2016

On 2016-03-16 Ben Hutchings <ben at decadent.org.uk> wrote:
> Control: severity -1 serious
> Control: tag -1 moreinfo

> Upgrading severity.  I consider this release-critical because a package
> should never:

> 1. Send spurious error messages from its cron job
> 2. Recommend changing the configuration in a way that would undo a
> security fix

Hello,

the situation is this:

* Upstream made a change (cleaning the environment by default) that in
  their opinion could break existing systems. There is not a magic
  switch that can be thrown to fix this. The safe default value (empty
  environment) is exactly what causes the breakage. To point
  admininistrators of failing system in the right direction exim prints
  a warning when keep_environment is not set.

* Afaik the Debian config works fine with empty environment which is why
  we have added an explicit 'keep_environment=" to prevent the runtime
  warning.

* Otoh if you are running a custom configuration you will get
  the warning exactly as upstream has intended and you will need to
  decide whether you need to modify the environment. This also applies
  to configuration based on the Debian configuration. - You'll need to
  look at the configuration and decide whether modifying the runtime
  environment is necessary. (You'll get a dpkg confile prompt and need
  to merge the changes.)

* In addition there is an entry in exim4-config.NEWS.

I am basically out of bright ideas on how to improve things from here.
The whole thing is trade-off, on one side now some people get a warning
message without experincing real breakage, on the other side if I patched
out the warning message some people would just see a broken e-mail
service without the helpful hint. Being in doubt I trusted upstream's
choice.

See http://article.gmane.org/gmane.mail.exim.devel/9142 and following.

cu Andreas
-- 
`What a good friend you are to him, Dr. Maturin. His other friends are
so grateful to you.'
`I sew his ears on from time to time, sure'