[pkg-fetchmail-maint] Bug in postinst

Loïc Minier lool+alioth at via.ecp.fr
Tue Nov 15 08:36:55 UTC 2005 

On Mon, Nov 14, 2005, Héctor García wrote:
> >  Well, the chmod is never going to run for new installs, and that's bad.
> Yes, it is. Look at the --no-create-home flag for adduser.

 I was probably a bit lost between your patches, please compare with the
 latest version in SVN which has my corrective changes applied.

> Well, I consider harmful to break anyones system when is really not
> needed and this is one case of that.

 What if the directory was created by a previous "adduser" stanza in the
 postinst (such as the current one in Debian), and never saw the
 permission change?  The current postinst in the public package forces
 the permissions exactly the same as the current SVN version.

 You see, there are _theoritical_ situations favoring both of our
 patches, I prefer taking no risk WRT security, but if you omit that, I
 have no preference between our versions.

> Well, it isn't creating the dir. Did you really read the patch I sended?
> It was your initial patch with 2 more flags for adduser.
> --disabled-password for obvious security reasons and --ingroup nogroup
> to force group.

 My very initial patch had these changes, wasn't applied, and hence I
 started fixing the version in SVN which has "--disabled-password", and
 "--ingroup nogroup".  The home part, I considered when sending my last
 round of fixes.


 Let's STOP loosing time with issues as stupid as these.  Let's be
 constructive and efficient: please have a look at the latest version in
 SVN, and explain what remaining issue there are.  I see:
 1/ the permission always overriden in postinst on this dir, but /var is
 not /etc, and I find it acceptable; I would call it safer
 2/ the fact that the home creation was kept under adduser, which is of
 no importance when the chmod is run unconditionally afterwards

 Let us know if you see more problems in the SVN version, and why these
 are actual problems (please distinguish regressions if possible).

   Bye,
-- 
Loïc Minier <lool at dooz.org>
"What do we want? BRAINS!    When do we want it? BRAINS!"

More information about the pkg-fetchmail-maint mailing list