[Cipux-devel] Bug#694145: cipux-cat-web, libcipux-cat-web-perl: inconsistent permission handling of /etc/cipux-cat-web/
Andreas Beckmann
debian at abeckmann.de
Sat Nov 24 10:13:13 UTC 2012
Package: cipux-cat-web,libcipux-cat-web-perl
Version: 3.4.0.3-4
Severity: serious
User: debian-qa at lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package does not properly
manage /etc/cipux-cat-web/:
* libcipux-cat-web-perl creates it in the postinst and sets owner and
restricted permissions
* cipux-cat-web ships it with default permissions in the package
The following problems may occur:
* after purging cipux-cat-web /etc/cipux-cat-web/ is gone even if
libcipux-cat-web-perl is stll installed
* after purging and reinstalling cipux-cat-web the permissions are set
to defaults
# l /etc/cipux-cat-web/
total 8
drwxr-x--- 2 root www-data 80 Nov 24 09:51 .
drwxr-xr-x 40 root root 2140 Nov 24 09:51 ..
-rw-r--r-- 1 root root 452 May 4 2011 apache.conf
-rw-r--r-- 1 root root 450 May 4 2011 lighttpd.conf
# dpkg --purge cipux-cat-web
...
# apt-get install cipux-cat-web
...
# l /etc/cipux-cat-web/
total 8
drwxr-xr-x 2 root root 80 Nov 24 09:59 .
drwxr-xr-x 40 root root 2140 Nov 24 09:59 ..
-rw-r--r-- 1 root root 452 May 4 2011 apache.conf
-rw-r--r-- 1 root root 450 May 4 2011 lighttpd.conf
There may be more directories with similar problems as libcipux-cat-web-perl
creates more than just /etc/cipux-cat-web/
For consistency, the directory(-ies) should be shipped by all the
packages that need them. You can also ship directories with restricted
permissions being set, and shipping with a gifferent groups should work
as well (since www-data is a statically allocated uid/gid).
dpkg will take care of creation and removal (after the last referencing
package is removed).
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: cipux-cat-web_3.4.0.3-4.log.gz
Type: application/x-gzip
Size: 13011 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/cipux-devel/attachments/20121124/f8717221/attachment.bin>
More information about the Cipux-devel
mailing list