[Logcheck-devel] issue with permissions

[maks attems]

On Fri, 22 Oct 2004, maks attems wrote:

sorry my aboves was quite broken, better proposition (sort of diff):

> configure)
> 	# Add logcheck user
> 	if dpkg --compare-versions "$2" eq 1.2.19; then
> 		usermod -d /var/lib/logcheck logcheck >
> 		/dev/null 2>&1 || true
- 	elif dpkg --compare-versions "$2" gt 1.2.24; then
- 	else
+ 	elif ! dpkg --compare-versions "$2" gt 1.2.24; then
> 		adduser --quiet --system --no-create-home --group \
> 		--home /var/lib/logcheck logcheck || true
> 		adduser --quiet logcheck adm || true
> 	fi
> 	# Fix Permissions
- 	if dpkg --compare-versions "$2" gt 1.2.24; then
- 	else
+ 	if ! dpkg --compare-versions "$2" gt 1.2.24; then
> 		chown -R logcheck:logcheck /var/lib/logcheck || true
> 		chgrp -R logcheck /etc/logcheck || true
> 		chmod 750 /etc/logcheck/ignore.d.paranoid || true
> 		chmod 750 /etc/logcheck/ignore.d.workstation || true
> 		chmod 750 /etc/logcheck/ignore.d.server || true
> 		chmod 750 /etc/logcheck/cracking.d || true
> 		chmod 750 /etc/logcheck/cracking.ignore.d || true
> 		chmod 750 /etc/logcheck/violations.d || true
> 		chmod 750 /etc/logcheck/violations.ignore.d || true
> 		chmod -R g+rX /etc/logcheck || true
> 		# just in case 
> 		chown logcheck /var/lock/logcheck > /dev/null > 2>&1 > || true
> 	fi

but aboves is still bad logic as currently we have:
        if dpkg --compare-versions "$2" lt 1.2.24; then

and this works, so i'm still not pinpointing our bug
$ if  dpkg --compare-versions "" lt 1.2.24; then echo foo; fi
foo

so no idea where our bug resides.

what about changing our tactics and unconditionalize aboves permissions
fixes, is anyway a good idea for loca-foo files?

we might have problems if the user logcheck doesn't exist so.
so better check before:
if [ $(getent passwd logcheck | awk -F: '{print $1}') != "logcheck" ]; then
	# Add logcheck user
fi
 	# Fix Permissions


aboves survives quick dash testing.

a++ maks
	




--
maks