[Logcheck-devel] newer logcheck-database file with wrong gid
Todd Troxell
ttroxell at debian.org
Wed Sep 14 19:08:21 UTC 2005
On Wed, Sep 14, 2005 at 08:58:47PM +0200, maximilian attems wrote:
> On Wed, 14 Sep 2005, Todd Troxell wrote:
>
> > On Wed, Sep 14, 2005 at 05:58:00PM +0200, maximilian attems wrote:
> > > On Sun, 29 May 2005, CVS User ttroxell wrote:
> <snipp>
> > > i'm repeatably beaten by that revert.
> > > do a simple: sudo find /etc/logcheck/ -gid 0
> > > and you won't be surprised. :-P
> > *nodnod*
>
> ok, so we'll fix it. ;)
>
> > > please name the paragraph in the policy you have in mind?
> >
> > Sorry, I was making things up. It would appear that It's not disallowed by
> > policy. The original complaint is in this archived report[0].
>
> fine for me.
>
> > > base-passwd states that packages should cope with dynamically allocated
> > > system users and groups.
> > > "packages should avoid requesting such ids"
> >
> > Hmm. We can add a conditional chown to dh_installlogcheck.
> > [The condition being whether or not we have a logcheck user yet.]
>
> agreed the getent passwd check can't harm.
>
> > It will also require yet another overwrite of all /etc/logcheck perms.
> >
> > [0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=287184;archive=yes
>
> afair the bug report was about our restrictive chmod setting.
> but i'll look up. yes it was.
> remember to speak on irc with the bug reporter telling me that he
> exports his /etc setting for an unpriveleged svn user.
I have a feeling the same argument would be raised about chown.
> the chown is need on every upgrade in my opinion, as every upgrade
> adds potentially a new logcheck-database rulefile.
Ahh! I had not considered *our* new files upon upgrading. Perhaps we also
should be using dh_installlogcheck in logcheck-database. Too much overhead?
--
Todd Troxell
http://rapidpacket.com/~xtat
More information about the Logcheck-devel
mailing list