[Pkg-dspam-commits] [SCM] Debian packages for the DSPAM anti-spam filter branch, master, updated. debian/3.9.1_rc1+git20110312.9a9050f+dfsg-2-8-g76b9618

Julien Valroff julien at kirya.net
Mon Apr 25 18:24:36 UTC 2011 

The following commit has been merged in the master branch:
commit 76b9618d7f214cff2f7561392d2954e4e1d20c19
Author: Julien Valroff <julien at kirya.net>
Date:   Mon Apr 25 20:24:27 2011 +0200

    setgid all dspam_* tools

diff --git a/debian/changelog b/debian/changelog
index 18939ef..7275111 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -2,12 +2,14 @@ dspam (3.9.1~rc1+git20110419.29261fb+dfsg-1) experimental; urgency=low
 
   [ Julien Valroff ]
   * New git snapshot
+  * Install all dspam_* tools setgid so that they can be used by standard
+    users
 
   [ Thomas Preud'homme ]
   * Fix permissions on dspam_stats and missing opt-{in,out} directories
     (Closes: #394443)
 
- -- Thomas Preud'homme <robotux at celest.fr>  Sun, 24 Apr 2011 18:59:39 +0200
+ -- Julien Valroff <julien at debian.org>  Mon, 25 Apr 2011 09:29:59 +0200
 
 dspam (3.9.1~rc1+git20110312.9a9050f+dfsg-2) experimental; urgency=low
 
diff --git a/debian/dspam.postinst b/debian/dspam.postinst
index 42fcb06..d6cb17e 100644
--- a/debian/dspam.postinst
+++ b/debian/dspam.postinst
@@ -6,58 +6,42 @@ set_dspam_perms() {
 
     # If you add any other permission/ownership tweaks here, then
     # remember to add a corresponding remove operation to the
-    # remove_dspam_perms() function, below
-
-    # Database password info is contained in dspam.conf
-    if ! dpkg-statoverride --list /etc/dspam/dspam.conf >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 0640 /etc/dspam/dspam.conf
-    fi
-
-    if ! dpkg-statoverride --list /etc/dspam/dspam.d/hash.conf >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 0640 /etc/dspam/dspam.d/hash.conf
-    fi
-
-    if ! dpkg-statoverride --list /etc/dspam/dspam.d/extlookup.conf >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 0640 /etc/dspam/dspam.d/extlookup.conf
-    fi
-
-    if ! dpkg-statoverride --list /usr/bin/dspam >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 2755 /usr/bin/dspam
-    fi
-
-    if ! dpkg-statoverride --list /usr/bin/dspamc >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 2755 /usr/bin/dspamc
-    fi
-
-    if ! dpkg-statoverride --list /usr/bin/dspam_stats >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 2755 /usr/bin/dspam_stats
-    fi
-
-    if ! dpkg-statoverride --list /var/spool/dspam >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 0770 /var/spool/dspam
-    fi
-
-    if ! dpkg-statoverride --list /var/spool/dspam/data >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 0770 /var/spool/dspam/data
-    fi
-
-    if ! dpkg-statoverride --list /var/spool/dspam/opt-in >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 0770 /var/spool/dspam/opt-in
-    fi
-
-    if ! dpkg-statoverride --list /var/spool/dspam/opt-out >/dev/null
-    then
-      dpkg-statoverride --update --add dspam dspam 0770 /var/spool/dspam/opt-out
-    fi
+    # dspam.postinst
+
+    # Database password info is contained in dspam.conf and other conffiles
+    for config_file in dspam.conf dspam.d/hash.conf dspam.d/extlookup.conf ; do
+        if ! dpkg-statoverride --list /etc/dspam/$config_file >/dev/null
+        then
+            dpkg-statoverride --update --add dspam dspam 0640 /etc/dspam/$config_file
+        fi
+    done
+
+    # dspam & dspamc need to be setgid
+    for agent in dspam dspamc ; do
+        if ! dpkg-statoverride --list /usr/bin/$agent >/dev/null
+            then
+                dpkg-statoverride --update --add dspam dspam 2755 /usr/bin/$agent
+        fi
+    done
+
+    # so as tools (standard users can then use them provided DSPAM doesn't use
+    # virtual users)
+    for tool in dspam_2sql dspam_admin dspam_clean dspam_crc dspam_dump \
+        dspam_merge dspam_stats dspam_train ; do
+        if ! dpkg-statoverride --list /usr/bin/$tool >/dev/null
+            then
+                dpkg-statoverride --update --add root dspam 2755 /usr/bin/$tool
+        fi
+    done
+
+    # Directories in /var/spool/dspam are made read-only as they contain private data
+    DSPAM_HOME="/var/spool/dspam"
+    for dir in $DSPAM_HOME $DSPAM_HOME/data $DSPAM_HOME/opt-in $DSPAM_HOME/opt-out ; do
+        if ! dpkg-statoverride --list dir >/dev/null
+        then
+            dpkg-statoverride --update --add dspam dspam 0770 dir
+        fi
+    done
 
     if ! dpkg-statoverride --list /etc/dspam/default.prefs >/dev/null
     then
diff --git a/debian/dspam.postrm b/debian/dspam.postrm
index bd8b8b3..d21bdcf 100644
--- a/debian/dspam.postrm
+++ b/debian/dspam.postrm
@@ -10,7 +10,14 @@ case "$1" in
             /etc/dspam/dspam.d/extlookup.conf \
             /usr/bin/dspam \
             /usr/bin/dspamc \
+            /usr/bin/dspam_2sql \
+            /usr/bin/dspam_admin \
+            /usr/bin/dspam_clean \
+            /usr/bin/dspam_crc \
+            /usr/bin/dspam_dump \
+            /usr/bin/dspam_merge \
             /usr/bin/dspam_stats \
+            /usr/bin/dspam_train \
             /var/spool/dspam \
             /var/spool/dspam/data \
             /var/spool/dspam/opt-in \

-- 
Debian packages for the DSPAM anti-spam filter

More information about the Pkg-dspam-commits mailing list