[SCM] Debian branch, master, updated. debian/1.2.2-3-25-ge9ee5ec

[Xavier Guimard]

The following commit has been merged in the master branch:
commit f6ade62ae16be5d2c51938ebc918f0eb5b4df983
Author: Xavier Guimard <x.guimard at free.fr>
Date:   Mon Apr 8 06:09:48 2013 +0200

    Use override_dh_fixperms only to fix permissions

diff --git a/debian/changelog b/debian/changelog
index 52b6b9f..1ac059c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,10 +4,6 @@ lemonldap-ng (1.2.3-1) UNRELEASED; urgency=low
   - lemonldap-ng-portal/example/skins/common/portal.js adds a chunk of code
     with the comment "Code from http://snipplr.com/view/29434/" - shouldn't
     that be properly documented with copyrightholder and license?
-  - override_dh_fixperms: yes, that was what I meant - but please also remove
-    the corresponding chown/chmod in liblemonldap-ng-conf-perl.postinst and
-    liblemonldap-ng-portal-perl.postinst (and perhaps adjust the comment in
-    debian/rules?)
   - lintian-overrides: please document in a comment at the top of the files
     (this will be shown by lintian along with the override) why these
     non-standard permissions are necessary (not just "for security reasons",
diff --git a/debian/liblemonldap-ng-conf-perl.postinst b/debian/liblemonldap-ng-conf-perl.postinst
index 47e450b..6354e82 100755
--- a/debian/liblemonldap-ng-conf-perl.postinst
+++ b/debian/liblemonldap-ng-conf-perl.postinst
@@ -13,14 +13,6 @@ MIGRATION=/usr/share/lemonldap-ng/bin/lmMigrateConfFiles2ini
 
 if [ "$1" == "configure" ]
 then
-    chown www-data:www-data $SESSIONSDIR $SESSIONSDIR/lock \
-                            $CONFSTORAGEDIR $FIRSTCONFFILE
-    chgrp www-data $LMINIFILE
-    chmod 770 $SESSIONSDIR $SESSIONSDIR/lock
-    chmod 750 $CONFSTORAGEDIR
-    chmod 640 $CONFSTORAGEDIR/*
-    chmod 640 $LMINIFILE
-
     for i in domain ldapServer ldapPort ldapBase managerDn managerPassword portal; do
         db_get liblemonldap-ng-conf-perl/$i || true
         perl -000 -i -pe "s#^$i(\\n\\s+)('?)[^\\n]*?('?)\$#$i\${1}\${2}$RET\${3}#m" $FIRSTCONFFILE
diff --git a/debian/liblemonldap-ng-portal-perl.postinst b/debian/liblemonldap-ng-portal-perl.postinst
index c70d08f..d93f1d5 100644
--- a/debian/liblemonldap-ng-portal-perl.postinst
+++ b/debian/liblemonldap-ng-portal-perl.postinst
@@ -12,7 +12,6 @@ CAPTCHA_DIR=/var/lib/lemonldap-ng/portal/captcha_output
 if [ "$1" == "configure" ]
 then
 	$BUILDPORTALWSDL > $WSDLFILE || true
-	chown www-data:www-data $CAPTCHA_DIR
 fi
 
 # Maintainer: #DEBHELPER#
diff --git a/debian/rules b/debian/rules
index b2cb1a1..a4949b6 100755
--- a/debian/rules
+++ b/debian/rules
@@ -51,7 +51,10 @@ override_dh_auto_install:
 override_dh_compress:
 	dh_compress -X favicon.ico
 
-# TO BE TESTED : lintian-overrides is it the only thing needed to hide perms warnings ?
+# Fix lemonldap-ng dirs permissions and owner since dh_fixperms change them:
+#  * global configuration dirs must be writable by www-data but not readable
+#    by all (also sessions, captcha,... dirs)
+#  * lemonldap-ng.ini must not be readable by all
 override_dh_fixperms:
 	dh_fixperms
 	chown www-data:www-data \

-- 
Debian