[SCM] Debian branch, master, updated. debian/1.2.2-3-25-ge9ee5ec
Xavier Guimard
x.guimard at free.fr
Thu Apr 11 04:58:53 UTC 2013
The following commit has been merged in the master branch:
commit f6ade62ae16be5d2c51938ebc918f0eb5b4df983
Author: Xavier Guimard <x.guimard at free.fr>
Date: Mon Apr 8 06:09:48 2013 +0200
Use override_dh_fixperms only to fix permissions
diff --git a/debian/changelog b/debian/changelog
index 52b6b9f..1ac059c 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -4,10 +4,6 @@ lemonldap-ng (1.2.3-1) UNRELEASED; urgency=low
- lemonldap-ng-portal/example/skins/common/portal.js adds a chunk of code
with the comment "Code from http://snipplr.com/view/29434/" - shouldn't
that be properly documented with copyrightholder and license?
- - override_dh_fixperms: yes, that was what I meant - but please also remove
- the corresponding chown/chmod in liblemonldap-ng-conf-perl.postinst and
- liblemonldap-ng-portal-perl.postinst (and perhaps adjust the comment in
- debian/rules?)
- lintian-overrides: please document in a comment at the top of the files
(this will be shown by lintian along with the override) why these
non-standard permissions are necessary (not just "for security reasons",
diff --git a/debian/liblemonldap-ng-conf-perl.postinst b/debian/liblemonldap-ng-conf-perl.postinst
index 47e450b..6354e82 100755
--- a/debian/liblemonldap-ng-conf-perl.postinst
+++ b/debian/liblemonldap-ng-conf-perl.postinst
@@ -13,14 +13,6 @@ MIGRATION=/usr/share/lemonldap-ng/bin/lmMigrateConfFiles2ini
if [ "$1" == "configure" ]
then
- chown www-data:www-data $SESSIONSDIR $SESSIONSDIR/lock \
- $CONFSTORAGEDIR $FIRSTCONFFILE
- chgrp www-data $LMINIFILE
- chmod 770 $SESSIONSDIR $SESSIONSDIR/lock
- chmod 750 $CONFSTORAGEDIR
- chmod 640 $CONFSTORAGEDIR/*
- chmod 640 $LMINIFILE
-
for i in domain ldapServer ldapPort ldapBase managerDn managerPassword portal; do
db_get liblemonldap-ng-conf-perl/$i || true
perl -000 -i -pe "s#^$i(\\n\\s+)('?)[^\\n]*?('?)\$#$i\${1}\${2}$RET\${3}#m" $FIRSTCONFFILE
diff --git a/debian/liblemonldap-ng-portal-perl.postinst b/debian/liblemonldap-ng-portal-perl.postinst
index c70d08f..d93f1d5 100644
--- a/debian/liblemonldap-ng-portal-perl.postinst
+++ b/debian/liblemonldap-ng-portal-perl.postinst
@@ -12,7 +12,6 @@ CAPTCHA_DIR=/var/lib/lemonldap-ng/portal/captcha_output
if [ "$1" == "configure" ]
then
$BUILDPORTALWSDL > $WSDLFILE || true
- chown www-data:www-data $CAPTCHA_DIR
fi
# Maintainer: #DEBHELPER#
diff --git a/debian/rules b/debian/rules
index b2cb1a1..a4949b6 100755
--- a/debian/rules
+++ b/debian/rules
@@ -51,7 +51,10 @@ override_dh_auto_install:
override_dh_compress:
dh_compress -X favicon.ico
-# TO BE TESTED : lintian-overrides is it the only thing needed to hide perms warnings ?
+# Fix lemonldap-ng dirs permissions and owner since dh_fixperms change them:
+# * global configuration dirs must be writable by www-data but not readable
+# by all (also sessions, captcha,... dirs)
+# * lemonldap-ng.ini must not be readable by all
override_dh_fixperms:
dh_fixperms
chown www-data:www-data \
--
Debian
More information about the Pkg-perl-cvs-commits
mailing list