[Pkg-sympa-devel] Bug#633084: sympa: dh_fixperms -X called with the link to the program, instead of the path to the program
Roberto Di Cosmo
roberto at dicosmo.org
Tue Aug 30 11:11:42 UTC 2011
Package: sympa
Severity: normal
In the package building process for sympa, it is necessary to maintain the setuid bits
for a certain number of files, more precisely
chmod 4755 /tmp/buildd/sympa-6.1.4~dfsg/debian/sympa//usr/lib/sympa/lib/sympa/queue
chmod 4755 /tmp/buildd/sympa-6.1.4~dfsg/debian/sympa//usr/lib/sympa/lib/sympa/bouncequeue
chmod 4755 /tmp/buildd/sympa-6.1.4~dfsg/debian/sympa//usr/lib/sympa/lib/sympa/familyqueue
chmod 4750 aliaswrapper /tmp/buildd/sympa-6.1.4~dfsg/debian/sympa//usr/lib/sympa/bin/aliaswrapper
chmod 4750 /tmp/buildd/sympa-6.1.4~dfsg/debian/sympa//usr/lib/sympa/bin/virtualwrapper
chmod 6755 /tmp/buildd/sympa-6.1.4~dfsg/debian/sympa//usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi
chmod 6755 /tmp/buildd/sympa-6.1.4~dfsg/debian/sympa//usr/lib/cgi-bin/sympa/sympa_soap_server-wrapper.fcgi
to achieve this result, the current package source usese -X options to dh_fixperms, as follows
dh_fixperms -psympa -X /usr/lib/sympa/bin/queue -X /usr/lib/sympa/bin/bouncequeue
unfortunately, the files /usr/lib/sympa/bin/queue and /usr/lib/sympa/bin/bouncequeue are just links to
/usr/lib/sympa/lib/sympa/queue and /usr/lib/sympa/lib/sympa/bouncequeue, so the setuid are not preserved
One should use
dh_fixperms -psympa -X /usr/lib/sympa/lib/sympa/bouncequeue -X /usr/lib/sympa/lib/sympa/queue \
-X /usr/lib/sympa/lib/sympa/familiqueue -X /usr/lib/sympa/bin/aliaswrapper \
-X /usr/lib/sympa/bin/virtualwrapper -X /usr/lib/cgi-bin/sympa/wwsympa-wrapper.fcgi \
-X /usr/lib/cgi-bin/sympa/sympa_soap_server-wrapper.fcgi
-- System Information:
Debian Release: 6.0.1
APT prefers testing
APT policy: (750, 'testing'), (700, 'stable'), (600, 'unstable'), (550, 'experimental'), (500, 'stable-updates')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.38-1-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8)
Shell: /bin/sh linked to /bin/dash
Versions of packages sympa depends on:
ii adduser 3.112+nmu2 add and remove users and groups
ii dbconfig-common 1.8.46+squeeze.0 common framework for packaging dat
ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy
ii exim4-daemon-light [mai 4.72-6 lightweight Exim MTA (v4) daemon
ii libarchive-zip-perl 1.30-4 Perl module for manipulation of ZI
ii libc6 2.13-10 Embedded GNU C Library: Shared lib
ii libcgi-fast-perl 5.12.4-4 CGI::Fast Perl module
ii libdbd-mysql-perl 4.019-1 Perl5 database interface to the My
ii libdbd-pg-perl 2.18.1-1 Perl DBI driver for the PostgreSQL
ii libdbd-sqlite3-perl 1.33-1 Perl DBI driver with a self-contai
ii libdbd-sybase-perl 1.00-3+b5 Sybase/MS SQL database driver for
ii libdbi-perl 1.616-1+b1 Perl Database Interface (DBI)
ii libfcgi-perl 0.73-1 helper module for FastCGI
ii libfile-copy-recursive- 0.38-1 Perl extension for recursively cop
ii libhtml-format-perl 2.04-2 format HTML syntax trees into text
ii libhtml-stripscripts-pa 1.03-1 module to filter scripts out of HT
ii libhtml-tree-perl 3.23-2 Perl module to represent and creat
ii libintl-perl 1.20-1 Uniforum message translations syst
ii libio-stringy-perl 2.110-4 Perl modules for IO from scalars a
ii libmailtools-perl 2.06-1 Manipulate email in perl programs
ii libmime-charset-perl 1.009.1-1 module for MIME character set info
ii libmime-encwords-perl 1.012.3-1 Perl interface to deal with RFC 20
ii libmime-lite-html-perl 1.23-1 Transform HTML page into MIME emai
ii libmime-tools-perl 5.428-1 Perl5 modules for MIME-compliant m
ii libmsgcat-perl 1.03-5+b1 Locale::Msgcat perl module
ii libnet-ldap-perl 1:0.4001-2 client interface to LDAP servers
ii libnet-netmask-perl 1.9015-4 parse, manipulate and lookup IP ne
ii libregexp-common-perl 2011041701-1 module with common regular express
ii libtemplate-perl 2.22-0.1+b1 template processing system written
ii libterm-progressbar-per 2.09-6 Perl module to print a progress ba
ii libunicode-linebreak-pe 0.0.20110501-1 UAX #14 Unicode Line Breaking Algo
ii libxml-libxml-perl 1.84+dfsg-1 Perl interface to the libxml2 libr
ii lsb-base 3.2-23.2squeeze1 Linux Standard Base 3.2 init scrip
ii mhonarc 2.6.18-1 Mail to HTML converter
ii perl 5.12.4-4 Larry Wall's Practical Extraction
ii perl-modules [libcgi-pm 5.12.4-4 Core Perl modules
ii rsyslog [system-log-dae 4.6.4-2 enhanced multi-threaded syslogd
ii sqlite3 3.7.7-2 Command line interface for SQLite
Versions of packages sympa recommends:
ii ca-certificates 20090814+nmu2 Common CA certificates
ii doc-base 0.10.2 utilities to manage online documen
ii libapache2-mod-fastcgi 2.4.6-1 Apache 2 FastCGI module for long-r
ii libcrypt-ciphersaber-per 0.61-4 Perl module implementing CipherSab
ii libfile-nfslock-perl 1.21-1 perl module to do NFS (or not) loc
ii libio-socket-ssl-perl 1.33-1+squeeze1 Perl module implementing object or
ii libmail-dkim-perl 0.39-1 cryptographically identify the sen
ii libsoap-lite-perl 0.712-2 Perl implementation of a SOAP clie
ii locales 2.13-10 Embedded GNU C Library: National L
ii logrotate 3.7.8-6 Log rotation utility
ii mysql-server-5.1 [mysql- 5.1.49-3 MySQL database server binaries and
Versions of packages sympa suggests:
pn apache2 | httpd-cgi <none> (no description available)
pn libapache2-mod-fcgid <none> (no description available)
pn libauthcas-perl <none> (no description available)
pn libdbd-oracle-perl <none> (no description available)
pn libtext-linefold-perl <none> (no description available)
pn libtext-wrap-perl <none> (no description available)
ii openssl 0.9.8o-4squeeze1 Secure Socket Layer (SSL) binary a
More information about the Pkg-sympa-devel
mailing list