[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#860913: marked as done (unblock: opensmtpd/6.0.2p1-2)

Your message dated Fri, 21 Apr 2017 19:44:00 +0000
with message-id <2b1dbd1e-b5e3-09c2-cdfc-0b3f578e4fb4@thykier.net>
and subject line Re: Bug#860913: unblock: opensmtpd/6.0.2p1-2
has caused the Debian Bug report #860913,
regarding unblock: opensmtpd/6.0.2p1-2
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
860913: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=860913
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message --- 
Package: release.debian.org
Severity: normal
User: release.debian.org@packages.debian.org
Usertags: unblock

Please unblock package opensmtpd

We used to ship the spool directory tree (until 6.0.2p1-2) for
opensmtpd, with custom permissions for various subdirectories. The
required permissions changed, and as a result, opensmtpd fails to start
and prints out an error message.

The solution is to not ship the spool directory tree: opensmtpd will
create it with the correct permissions if it doesn't exist. Because the
purge directory had incorrect permissions, we also delete it when
upgrading from old versions and let opensmtpd recreate it on its first
run. (Otherwise, opensmtpd would print an error message and exit.) This
is safe to do, even if the directory is not empty, because everything in
the purge directory is slated for deletion anyways.

This fixes bug #843978. A fix has been uploaded to unstable; a debdiff
against testing is attached.

Please let me know if there is anything else you would like me to do.

Best wishes,
Ryan

unblock opensmtpd/6.0.2p1-2

-- System Information:
Debian Release: 9.0
  APT prefers unstable-debug
  APT policy: (500, 'unstable-debug'), (500, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64
 (x86_64)
Foreign Architectures: i386

Kernel: Linux 4.9.0-2-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) (ignored: LC_ALL set to en_CA.UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

-- 
|_)|_/  Ryan Kavanagh      | GPG: 4E46 9519 ED67 7734 268F
| \| \  https://ryanak.ca/ |      BD95 8F7B F8FC 4A11 C97A

diff -Nru opensmtpd-6.0.2p1/debian/changelog opensmtpd-6.0.2p1/debian/changelog
--- opensmtpd-6.0.2p1/debian/changelog	2016-11-25 15:51:28.000000000 -0500
+++ opensmtpd-6.0.2p1/debian/changelog	2017-03-07 09:33:17.000000000 -0500
@@ -1,3 +1,12 @@
+opensmtpd (6.0.2p1-2) unstable; urgency=medium
+
+  * Let smtpd create its spool directory tree instead of shipping it.
+    This fixes errors regarding directories with incorrect owners.
+    Thanks to Harald Dunkel for a patch. (Closes: #843978)
+  * Actually remove the spool directory on purge.
+
+ -- Ryan Kavanagh <rak@debian.org>  Tue, 07 Mar 2017 09:33:17 -0500
+
 opensmtpd (6.0.2p1-1) unstable; urgency=medium
 
   * Added Brazilian Portuguese debconf templates translation (Closes: #829336)
diff -Nru opensmtpd-6.0.2p1/debian/dirs opensmtpd-6.0.2p1/debian/dirs
--- opensmtpd-6.0.2p1/debian/dirs	2016-11-06 10:21:34.000000000 -0500
+++ opensmtpd-6.0.2p1/debian/dirs	2017-03-07 09:33:17.000000000 -0500
@@ -1,4 +1 @@
 var/lib/opensmtpd/empty
-var/spool/smtpd
-var/spool/smtpd/offline
-var/spool/smtpd/purge
diff -Nru opensmtpd-6.0.2p1/debian/opensmtpd.lintian-overrides opensmtpd-6.0.2p1/debian/opensmtpd.lintian-overrides
--- opensmtpd-6.0.2p1/debian/opensmtpd.lintian-overrides	2016-11-23 13:42:28.000000000 -0500
+++ opensmtpd-6.0.2p1/debian/opensmtpd.lintian-overrides	2017-03-07 09:31:05.000000000 -0500
@@ -3,9 +3,6 @@
 opensmtpd: hyphen-used-as-minus-sign usr/share/man/man5/smtpd.conf.5.gz:570
 opensmtpd: hyphen-used-as-minus-sign usr/share/man/man8/smtpctl.8.gz:326
 opensmtpd: hyphen-used-as-minus-sign usr/share/man/man8/smtpd.8.gz:96
-opensmtpd: non-standard-dir-perm var/spool/smtpd/ 0711 != 0755
-opensmtpd: non-standard-dir-perm var/spool/smtpd/offline/ 1770 != 0755
-opensmtpd: non-standard-dir-perm var/spool/smtpd/purge/ 1700 != 0755
 # The mistake is in the license text
 opensmtpd: spelling-error-in-copyright GNU Public Licence GNU General Public License
 opensmtpd: spelling-error-in-copyright aheared adhered
diff -Nru opensmtpd-6.0.2p1/debian/postinst opensmtpd-6.0.2p1/debian/postinst
--- opensmtpd-6.0.2p1/debian/postinst	2016-11-06 10:21:34.000000000 -0500
+++ opensmtpd-6.0.2p1/debian/postinst	2017-03-07 09:33:17.000000000 -0500
@@ -175,9 +175,14 @@
                     --no-create-home --disabled-password \
                     --gecos "OpenSMTD queue user" \
                     --ingroup opensmtpq opensmtpq
-        chown root:opensmtpq /var/spool/smtpd/offline
-        chmod 770 /var/spool/smtpd/offline
-        chmod 700 /var/spool/smtpd/purge
+        if dpkg --compare-versions "$2" lt 6.0.2p1-2; then
+            # In versions < 6.0.2p1-2, the purge directory was created with
+            # permissions that won't work with versions >= 6.0.2p1. We can
+            # safely delete it: smtpd will recreate it for us when it starts if
+            # it's missing, and the purge directory only contains data that is
+            # slated for deletion.
+            rm -fr /var/spool/smtpd/purge || true
+        fi
     ;;
 
     abort-upgrade|abort-remove|abort-deconfigure|reconfigure)
diff -Nru opensmtpd-6.0.2p1/debian/postrm opensmtpd-6.0.2p1/debian/postrm
--- opensmtpd-6.0.2p1/debian/postrm	2016-11-06 10:21:34.000000000 -0500
+++ opensmtpd-6.0.2p1/debian/postrm	2017-03-07 09:33:17.000000000 -0500
@@ -4,7 +4,7 @@
 
 case "$1" in
     purge)
-	rm -rf /var/spool/opensmtpd
+	rm -rf /var/spool/smtpd
         for name in opensmtpd opensmtpq; do
             # By debian Policy §6.5, we may only rely on essential packages and
             # must fail gracefully if they are unavailable.
diff -Nru opensmtpd-6.0.2p1/debian/rules opensmtpd-6.0.2p1/debian/rules
--- opensmtpd-6.0.2p1/debian/rules	2016-11-25 15:51:28.000000000 -0500
+++ opensmtpd-6.0.2p1/debian/rules	2017-03-07 09:30:42.000000000 -0500
@@ -14,15 +14,6 @@
 	    --with-user-queue=opensmtpq \
 	    --with-user-smtpd=opensmtpd
 
-override_dh_fixperms:
-	dh_fixperms
-	chmod 711 debian/opensmtpd/var/spool/smtpd
-	# OpenSMTPD needs the offline mail queue (for messages sent locally,
-	# e.g., via /usr/sbin/sendmail) to be 1770
-	chmod 1770 debian/opensmtpd/var/spool/smtpd/offline
-	# OpenSMTPD requires the purge directory to be 700
-	chmod 1700 debian/opensmtpd/var/spool/smtpd/purge
-
 override_dh_auto_install:
 	dh_auto_install
 	rmdir debian/opensmtpd/usr/bin

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message --- 
Ryan Kavanagh:
> Package: release.debian.org
> Severity: normal
> User: release.debian.org@packages.debian.org
> Usertags: unblock
> 
> Please unblock package opensmtpd
> 
> We used to ship the spool directory tree (until 6.0.2p1-2) for
> opensmtpd, with custom permissions for various subdirectories. The
> required permissions changed, and as a result, opensmtpd fails to start
> and prints out an error message.
> 
> The solution is to not ship the spool directory tree: opensmtpd will
> create it with the correct permissions if it doesn't exist. Because the
> purge directory had incorrect permissions, we also delete it when
> upgrading from old versions and let opensmtpd recreate it on its first
> run. (Otherwise, opensmtpd would print an error message and exit.) This
> is safe to do, even if the directory is not empty, because everything in
> the purge directory is slated for deletion anyways.
> 
> This fixes bug #843978. A fix has been uploaded to unstable; a debdiff
> against testing is attached.
> 
> Please let me know if there is anything else you would like me to do.
> 
> Best wishes,
> Ryan
> 
> unblock opensmtpd/6.0.2p1-2
> 
> [...]

Unblocked, thanks.

~Niels

--- End Message ---
Reply to: