Hi, On Sun, Dec 08, 2019 at 08:43:17PM +0000, Adam D. Barratt wrote: > Why is the dpkg-statoverride call using --force-all? It should only be > executing if no existing override exists, unless I'm missing something. You're right, it should not be used and I've dropped it from the patch. In the process, I discovered another bug (the statoverride needs to be removed before the group at purge time), which has since been fixed in unstable. I've attached a revised debdiff. Thanks, Ryan -- |)|/ Ryan Kavanagh | GPG: 4E46 9519 ED67 7734 268F |\|\ https://rak.ac | BD95 8F7B F8FC 4A11 C97A
diff --git a/debian/NEWS b/debian/NEWS index c4355207..74cfa9e9 100644 --- a/debian/NEWS +++ b/debian/NEWS @@ -1,3 +1,28 @@ +opensmtpd (6.0.3p1-5+b10u1) buster; urgency=medium + + There have been changes to the smtpd.conf file format[0] which may + require manual editing of your /etc/smtpd.conf file. Full details + may be found in the man page smtpd.conf(5). Quoting from the + "OpenBSD Upgrade Guide: 6.1 to 6.2" [0]: + + The "secure" keyword is not valid anymore in "listen" directives + in smtpd.conf(5). Users are advised to replace existing + "listen secure" directives with two separate "tls" and "smtps" + listeners, i.e., a line like + + listen on $iface secure pki $pki + + has to be replaced with + + listen on $iface tls pki $pki + listen on $iface smtps pki $pki + + Relaying syntax is not affected by this change. + + [0] https://www.openbsd.org/faq/upgrade62.html + + -- Ryan Kavanagh <rak@debian.org> Tue, 03 Dec 2019 12:11:02 -0500 + opensmtpd (5.4.1p1-1) unstable; urgency=medium There have been minor changes to the smtpd.conf file format[0] which diff --git a/debian/changelog b/debian/changelog index 0d54bf3b..92daa76e 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,10 @@ +opensmtpd (6.0.3p1-5+b10u1) buster; urgency=medium + + * Warn users of change of smtpd.conf syntax (Closes: #944268) + * Install smtpctl setgid opensmtpq (Closes: #945910) + + -- Ryan Kavanagh <rak@debian.org> Sat, 21 Dec 2019 17:41:55 -0500 + opensmtpd (6.0.3p1-5) unstable; urgency=medium [ Ondřej Nový ] diff --git a/debian/control b/debian/control index 155615d5..231817fb 100644 --- a/debian/control +++ b/debian/control @@ -14,7 +14,7 @@ Build-Depends: debhelper (>= 11) , zlib1g-dev Standards-Version: 4.3.0 Homepage: https://www.opensmtpd.org/ -Vcs-Git: https://salsa.debian.org/debian/opensmtpd.git -b debian/sid +Vcs-Git: https://salsa.debian.org/debian/opensmtpd.git -b debian/buster Vcs-Browser: https://salsa.debian.org/debian/opensmtpd Package: opensmtpd diff --git a/debian/gbp.conf b/debian/gbp.conf index 9d1db0e4..f8489f25 100644 --- a/debian/gbp.conf +++ b/debian/gbp.conf @@ -1,5 +1,5 @@ [DEFAULT] upstream-branch = upstream -debian-branch = debian/sid +debian-branch = debian/buster pristine-tar = True sign-tags = True diff --git a/debian/postinst b/debian/postinst index 9d7c9870..22dc979a 100644 --- a/debian/postinst +++ b/debian/postinst @@ -175,6 +175,13 @@ case "$1" in --no-create-home --disabled-password \ --gecos "OpenSMTD queue user" \ --ingroup opensmtpq opensmtpq + # smtpctl needs to be setgid opensmtpq per + # https://github.com/OpenSMTPD/OpenSMTPD/commit/8bdce604 + if ! dpkg-statoverride --list --quiet "/usr/sbin/smtpctl" >/dev/null; + then + dpkg-statoverride --quiet --update \ + --add root opensmtpq 2755 "/usr/sbin/smtpctl" + fi ;; abort-upgrade|abort-remove|abort-deconfigure|reconfigure) diff --git a/debian/postrm b/debian/postrm index 3e9dd07f..b0452774 100644 --- a/debian/postrm +++ b/debian/postrm @@ -5,6 +5,18 @@ set -e case "$1" in purge) rm -rf /var/spool/smtpd + # Remove the statoverride before the opensmtpq group. + # Otherwise, if users attempt to install the package after + # a purge, dpkg will abort with: + # > dpkg: unrecoverable fatal error, aborting: + # > unknown system group 'opensmtpq' in statoverride file; the system + # > group got removed before the override, which is most probably a + # > packaging bug, to recover you can remove the override manually with + # > dpkg-statoverride + if dpkg-statoverride --list --quiet "/usr/sbin/smtpctl" >/dev/null; + then + dpkg-statoverride --quiet --remove "/usr/sbin/smtpctl" + fi for name in opensmtpd opensmtpq; do # By debian Policy §6.5, we may only rely on essential packages and # must fail gracefully if they are unavailable.
Attachment:
signature.asc
Description: PGP signature