Bug#946083: buster-pu: package opensmtpd/6.0.3p1-5

To: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Cc: 946083@bugs.debian.org
Subject: Bug#946083: buster-pu: package opensmtpd/6.0.3p1-5
From: Ryan Kavanagh <rak@debian.org>
Date: Sat, 21 Dec 2019 21:07:04 -0500
Message-id: <[🔎] 20191222020704.cnvx6xxisjjc3zy6@zeta.rak.ac>
Reply-to: Ryan Kavanagh <rak@debian.org>, 946083@bugs.debian.org
In-reply-to: <[🔎] 8fee7c055198a17cebc7a08d97577602326bf8d5.camel@adam-barratt.org.uk>
References: <[🔎] 20191203195752.y66wnrfviskkxjd5@zeta.rak.ac> <[🔎] 8fee7c055198a17cebc7a08d97577602326bf8d5.camel@adam-barratt.org.uk> <[🔎] 20191203195752.y66wnrfviskkxjd5@zeta.rak.ac>

Hi,

On Sun, Dec 08, 2019 at 08:43:17PM +0000, Adam D. Barratt wrote:
> Why is the dpkg-statoverride call using --force-all? It should only be
> executing if no existing override exists, unless I'm missing something.

You're right, it should not be used and I've dropped it from the patch.
In the process, I discovered another bug (the statoverride needs to be
removed before the group at purge time), which has since been fixed in
unstable. I've attached a revised debdiff.

Thanks,
Ryan

-- 
|)|/  Ryan Kavanagh      | GPG: 4E46 9519 ED67 7734 268F
|\|\  https://rak.ac     |      BD95 8F7B F8FC 4A11 C97A

diff --git a/debian/NEWS b/debian/NEWS
index c4355207..74cfa9e9 100644
--- a/debian/NEWS
+++ b/debian/NEWS
@@ -1,3 +1,28 @@
+opensmtpd (6.0.3p1-5+b10u1) buster; urgency=medium
+
+    There have been changes to the smtpd.conf file format[0] which may
+    require manual editing of your /etc/smtpd.conf file. Full details
+    may be found in the man page smtpd.conf(5). Quoting from the
+    "OpenBSD Upgrade Guide: 6.1 to 6.2" [0]:
+
+        The "secure" keyword is not valid anymore in "listen" directives
+        in smtpd.conf(5). Users are advised to replace existing
+        "listen secure" directives with two separate "tls" and "smtps"
+        listeners, i.e., a line like
+
+           listen on $iface secure pki $pki
+
+        has to be replaced with
+
+            listen on $iface tls pki $pki
+            listen on $iface smtps pki $pki
+
+        Relaying syntax is not affected by this change.
+
+    [0] https://www.openbsd.org/faq/upgrade62.html
+
+ -- Ryan Kavanagh <rak@debian.org>  Tue, 03 Dec 2019 12:11:02 -0500
+
 opensmtpd (5.4.1p1-1) unstable; urgency=medium
 
     There have been minor changes to the smtpd.conf file format[0] which
diff --git a/debian/changelog b/debian/changelog
index 0d54bf3b..92daa76e 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+opensmtpd (6.0.3p1-5+b10u1) buster; urgency=medium
+
+  * Warn users of change of smtpd.conf syntax (Closes: #944268)
+  * Install smtpctl setgid opensmtpq (Closes: #945910)
+
+ -- Ryan Kavanagh <rak@debian.org>  Sat, 21 Dec 2019 17:41:55 -0500
+
 opensmtpd (6.0.3p1-5) unstable; urgency=medium
 
   [ Ondřej Nový ]
diff --git a/debian/control b/debian/control
index 155615d5..231817fb 100644
--- a/debian/control
+++ b/debian/control
@@ -14,7 +14,7 @@ Build-Depends: debhelper (>= 11)
  , zlib1g-dev
 Standards-Version: 4.3.0
 Homepage: https://www.opensmtpd.org/
-Vcs-Git: https://salsa.debian.org/debian/opensmtpd.git -b debian/sid
+Vcs-Git: https://salsa.debian.org/debian/opensmtpd.git -b debian/buster
 Vcs-Browser: https://salsa.debian.org/debian/opensmtpd
 
 Package: opensmtpd
diff --git a/debian/gbp.conf b/debian/gbp.conf
index 9d1db0e4..f8489f25 100644
--- a/debian/gbp.conf
+++ b/debian/gbp.conf
@@ -1,5 +1,5 @@
 [DEFAULT]
 upstream-branch = upstream
-debian-branch = debian/sid
+debian-branch = debian/buster
 pristine-tar = True
 sign-tags = True
diff --git a/debian/postinst b/debian/postinst
index 9d7c9870..22dc979a 100644
--- a/debian/postinst
+++ b/debian/postinst
@@ -175,6 +175,13 @@ case "$1" in
                     --no-create-home --disabled-password \
                     --gecos "OpenSMTD queue user" \
                     --ingroup opensmtpq opensmtpq
+        # smtpctl needs to be setgid opensmtpq per
+        # https://github.com/OpenSMTPD/OpenSMTPD/commit/8bdce604
+        if ! dpkg-statoverride --list --quiet "/usr/sbin/smtpctl" >/dev/null;
+        then
+            dpkg-statoverride --quiet --update \
+                --add root opensmtpq 2755 "/usr/sbin/smtpctl"
+        fi
     ;;
 
     abort-upgrade|abort-remove|abort-deconfigure|reconfigure)
diff --git a/debian/postrm b/debian/postrm
index 3e9dd07f..b0452774 100644
--- a/debian/postrm
+++ b/debian/postrm
@@ -5,6 +5,18 @@ set -e
 case "$1" in
     purge)
 	rm -rf /var/spool/smtpd
+        # Remove the statoverride before the opensmtpq group.
+        # Otherwise, if users attempt to install the package after
+        # a purge, dpkg will abort with:
+        # > dpkg: unrecoverable fatal error, aborting:
+        # >  unknown system group 'opensmtpq' in statoverride file; the system
+        # > group got removed before the override, which is most probably a
+        # > packaging bug, to recover you can remove the override manually with
+        # > dpkg-statoverride
+        if dpkg-statoverride --list --quiet "/usr/sbin/smtpctl" >/dev/null;
+        then
+            dpkg-statoverride --quiet --remove "/usr/sbin/smtpctl"
+        fi
         for name in opensmtpd opensmtpq; do
             # By debian Policy §6.5, we may only rely on essential packages and
             # must fail gracefully if they are unavailable.

Attachment: signature.asc
Description: PGP signature

Reply to:

Follow-Ups:
- Bug#946083: buster-pu: package opensmtpd/6.0.3p1-5
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

References:
- Bug#946083: buster-pu: package opensmtpd/6.0.3p1-5
  - From: Ryan Kavanagh <rak@debian.org>
- Bug#946083: buster-pu: package opensmtpd/6.0.3p1-5
  - From: "Adam D. Barratt" <adam@adam-barratt.org.uk>

Prev by Date: Bug#946819: atril 1.20.3-1+deb10u1 flagged for acceptance
Next by Date: Bug#947161: transition: libwebsockets
Previous by thread: Bug#946083: buster-pu: package opensmtpd/6.0.3p1-5
Next by thread: Bug#946083: buster-pu: package opensmtpd/6.0.3p1-5
Index(es):
- Date
- Thread