[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: logcheck: Permissions, dh_installlogcheck

This one time, at band camp, Todd Troxell said:
> I am thinking of changing the permissions in dh_installlogcheck from 600 to
> 644.

I am all in favor of it.  The only file that is otherwise unobtainable
is ignore.d.${level}/local, and that can be locally chmod'ed if the
admin feels strongly.  I see no reason to make publicly available files
locally hidden.

> The problem is that we cannot dh_installlogcheck with owner logcheck because
> the logcheck user is not guaranteed to exist.

I think in this case, world readable is OK.

> I don't like this solution, but it seems like the one with the smallest
> potentiality for breakage, and I suggest it because of the upcomming Debian
> release.  If we do end up doing this, we should probably work out something
> better post-sarge.
> Is there a better way?

If people feel strongly, a chown in postinst, after adduser, is probably
OK as well.  Again, though, I don't see the need for it.
|   ,''`.					     Stephen Gran |
|  : :' :					 sgran@debian.org |
|  `. `'			Debian user, admin, and developer |
|    `-					    http://www.debian.org |

Attachment: pgpiiDyjy_MbJ.pgp
Description: PGP signature

Reply to: