Bug#628913: exim4-base.postinst overrides admin-set permissions on /var/log/exim4

[Andreas Metzler]

bts forcemerge 617810 628913
thanks

On 2011-06-02 Philipp Kern <pkern at debian.org> wrote:
> Package: exim4-base
> Version: 4.69-9+lenny4
> Severity: normal

> [ /var/lib/dpkg/info/exim4-base.postinst ]
> | case "$1" in
> |   configure)
> [...]
> |         # Create directories for log etc
> |         # install also fixes permissions.
> |         install -d -oDebian-exim -gadm -m2750 /var/log/exim4

> This overrides any permissions the admin set for /var/log/exim4
> unconditionally and without a way through, say, dpkg-statoverride.
> I think it should check if the directory exists and it's writeable
> by Debian-exim, but that's about it.

> In my case I want that directoryto be 2755 or the group being list,
> but both would be overridden on the next update.

> Squeeze is likewise affected, didn't check unstable.
[...]

If you continue reading you'll find

--------------------
# honor dpkg-statoverride settings for files not managed with dpkg
for pat in /var/\*/exim4 /var/\*/exim4/\*; do
        [ $EX4DEBUG ] && eval echo "evaluate statoverride $pat"
        eval dpkg-statoverride --list $pat | while read USER GROUP MODE FILE; do
                [ $EX4DEBUG ] && echo "statoverride $USER $GROUP $MODE $FILE"
                chown ${USER}:${GROUP} $FILE
                chmod $MODE $FILE
        done
done
--------------------

The "reset perms and change back again" approach should be fixed,
though.

cu andreas