[tryton-debian-vcs] tryton-server branch debian-squeeze created. c4c7ecb8b0d574d8b101a514350e803e6347106c

Wed Nov 27 17:15:10 UTC 2013

The following commit has been merged in the debian-squeeze branch:
https://alioth.debian.org/plugins/scmgit/cgi-bin/gitweb.cgi/?p=tryton/tryton-server.git;a=commitdiff;h=c4c7ecb8b0d574d8b101a514350e803e6347106c
commit c4c7ecb8b0d574d8b101a514350e803e6347106c
Author: Mathias Behrle <mathiasb at m9s.biz>
Date:   Wed Feb 9 23:45:42 2011 +0100

    Enforcing stronger permissions on trytond.conf in postinst (Closes: #612644).

diff --git a/debian/tryton-server.README.Debian b/debian/tryton-server.README.Debian
index c5ad8c1..f35cb9e 100644
--- a/debian/tryton-server.README.Debian
+++ b/debian/tryton-server.README.Debian
@@ -70,8 +70,9 @@ Now, you're finished. Please be aware of the following things:
     Tryton Server).
 
   * trytond must have read access to its configuration file, otherwise it will
-    start with internal defaults. The postinst script will (re)set correct
-    permissions on the standard configuration file (0644 on /etc/tyond.conf).
+    start with internal defaults. The postinst script will (re)set ownership to
+    the system user running trytond and correct permissions on the standard
+    configuration file (0400 on /etc/tyond.conf).
 
   * trytond listens by default on port 8070 (netrpc). If you need to change
     this, edit /etc/trytond.conf and replace 'port = 8070' with
@@ -101,4 +102,4 @@ Now, you're finished. Please be aware of the following things:
 
   * Only the same major version of Tryton Client and Tryton server can connect.
 
- -- Mathias Behrle <mathiasb at mbsolutions.selfip.biz>  Sun, 09 May 2010 12:00:00 +0200
+ -- Mathias Behrle <mathiasb at m9s.biz>  Sun, 09 May 2010 12:00:00 +0200
diff --git a/debian/tryton-server.postinst b/debian/tryton-server.postinst
index 46b7108..04c7485 100644
--- a/debian/tryton-server.postinst
+++ b/debian/tryton-server.postinst
@@ -22,10 +22,11 @@ case "${1}" in
 		chown ${USER}:adm ${LOGFILE}
 		chmod 0640 ${LOGFILE}
 
-		# Setting permissions on configuration file
+		# Setting ownership and permissions on configuration file
 		# trytond uses internal defaults, if it cannot read the
 		# configuration file.
-		chmod 0644 ${CONFFILE}
+		chown ${USER}:${USER} ${CONFFILE}
+		chmod 0400 ${CONFFILE}
 
 		echo
 		echo "* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * *"
commit 45011557a7aa9706fdd0c41f37c345b83bdf655d
Author: Daniel Baumann <daniel at debian.org>
Date:   Sun Nov 21 11:15:27 2010 +0100

    Releasing debian version 1.6.1-2.

diff --git a/debian/changelog b/debian/changelog
index 6a508b4..e47ecf9 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,10 @@
+tryton-server (1.6.1-2) unstable; urgency=low
+
+  * Removing --remove-home from deluser call in postinst (Closes:
+    #604214).
+
+ -- Daniel Baumann <daniel at debian.org>  Sun, 21 Nov 2010 11:15:01 +0100
+
 tryton-server (1.6.1-1) unstable; urgency=low
 
   [ Daniel Baumann ]
commit 1f81056a2144fa3114d7c35201e1d3a9a9f38936
Author: Daniel Baumann <daniel at debian.org>
Date:   Sun Nov 21 11:14:02 2010 +0100

    Removing --remove-home from deluser call in postinst (Closes: #604214).

diff --git a/debian/tryton-server.postrm b/debian/tryton-server.postrm
index 6472dea..3c8aba8 100644
--- a/debian/tryton-server.postrm
+++ b/debian/tryton-server.postrm
@@ -9,7 +9,7 @@ case "${1}" in
 		# Removing system user
 		if [ -x /usr/sbin/deluser ]
 		then
-			deluser --quiet --system --remove-home ${USER}
+			deluser --quiet --system ${USER}
 		fi
 
 		# Removing log file
-- 
tryton-server

