Package: ferm
Version: 2.2-2
Severity: normal
Tags: patch
Hi formorer,
the ferm package sets mode/group and owner of the /etc/ferm directory on
each package configuration / update, thus overwriting user changes such
as making that directory world readable:
| cat /var/lib/dpkg/info/ferm.postinst
| #!/bin/sh
[..]
| if [ "$action" = configure ]; then
[..]
Wrapping the last part with this if-statement should fix this:
if ! dpkg-statoverride --list /etc/ferm > /dev/null 2>&1; then
-- System Information:
Debian Release: jessie/sid
APT prefers testing
APT policy: (500, 'testing'), (99, 'unstable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.14-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
diff -ur ferm-2.2.orig/debian/ferm.postinst ferm-2.2/debian/ferm.postinst
--- ferm-2.2.orig/debian/ferm.postinst 2014-06-25 17:52:44.000000000 +0200
+++ ferm-2.2/debian/ferm.postinst 2014-06-25 17:54:35.695279179 +0200
@@ -39,10 +39,12 @@
grep -Eq '^ *ENABLED=' /etc/default/ferm || \
echo "ENABLED=\"$VALUE\"" >> /etc/default/ferm
- # make the firewall configuration readable only by root and group adm
- if [ -d /etc/ferm ]; then
- chown -R root:adm /etc/ferm
- chmod 2750 /etc/ferm
+ if ! dpkg-statoverride --list /etc/ferm > /dev/null 2>&1; then
+ # make the firewall configuration readable only by root and group adm
+ if [ -d /etc/ferm ]; then
+ chown -R root:adm /etc/ferm
+ chmod 2750 /etc/ferm
+ fi
fi
fi
