Bug#518102: marked as done (apticron: Please let the config files readable by everyone)

Mon, 09 Mar 2009 13:13:00 -0700 

Your message dated Mon, 09 Mar 2009 19:47:03 +0000
with message-id <[email protected]>
and subject line Bug#518102: fixed in apticron 1.1.29
has caused the Debian Bug report #518102,
regarding apticron: Please let the config files readable by everyone
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
518102: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=518102
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: apticron
Version: 1.1.27
Severity: minor


The patch included in 1.1.21 was wrong wrt config files
(/etc/cron.d/apticron, /etc/apticron/apticron.conf) permissions. Sorry
for that. Having config files (that don't contain sensitive data) not
readable by everyone is just a way to annoy people.
The simple patch proposed fix this for new installations, but doesn't
for upgrades. IMHO, the preferable (and simplest) way is to add a note
in NEWS.Debian explaining that the sysadmin could change the file
permissions by hand (including files in /var/lib/ucf/).


Thanks,
Gian Piero.

-- System Information:
Debian Release: 5.0
  APT prefers stable
  APT policy: (990, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/1 CPU core)
Locale: LANG=it_IT.UTF8, LC_CTYPE=it_IT.UTF8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages apticron depends on:
ii  apt                0.7.20.2              Advanced front-end for dpkg
ii  bsd-mailx          8.1.2-0.20071201cvs-3 A simple mail user agent
ii  cdebconf [debconf- 0.138lenny2           Debian Configuration Management Sy
ii  debconf [debconf-2 1.5.24                Debian configuration management sy
ii  ucf                3.0016                Update Configuration File: preserv

Versions of packages apticron recommends:
ii  apt-listchanges               2.83       package change history notificatio
ii  iproute                       20080725-2 networking and traffic control too

apticron suggests no packages.

-- debconf information:
* apticron/notification: apticron

Tue Mar  3 18:58:22 CET 2009  "Gian Piero Carrubba" <[email protected]>
  * Fix configuration files permissions for new installations.
  Ignore-this: 9519c232a52e8977ff7b858ed45309bf
diff -rN -u old-apticron-1.1.28+wip1/debian/postinst 
new-apticron-1.1.28+wip1/debian/postinst
--- old-apticron-1.1.28+wip1/debian/postinst    2009-03-03 22:04:01.000000000 
+0100
+++ new-apticron-1.1.28+wip1/debian/postinst    2009-03-03 22:04:02.000000000 
+0100
@@ -23,6 +23,7 @@
        fi
 
        tmpfile="$( mktemp -t apticron.conf.XXXXXXXXXX )"
+       chmod 0644 "$tmpfile"
 
        cat <<EOF > "$tmpfile"
 # apticron.conf
@@ -94,6 +95,7 @@
        fi
 
        tmpfile="$( mktemp -t apticron.crond.XXXXXXXXXX )"
+       chmod 0644 "$tmpfile"
 
        cat <<EOF >"$tmpfile"
 # cron entry for apticron

--- End Message ---
--- Begin Message --- 
Source: apticron
Source-Version: 1.1.29

We believe that the bug you reported is fixed in the latest version of
apticron, which is due to be installed in the Debian FTP archive:

apticron_1.1.29.dsc
  to pool/main/a/apticron/apticron_1.1.29.dsc
apticron_1.1.29.tar.gz
  to pool/main/a/apticron/apticron_1.1.29.tar.gz
apticron_1.1.29_all.deb
  to pool/main/a/apticron/apticron_1.1.29_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Tiago Bortoletto Vaz <[email protected]> (supplier of updated apticron 
package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.8
Date: Mon, 09 Mar 2009 15:31:08 -0400
Source: apticron
Binary: apticron
Architecture: source all
Version: 1.1.29
Distribution: unstable
Urgency: low
Maintainer: Tiago Bortoletto Vaz <[email protected]>
Changed-By: Tiago Bortoletto Vaz <[email protected]>
Description: 
 apticron   - simple tool to mail about pending package updates
Closes: 518102
Changes: 
 apticron (1.1.29) unstable; urgency=low
 .
   * Fix the unneeded strict permission in cronjob and conf files. Thanks to
     Gian Piero Carrubba. (Closes: #518102)
Checksums-Sha1: 
 53af426f2e99f1a23afc999568a4b547aba385fe 973 apticron_1.1.29.dsc
 ff24dbc30dac9e06b86fc6c145c817b3cc990ead 15786 apticron_1.1.29.tar.gz
 ebe7d5a81f2d5632bfcf32f8d0d0bcb5db841da2 15020 apticron_1.1.29_all.deb
Checksums-Sha256: 
 55c08c01bfc05781d3687d92a1f3ef33882807cd438688fddd22c1ba447e46b6 973 
apticron_1.1.29.dsc
 9c63eb04649b360c902613f7553e26eea0c80c39e3027dbbc29231aec93405a4 15786 
apticron_1.1.29.tar.gz
 58ec1cf137e634b6ccafa731ad5b89e06fc8ce0999fe65777f1061d379c95715 15020 
apticron_1.1.29_all.deb
Files: 
 72fbf5dfd265b1efc4736a17b079a91f 973 admin extra apticron_1.1.29.dsc
 b29af6d45e56a3319cf473bb5ffa75a2 15786 admin extra apticron_1.1.29.tar.gz
 ab42363b00a0357be3b7b6c3ca2227f0 15020 admin extra apticron_1.1.29_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iEYEARECAAYFAkm1b9kACgkQaQ1iFKUE/sqsfwCgmEzRCfAyhbaRXki18blFGDky
8ZIAnjK7Tll47E1qYfWBrRBnB16wHV+7
=aYXQ
-----END PGP SIGNATURE-----

--- End Message ---

Reply via email to