Package: apt
Version: 0.8.10.3+squeeze1
Severity: normal

Hi,

Please respect the sys admin set perms for the files in /var/log/apt .

I set these perms so that they satisfy my own security requirements by
using cfengine.  I maintain that it is not appropriate for apt to change
them whenever it runs, other than on initial install or re-install.

    /var/log/apt/term.log had permission 600, changed it to 644

It appears that /var/log/history.log in not affected by this bug.

Thanks,
--
Jeffrey Sheinberg

-- Package-specific info:

-- apt-config dump --

APT "";
APT::Architecture "i386";
APT::Build-Essential "";
APT::Build-Essential:: "build-essential";
APT::Install-Recommends "false";
APT::Install-Suggests "false";
APT::Acquire "";
APT::Acquire::Translation "environment";
APT::Authentication "";
APT::Authentication::TrustCDROM "true";
APT::NeverAutoRemove "";
APT::NeverAutoRemove:: "^firmware-linux.*";
APT::NeverAutoRemove:: "^linux-firmware$";
APT::NeverAutoRemove:: "^linux-image.*";
APT::NeverAutoRemove:: "^kfreebsd-image.*";
APT::NeverAutoRemove:: "^linux-restricted-modules.*";
APT::NeverAutoRemove:: "^linux-ubuntu-modules-.*";
APT::Never-MarkAuto-Sections "";
APT::Never-MarkAuto-Sections:: "metapackages";
APT::Never-MarkAuto-Sections:: "restricted/metapackages";
APT::Never-MarkAuto-Sections:: "universe/metapackages";
APT::Never-MarkAuto-Sections:: "multiverse/metapackages";
APT::Never-MarkAuto-Sections:: "oldlibs";
APT::Never-MarkAuto-Sections:: "restricted/oldlibs";
APT::Never-MarkAuto-Sections:: "universe/oldlibs";
APT::Never-MarkAuto-Sections:: "multiverse/oldlibs";
APT::Clean-Installed "off";
APT::Get "";
APT::Get::Show-Upgraded "true";
APT::Get::List-Cleanup "false";
APT::Default-Release "";
APT::Cache-Limit "30000000";
APT::Periodic "";
APT::Periodic::Enable "0";
APT::Periodic::BackupArchiveInterval "0";
APT::Periodic::BackupLevel "0";
APT::Periodic::MaxAge "0";
APT::Periodic::MinAge "0";
APT::Periodic::MaxSize "0";
APT::Periodic::Update-Package-Lists "0";
APT::Periodic::Download-Upgradeable-Packages "0";
APT::Periodic::Download-Upgradeable-Packages-Debdelta "0";
APT::Periodic::Unattended-Upgrade "0";
APT::Periodic::AutocleanInterval "0";
APT::Periodic::Verbose "1";
Dir "/";
Dir::State "var/lib/apt/";
Dir::State::lists "lists/";
Dir::State::cdroms "cdroms.list";
Dir::State::mirrors "mirrors/";
Dir::State::extended_states "extended_states";
Dir::State::status "/var/lib/dpkg/status";
Dir::Cache "var/cache/apt/";
Dir::Cache::archives "archives/";
Dir::Cache::srcpkgcache "srcpkgcache.bin";
Dir::Cache::pkgcache "pkgcache.bin";
Dir::Etc "etc/apt/";
Dir::Etc::sourcelist "sources.list";
Dir::Etc::sourceparts "sources.list.d";
Dir::Etc::vendorlist "vendors.list";
Dir::Etc::vendorparts "vendors.list.d";
Dir::Etc::main "apt.conf";
Dir::Etc::netrc "auth.conf";
Dir::Etc::parts "apt.conf.d";
Dir::Etc::preferences "preferences";
Dir::Etc::preferencesparts "preferences.d";
Dir::Etc::trusted "trusted.gpg";
Dir::Etc::trustedparts "trusted.gpg.d";
Dir::Bin "";
Dir::Bin::methods "/usr/lib/apt/methods";
Dir::Bin::dpkg "/usr/bin/dpkg";
Dir::Media "";
Dir::Media::MountPath "/media/apt";
Dir::Log "var/log/apt";
Dir::Log::Terminal "term.log";
Dir::Log::History "history.log";
Dir::Ignore-Files-Silently "";
Dir::Ignore-Files-Silently:: "~$";
Dir::Ignore-Files-Silently:: "\.disabled$";
Dir::Ignore-Files-Silently:: "\.bak$";
Dir::Ignore-Files-Silently:: "\.dpkg-[a-z]+$";
DPkg "";
DPkg::Pre-Install-Pkgs "";
DPkg::Pre-Install-Pkgs:: "/usr/bin/apt-listchanges --apt --headers || test $? 
-ne 10";
DPkg::Pre-Install-Pkgs:: "/usr/sbin/dpkg-preconfigure --apt || true";
DPkg::Tools "";
DPkg::Tools::Options "";
DPkg::Tools::Options::/usr/bin/apt-listchanges "";
DPkg::Tools::Options::/usr/bin/apt-listchanges::Version "2";
DPkg::Post-Invoke "";
DPkg::Post-Invoke:: "if [ -x /usr/bin/debsums ]; then /usr/bin/debsums 
--generate=nocheck -sp /var/cache/apt/archives; fi";
DPkg::Post-Invoke:: "dtag=/etc/cron.daily/debtags; if test -x ${dtag}; then 
${dtag}; fi; true";
DPkg::Post-Invoke:: "if [ -x /usr/sbin/localepurge ] && [ $(ps w -p $PPID | 
grep -c remove) != 1 ]; then /usr/sbin/localepurge; else exit 0; fi";
DPkg::Post-Invoke:: "dloc=/etc/cron.daily/dlocate; if test -x ${dloc}; then 
${dloc}; fi; true";
DSelect "";
DSelect::Clean "auto";
CommandLine "";
CommandLine::AsString "apt-config dump";

-- /etc/apt/preferences --

# /etc/apt/preferences - see apt_preferences(5) for details.
#
# The following priorities apply to the target release, ie, the
# "Default-Release", as specified in "/etc/apt/apt.conf",
#
#    100 : the installed version, if any
#    500 : versions not installed that do not belong to the target release
#    990 : versions not installed that belong to the target release
#
# If the target release has not been specified then APT simply assigns priority
# 100 to all installed package versions and priority 500 to all uninstalled
# package versions.
#
# Priority key table, (subject to APT's rules),
#
#       P >  1000 : install this version, even if it is a downgrade.
# 990 < P <= 1000 : install this version, even if it does not come from the
#                   target-release, unless the installed version is newer.
# 500 < P <=  990 : install this version, unless (there is a version available
#                   that comes from the target-release, or the installed
#                   version is newer).
# 100 < P <=  500 : install this version, unless (there is a version available
#                   from some other distro, or the installed version is newer).
#   0 < P <=  100 : install this version, only if the package is not installed.
#       P <     0 : prevents this version from being installed.
#
#
# For distro=squeeze as stable.
Package: *
Pin: release a=stable v=6.0*
Pin-Priority: 410
#
# For distro=wheezy as testing.
Package: *
Pin: release a=testing
Pin-Priority: 400
#
# For distro=sid as unstable.
Package: *
Pin: release a=unstable
Pin-Priority: 300
#
# No longer needed for distro=squeeze-backports and beyond,
# see "http://backports.debian.org/Instructions/"; for details.
Package: *
Pin: release a=lenny-backports
Pin-Priority: 200

-- /etc/apt/sources.list --

# /etc/apt/source.list - list of package sources for apt.
#
# See sources.list(5) for more information, especially
# Remember that you can only use http, ftp or file URIs
# CDROMs are managed through the apt-cdrom tool, though this may now be okay,
#       deb file:///cdrom/ sarge main
# Files are fetched in the order that the URIs are specified, top to bottom.
#
# ----------------------------------------------------------------------
# -- Edited in place by "apt-cdrom add" - do not edit by hand!
# --

# --
# -- Edited in place by "apt-cdrom add" - end of section.

# ----------------------------------------------------------------------
# ==== Built by "apt_gen_asl" shell function using,
#
#   stable   = squeeze
#   testing  = testing
#   unstable = unstable

# ----------------------------------------------------------------------
# ==== Local Repositories ====

# Kernel images.
#deb    file:/home/jsroot/kernel-compile/       ./

# Packages - built from *-src, or removed, or repacked.
deb     file:/home/jeff/debian/squeeze/         pkgs-squeeze/
#deb    file:/home/jeff/debian/testing/         pkgs-testing/

# ----------------------------------------------------------------------
# ==== Official Debian Repositories ====

#
# The _current_ "stable" release distro.
#
deb     http://ftp.us.debian.org/debian/ squeeze main contrib non-free
#deb-src http://ftp.us.debian.org/debian/ squeeze main contrib non-free

deb     http://security.debian.org/debian-security/ squeeze/updates main 
contrib non-free

# The opera "final" release from the Opera Packaging Team <packa...@opera.com>.
deb     http://deb.opera.com/opera/ squeeze non-free

# Get a head start on the next minor release.
deb     http://http.us.debian.org/debian/ squeeze-updates main contrib non-free
deb     http://http.us.debian.org/debian/ squeeze-proposed-updates main contrib 
non-free

# Backports are only relevant for a "testing" release relative to its
# corresponding "stable" release.
deb     http://backports.debian.org/debian-backports/ squeeze-backports main 
contrib non-free
#deb-src http://backports.debian.org/debian-backports/ squeeze-backports main 
contrib non-free
# The official mozilla "release" as backported by the Debian Mozilla APT team.
deb     http://mozilla.debian.net/ squeeze-backports icedove-release
deb     http://mozilla.debian.net/ squeeze-backports iceweasel-release
# Note - since we use "backports", rather than "backports-sloppy", it is not a
# problem when the "testing" distro morphs into "stable" at release time. 

#
# The _next_ "testing" release distro.
#
#deb     http://ftp.us.debian.org/debian/ testing main contrib non-free
#deb-src http://ftp.us.debian.org/debian/ testing main contrib non-free

#deb     http://security.debian.org/debian-security/ testing/updates main 
contrib non-free

# The opera "final" release from the Opera Packaging Team <packa...@opera.com>.
#deb     http://deb.opera.com/opera/ testing non-free

#
# The _permanent_ "unstable" release distro.
#
#deb     http://ftp.us.debian.org/debian/ unstable main contrib non-free
#deb-src http://ftp.us.debian.org/debian/ unstable main contrib non-free

#
# Instead of "ftp.us.debian.org" use "http.us.debian.org" for parallel d/l's.

# ----------------------------------------------------------------------
# ==== Other possible mirrors, these are known to be good... ====

#deb http://debian.mirror.iweb.ca/debian-backports/ distro-backports main 
contrib non-free
#deb http://debian.mirror.rafal.ca/debian-backports/ distro-backports main 
contrib non-free
#deb http://debian.cs.binghamton.edu/debian-backports/ distro-backports main 
contrib non-free
#deb http://mirror.mycre.ws/debian-backports/ distro-backports main contrib 
non-free
#deb http://backports.debian.org/debian-backports/ distro-backports main 
contrib non-free
#deb http://volatile.debian.net/debian-volatile/ distro/volatile main contrib 
non-free
#
#deb http://debian.crosslink.net/debian/ distro main contrib non-free
#deb http://http.us.debian.org/debian/ distro main contrib non-free
#deb http://ftp.us.debian.org/debian/ distro main contrib non-free
#deb http://debian.yorku.ca/debian/ distro main contrib non-free
#deb http://mirror.direct.ca/pub/linux/debian/ distro main contrib non-free
#deb  ftp://ftp3.nrc.ca/debian/ distro main contrib non-free
#deb  ftp://sunsite.ualberta.ca/debian/ distro main contrib non-free
#deb http://ftp.digex.net/pub/debian/ distro main contrib non-free

# ----------------------------------------------------------------------
# Note - The URI is used to locate the package index file, ie, "Packages"
#        for type "deb", and "Sources" for type "deb-src", while the
#        "Filename" reference within the "Packages" file is relative to
#        the URI.
#
#        In the following examples "distro" stands for, eg, "stable",
#        "testing", "sid", etc.
#
#deb    file:/home/jeff/debian/distro/          pkgs-distro/
# is ".../home/jeff/debian/distro/pkgs-distro/Packages", while the "Filename"
# reference in ".../Packages" is relative to ".../home/jeff/debian/distro/".
#
#deb    http://security.debian.org/debian-security/     distro/updates main
# is "...org/debian-security/dists/distro/updates/main/binary-$(ARCH)/Packages",
# while the "Filename" reference in ".../Packages" is relative to
# "...org/debian-security/".
#
#deb-src http://ftp.us.debian.org/debian/       distro main contrib non-free
# is "...org/debian/dists/distro/{main,contrib,non-free}/source/Sources".
#
#deb    file:/cdrom/debian/                     distro main
# is ".../cdrom/debian/dists/distro/main/binary-$(ARCH)/Packages".

# ----------------------------------------------------------------------
# /etc/apt/sources.list - end of file.

-- System Information:
Debian Release: 6.0.4
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'proposed-updates'), (500, 
'stable')
Architecture: i386 (x86_64)

Kernel: Linux 3.2.0-0.bpo.1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Shell: /bin/sh linked to /bin/dash

Versions of packages apt depends on:
ii  debian-archive-keyring  2010.08.28       GnuPG archive keys of the Debian a
ii  gnupg                   1.4.10-4         GNU privacy guard - a free PGP rep
ii  libc6                   2.11.3-3         Embedded GNU C Library: Shared lib
ii  libgcc1                 1:4.4.5-8        GCC support library
ii  libstdc++6              4.4.5-8          The GNU Standard C++ Library v3
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

apt recommends no packages.

Versions of packages apt suggests:
ii  apt-doc               0.8.10.3+squeeze1  Documentation for APT
ii  aptitude              0.6.3-3.2+squeeze1 terminal-based package manager (te
ii  bzip2                 1.0.5-6+squeeze1   high-quality block-sorting file co
ii  dpkg-dev              1.16.1.1~bpo60+2   Debian package development tools
ii  lzma                  4.43-14            Compression method of 7z format in
ii  python-apt            0.7.100.1+squeeze1 Python interface to libapt-pkg

-- no debconf information



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to