Package: apt
Version: 0.8.10.3+squeeze1
Severity: normal
Hi,
Please respect the sys admin set perms for the files in /var/log/apt .
I set these perms so that they satisfy my own security requirements by
using cfengine. I maintain that it is not appropriate for apt to change
them whenever it runs, other than on initial install or re-install.
/var/log/apt/term.log had permission 600, changed it to 644
It appears that /var/log/history.log in not affected by this bug.
Thanks,
--
Jeffrey Sheinberg
-- Package-specific info:
-- apt-config dump --
APT ;
APT::Architecture i386;
APT::Build-Essential ;
APT::Build-Essential:: build-essential;
APT::Install-Recommends false;
APT::Install-Suggests false;
APT::Acquire ;
APT::Acquire::Translation environment;
APT::Authentication ;
APT::Authentication::TrustCDROM true;
APT::NeverAutoRemove ;
APT::NeverAutoRemove:: ^firmware-linux.*;
APT::NeverAutoRemove:: ^linux-firmware$;
APT::NeverAutoRemove:: ^linux-image.*;
APT::NeverAutoRemove:: ^kfreebsd-image.*;
APT::NeverAutoRemove:: ^linux-restricted-modules.*;
APT::NeverAutoRemove:: ^linux-ubuntu-modules-.*;
APT::Never-MarkAuto-Sections ;
APT::Never-MarkAuto-Sections:: metapackages;
APT::Never-MarkAuto-Sections:: restricted/metapackages;
APT::Never-MarkAuto-Sections:: universe/metapackages;
APT::Never-MarkAuto-Sections:: multiverse/metapackages;
APT::Never-MarkAuto-Sections:: oldlibs;
APT::Never-MarkAuto-Sections:: restricted/oldlibs;
APT::Never-MarkAuto-Sections:: universe/oldlibs;
APT::Never-MarkAuto-Sections:: multiverse/oldlibs;
APT::Clean-Installed off;
APT::Get ;
APT::Get::Show-Upgraded true;
APT::Get::List-Cleanup false;
APT::Default-Release ;
APT::Cache-Limit 3000;
APT::Periodic ;
APT::Periodic::Enable 0;
APT::Periodic::BackupArchiveInterval 0;
APT::Periodic::BackupLevel 0;
APT::Periodic::MaxAge 0;
APT::Periodic::MinAge 0;
APT::Periodic::MaxSize 0;
APT::Periodic::Update-Package-Lists 0;
APT::Periodic::Download-Upgradeable-Packages 0;
APT::Periodic::Download-Upgradeable-Packages-Debdelta 0;
APT::Periodic::Unattended-Upgrade 0;
APT::Periodic::AutocleanInterval 0;
APT::Periodic::Verbose 1;
Dir /;
Dir::State var/lib/apt/;
Dir::State::lists lists/;
Dir::State::cdroms cdroms.list;
Dir::State::mirrors mirrors/;
Dir::State::extended_states extended_states;
Dir::State::status /var/lib/dpkg/status;
Dir::Cache var/cache/apt/;
Dir::Cache::archives archives/;
Dir::Cache::srcpkgcache srcpkgcache.bin;
Dir::Cache::pkgcache pkgcache.bin;
Dir::Etc etc/apt/;
Dir::Etc::sourcelist sources.list;
Dir::Etc::sourceparts sources.list.d;
Dir::Etc::vendorlist vendors.list;
Dir::Etc::vendorparts vendors.list.d;
Dir::Etc::main apt.conf;
Dir::Etc::netrc auth.conf;
Dir::Etc::parts apt.conf.d;
Dir::Etc::preferences preferences;
Dir::Etc::preferencesparts preferences.d;
Dir::Etc::trusted trusted.gpg;
Dir::Etc::trustedparts trusted.gpg.d;
Dir::Bin ;
Dir::Bin::methods /usr/lib/apt/methods;
Dir::Bin::dpkg /usr/bin/dpkg;
Dir::Media ;
Dir::Media::MountPath /media/apt;
Dir::Log var/log/apt;
Dir::Log::Terminal term.log;
Dir::Log::History history.log;
Dir::Ignore-Files-Silently ;
Dir::Ignore-Files-Silently:: ~$;
Dir::Ignore-Files-Silently:: \.disabled$;
Dir::Ignore-Files-Silently:: \.bak$;
Dir::Ignore-Files-Silently:: \.dpkg-[a-z]+$;
DPkg ;
DPkg::Pre-Install-Pkgs ;
DPkg::Pre-Install-Pkgs:: /usr/bin/apt-listchanges --apt --headers || test $?
-ne 10;
DPkg::Pre-Install-Pkgs:: /usr/sbin/dpkg-preconfigure --apt || true;
DPkg::Tools ;
DPkg::Tools::Options ;
DPkg::Tools::Options::/usr/bin/apt-listchanges ;
DPkg::Tools::Options::/usr/bin/apt-listchanges::Version 2;
DPkg::Post-Invoke ;
DPkg::Post-Invoke:: if [ -x /usr/bin/debsums ]; then /usr/bin/debsums
--generate=nocheck -sp /var/cache/apt/archives; fi;
DPkg::Post-Invoke:: dtag=/etc/cron.daily/debtags; if test -x ${dtag}; then
${dtag}; fi; true;
DPkg::Post-Invoke:: if [ -x /usr/sbin/localepurge ] [ $(ps w -p $PPID |
grep -c remove) != 1 ]; then /usr/sbin/localepurge; else exit 0; fi;
DPkg::Post-Invoke:: dloc=/etc/cron.daily/dlocate; if test -x ${dloc}; then
${dloc}; fi; true;
DSelect ;
DSelect::Clean auto;
CommandLine ;
CommandLine::AsString apt-config dump;
-- /etc/apt/preferences --
# /etc/apt/preferences - see apt_preferences(5) for details.
#
# The following priorities apply to the target release, ie, the
# Default-Release, as specified in /etc/apt/apt.conf,
#
#100 : the installed version, if any
#500 : versions not installed that do not belong to the target release
#990 : versions not installed that belong to the target release
#
# If the target release has not been specified then APT simply assigns priority
# 100 to all installed package versions and priority 500 to all uninstalled
# package versions.
#
# Priority key table, (subject to APT's rules),
#
# P 1000 : install this version, even if it is a downgrade.
# 990 P = 1000 : install this version, even if it does not come from the
# target-release, unless the installed version is newer.
# 500 P =