diff options
author | Matthias Andree <mandree@FreeBSD.org> | 2020-04-25 22:41:21 +0000 |
---|---|---|
committer | Matthias Andree <mandree@FreeBSD.org> | 2020-04-25 22:41:21 +0000 |
commit | b337c05a031c2595e0a4d59d8c9f1b83fdcd806f (patch) | |
tree | 0eb1014af73c1ea985dd3ea2f4f2b9c10ac710bf /mail/mailman/files/patch-bin_check__perms | |
parent | Convert another 3 third-party modules to dynamic: (diff) |
mail/mailman: fix some permission issues, realign template policy
- tighten up permissions on install dirs even more, patching
bin/check_perms to not complain - fewer directories or files belong
in mailman's hand or need group write permissions.
- revert 2.1.30's "make templates samples" because the upstream has
always instead provided a templates/site dir here and warned users that
default templates will be overwritten on updates or reinstallation
https://wiki.list.org/DOC/4.48%20How%20can%20I%20change%20the%20HTML%20or%20.txt%20templates%20used%20by%20my%20mailing%20lists%3F
changed templates will be written to different directories, the site,
domain-specific or list-specific directory
- adjust pkg-plist such that a no-script install, a regular install
with post-install script run, and check_perms agree on permissions,
however with tighter write permissions than the default install,
as a security-in-depth safety precaution. [1]
- revise files/pkg-install.in accordingly
- boil down files/pkg-message.in texts a little bit
- bump PORTREVISION
PR: 245853
Reported by: manu@ (IRC) [1]
Notes
Notes:
svn path=/head/; revision=532983
Diffstat (limited to 'mail/mailman/files/patch-bin_check__perms')
-rw-r--r-- | mail/mailman/files/patch-bin_check__perms | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/mail/mailman/files/patch-bin_check__perms b/mail/mailman/files/patch-bin_check__perms index 0295e96d4faa..a0946b8ff9ed 100644 --- a/mail/mailman/files/patch-bin_check__perms +++ b/mail/mailman/files/patch-bin_check__perms @@ -7,19 +7,24 @@ permissions. -- Matthias Andree (mandree@FreeBSD.org, 2020-04-14) ---- bin/check_perms.orig 2020-04-13 17:08:14 UTC -+++ bin/check_perms -@@ -143,6 +143,9 @@ def checkwalk(arg, dirname, names): +--- bin/check_perms.orig 2020-04-13 19:08:14.000000000 +0200 ++++ bin/check_perms 2020-04-25 17:50:19.448831000 +0200 +@@ -143,6 +143,14 @@ def checkwalk(arg, dirname, names): elif (os.path.commonprefix((path, mm_cfg.QUEUE_DIR)) == mm_cfg.QUEUE_DIR): targetperms = QFILEPERMS -+ elif path == mm_cfg.PREFIX or '/messages' in path: ++ elif (path == mm_cfg.PREFIX or os.path.split(path)[1] in ++ ('archives', 'bin', 'cgi-bin', 'cron', 'icons', 'mail', 'scripts',) ++ or '/messages' in path ++ or '/templates' in path ++ or '/tests' in path ++ or '/Mailman' in path): + # don't require LC_MESSAGES to be group writable + targetperms = DIRPERMS & ~S_IWGRP & ~S_ISGID else: targetperms = DIRPERMS octperms = oct(targetperms) -@@ -195,7 +195,7 @@ +@@ -192,7 +200,7 @@ def checkall(): if e.errno <> errno.ENOENT: raise print C_('WARNING: directory does not exist: %(d)s') continue |