summaryrefslogtreecommitdiff
path: root/mail/mailman/files/patch-bin_check__perms
diff options
context:
space:
mode:
authorMatthias Andree <mandree@FreeBSD.org>2020-04-25 22:41:21 +0000
committerMatthias Andree <mandree@FreeBSD.org>2020-04-25 22:41:21 +0000
commitb337c05a031c2595e0a4d59d8c9f1b83fdcd806f (patch)
tree0eb1014af73c1ea985dd3ea2f4f2b9c10ac710bf /mail/mailman/files/patch-bin_check__perms
parentConvert another 3 third-party modules to dynamic: (diff)
mail/mailman: fix some permission issues, realign template policy
- tighten up permissions on install dirs even more, patching bin/check_perms to not complain - fewer directories or files belong in mailman's hand or need group write permissions. - revert 2.1.30's "make templates samples" because the upstream has always instead provided a templates/site dir here and warned users that default templates will be overwritten on updates or reinstallation https://wiki.list.org/DOC/4.48%20How%20can%20I%20change%20the%20HTML%20or%20.txt%20templates%20used%20by%20my%20mailing%20lists%3F changed templates will be written to different directories, the site, domain-specific or list-specific directory - adjust pkg-plist such that a no-script install, a regular install with post-install script run, and check_perms agree on permissions, however with tighter write permissions than the default install, as a security-in-depth safety precaution. [1] - revise files/pkg-install.in accordingly - boil down files/pkg-message.in texts a little bit - bump PORTREVISION PR: 245853 Reported by: manu@ (IRC) [1]
Notes
Notes: svn path=/head/; revision=532983
Diffstat (limited to 'mail/mailman/files/patch-bin_check__perms')
-rw-r--r--mail/mailman/files/patch-bin_check__perms15
1 files changed, 10 insertions, 5 deletions
diff --git a/mail/mailman/files/patch-bin_check__perms b/mail/mailman/files/patch-bin_check__perms
index 0295e96d4faa..a0946b8ff9ed 100644
--- a/mail/mailman/files/patch-bin_check__perms
+++ b/mail/mailman/files/patch-bin_check__perms
@@ -7,19 +7,24 @@ permissions.
-- Matthias Andree (mandree@FreeBSD.org, 2020-04-14)
---- bin/check_perms.orig 2020-04-13 17:08:14 UTC
-+++ bin/check_perms
-@@ -143,6 +143,9 @@ def checkwalk(arg, dirname, names):
+--- bin/check_perms.orig 2020-04-13 19:08:14.000000000 +0200
++++ bin/check_perms 2020-04-25 17:50:19.448831000 +0200
+@@ -143,6 +143,14 @@ def checkwalk(arg, dirname, names):
elif (os.path.commonprefix((path, mm_cfg.QUEUE_DIR))
== mm_cfg.QUEUE_DIR):
targetperms = QFILEPERMS
-+ elif path == mm_cfg.PREFIX or '/messages' in path:
++ elif (path == mm_cfg.PREFIX or os.path.split(path)[1] in
++ ('archives', 'bin', 'cgi-bin', 'cron', 'icons', 'mail', 'scripts',)
++ or '/messages' in path
++ or '/templates' in path
++ or '/tests' in path
++ or '/Mailman' in path):
+ # don't require LC_MESSAGES to be group writable
+ targetperms = DIRPERMS & ~S_IWGRP & ~S_ISGID
else:
targetperms = DIRPERMS
octperms = oct(targetperms)
-@@ -195,7 +195,7 @@
+@@ -192,7 +200,7 @@ def checkall():
if e.errno <> errno.ENOENT: raise
print C_('WARNING: directory does not exist: %(d)s')
continue