[arch-commits] Commit in ssmtp/trunk (PKGBUILD ssmtp.install)

David Runge dvzrv at archlinux.org
Mon Mar 12 22:07:37 UTC 2018 

    Date: Monday, March 12, 2018 @ 22:07:34
  Author: dvzrv
Revision: 306598

upgpkg: ssmtp 2.64-12

Updating permissions to allow access of mail group to /etc/ssmtp.
Removing sgid from /etc/ssmtp*. Making install file more generic and applying to all versions le 2.64-11.

Modified:
  ssmtp/trunk/PKGBUILD
  ssmtp/trunk/ssmtp.install

---------------+
 PKGBUILD      |   11 +++++++----
 ssmtp.install |    9 +++++++--
 2 files changed, 14 insertions(+), 6 deletions(-)

Modified: PKGBUILD
===================================================================
--- PKGBUILD	2018-03-12 22:02:10 UTC (rev 306597)
+++ PKGBUILD	2018-03-12 22:07:34 UTC (rev 306598)
@@ -3,7 +3,7 @@
 
 pkgname=ssmtp
 pkgver=2.64
-pkgrel=11
+pkgrel=12
 pkgdesc="Extremely simple MTA to get mail off the system to a mailhub"
 arch=('x86_64')
 license=('GPL')
@@ -59,9 +59,12 @@
 
   # set ownership and permissions for configuration and exectuables
   # FS#57787
-  chgrp -R mail "${pkgdir}/etc/${pkgname}" \
+  chgrp -cR mail "${pkgdir}/etc/${pkgname}" \
     "${pkgdir}/usr/bin/"{${pkgname},sendmail,newaliases,mailq}
-  chmod -R 640 "${pkgdir}/etc/${pkgname}"
+  # allow access to configuration folder
+  chmod -c 750 "${pkgdir}/etc/${pkgname}"
+  # allow only root:mail rw:r access to configurations
+  chmod -c 640 "${pkgdir}/etc/${pkgname}/"*
   # setgid executables
-  chmod 2755 "${pkgdir}/usr/bin/"{${pkgname},sendmail,newaliases,mailq}
+  chmod -c 2755 "${pkgdir}/usr/bin/"{${pkgname},sendmail,newaliases,mailq}
 }

Modified: ssmtp.install
===================================================================
--- ssmtp.install	2018-03-12 22:02:10 UTC (rev 306597)
+++ ssmtp.install	2018-03-12 22:07:34 UTC (rev 306598)
@@ -1,12 +1,17 @@
 post_upgrade() {
   # if upgrading from 2.64-9 or 2.64-11, make sure to set permissions and setgid
-  if [ $(vercmp $2 "2.64-9") -eq 0 ] || [ $(vercmp $2 "2.64-10") -eq 0 ]; then
+  if [ $(vercmp $2 "2.64-11") -le 0 ]; then
     # set ownership and permissions for configuration and exectuables
     # FS#57787
     echo "Running post_upgrade function to fix FS#57787"
     chgrp -cR mail /etc/ssmtp \
       /usr/bin/{ssmtp,sendmail,newaliases,mailq}
-    chmod -cR 640 /etc/ssmtp
+    # unset unneded sticky bit
+    chmod -cR g-s /etc/ssmtp
+    # allow access to directory
+    chmod -c 750 /etc/ssmtp
+    # allow only root:mail rw to configs
+    chmod -c 640 /etc/ssmtp/*
     # setgid executables
     chmod -c 2755 /usr/bin/{ssmtp,sendmail,newaliases,mailq}
   fi

More information about the arch-commits mailing list