summaryrefslogtreecommitdiffstats
path: root/debian/patches/70_postfix-check.diff
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 12:06:34 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-27 12:06:34 +0000
commitee6407728fa3cc43b32f69e88a4e0a5d28dc5235 (patch)
tree4e907e01937587036a967edc4b7aea8ba6f5df6e /debian/patches/70_postfix-check.diff
parentAdding upstream version 3.5.24. (diff)
downloadpostfix-ee6407728fa3cc43b32f69e88a4e0a5d28dc5235.tar.xz
postfix-ee6407728fa3cc43b32f69e88a4e0a5d28dc5235.zip
Adding debian version 3.5.24-0+deb11u1.debian/3.5.24-0+deb11u1
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/70_postfix-check.diff')
-rw-r--r--debian/patches/70_postfix-check.diff23
1 files changed, 23 insertions, 0 deletions
diff --git a/debian/patches/70_postfix-check.diff b/debian/patches/70_postfix-check.diff
new file mode 100644
index 0000000..6d1951c
--- /dev/null
+++ b/debian/patches/70_postfix-check.diff
@@ -0,0 +1,23 @@
+Index: postfix/conf/postfix-script
+===================================================================
+--- postfix.orig/conf/postfix-script
++++ postfix/conf/postfix-script
+@@ -341,9 +341,17 @@ check-warn)
+ find $todo ! -user root \
+ -exec $WARN not owned by root: {} \;
+
+- find $todo \( -perm -020 -o -perm -002 \) \
++ # Handle symlinks separately
++ find -L $todo \( -perm -020 -o -perm -002 \) \
+ -exec $WARN group or other writable: {} \;
+
++ find $todo -type l | while read f; do \
++ # makedefs out known to be a symlink and OK
++ if [ "$f" != "/etc/postfix/./makedefs.out" ]; then \
++ readlink "$f" | grep -q / && $WARN symlink leaves directory: "$f"; \
++ fi \
++ done; \
++
+ # Check Postfix mail_owner-owned directory tree owner/permissions.
+
+ find $data_directory/. ! -user $mail_owner \