summaryrefslogtreecommitdiffstats
path: root/debian/patches/70_postfix-check.diff
diff options
context:
space:
mode:
Diffstat (limited to 'debian/patches/70_postfix-check.diff')
-rw-r--r--debian/patches/70_postfix-check.diff23
1 files changed, 23 insertions, 0 deletions
diff --git a/debian/patches/70_postfix-check.diff b/debian/patches/70_postfix-check.diff
new file mode 100644
index 0000000..6d1951c
--- /dev/null
+++ b/debian/patches/70_postfix-check.diff
@@ -0,0 +1,23 @@
+Index: postfix/conf/postfix-script
+===================================================================
+--- postfix.orig/conf/postfix-script
++++ postfix/conf/postfix-script
+@@ -341,9 +341,17 @@ check-warn)
+ find $todo ! -user root \
+ -exec $WARN not owned by root: {} \;
+
+- find $todo \( -perm -020 -o -perm -002 \) \
++ # Handle symlinks separately
++ find -L $todo \( -perm -020 -o -perm -002 \) \
+ -exec $WARN group or other writable: {} \;
+
++ find $todo -type l | while read f; do \
++ # makedefs out known to be a symlink and OK
++ if [ "$f" != "/etc/postfix/./makedefs.out" ]; then \
++ readlink "$f" | grep -q / && $WARN symlink leaves directory: "$f"; \
++ fi \
++ done; \
++
+ # Check Postfix mail_owner-owned directory tree owner/permissions.
+
+ find $data_directory/. ! -user $mail_owner \