summaryrefslogtreecommitdiffstats
path: root/debian/patches/70_postfix-check.diff
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:18:57 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-04-07 16:18:57 +0000
commita9cdccbffffdd2e58b5cc69683682517e892ea40 (patch)
tree5890cdcebde1069c9b7419d92476e52cc5525d6f /debian/patches/70_postfix-check.diff
parentAdding upstream version 3.7.10. (diff)
downloadpostfix-debian.tar.xz
postfix-debian.zip
Adding debian version 3.7.10-0+deb12u1.debian/3.7.10-0+deb12u1debian
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'debian/patches/70_postfix-check.diff')
-rw-r--r--debian/patches/70_postfix-check.diff23
1 files changed, 23 insertions, 0 deletions
diff --git a/debian/patches/70_postfix-check.diff b/debian/patches/70_postfix-check.diff
new file mode 100644
index 0000000..2ebb65b
--- /dev/null
+++ b/debian/patches/70_postfix-check.diff
@@ -0,0 +1,23 @@
+Index: postfix/conf/postfix-script
+===================================================================
+--- postfix.orig/conf/postfix-script
++++ postfix/conf/postfix-script
+@@ -314,9 +314,17 @@ check-warn)
+ find $todo ! -user root \
+ -exec $WARN not owned by root: {} \;
+
+- find $todo \( -perm -020 -o -perm -002 \) \
++ # Handle symlinks separately
++ find -L $todo \( -perm -020 -o -perm -002 \) \
+ -exec $WARN group or other writable: {} \;
+
++ find $todo -type l | while read f; do \
++ # makedefs out known to be a symlink and OK
++ if [ "$f" != "/etc/postfix/./makedefs.out" ]; then \
++ readlink "$f" | grep -q / && $WARN symlink leaves directory: "$f"; \
++ fi \
++ done; \
++
+ # Check Postfix mail_owner-owned directory tree owner/permissions.
+
+ find $data_directory/. ! -user $mail_owner \