diff options
author | Dmitry Bogatov <KAction@gnu.org> | 2017-03-02 13:23:37 +0300 |
---|---|---|
committer | Dmitry Bogatov <KAction@gnu.org> | 2017-03-02 13:26:45 +0300 |
commit | fa229e9d6d037e08ff548b80a9b43ffded8e352a (patch) | |
tree | 565bc9999ae6b859b2e01fdf6b891904899df8aa | |
parent | d55b74edb508e4795b4a4e511e92089f3af2fad4 (diff) |
Ensure that after package removal logs belong to root.
-rw-r--r-- | debian/changelog | 1 | ||||
-rw-r--r-- | postrm-runit | 17 |
2 files changed, 16 insertions, 2 deletions
diff --git a/debian/changelog b/debian/changelog index 1bd9759..2e667cb 100644 --- a/debian/changelog +++ b/debian/changelog | |||
@@ -8,6 +8,7 @@ dh-runit (2.7) UNRELEASED; urgency=medium | |||
8 | * Remove 'logdir' option for simplicity sake. Strictly speaking it is | 8 | * Remove 'logdir' option for simplicity sake. Strictly speaking it is |
9 | backward-incompatible change, hence the version major bump, but I am | 9 | backward-incompatible change, hence the version major bump, but I am |
10 | unaware of any actual users of this option. | 10 | unaware of any actual users of this option. |
11 | * Ensure that after package removal logs belong to root. | ||
11 | 12 | ||
12 | -- Dmitry Bogatov <KAction@gnu.org> Wed, 01 Mar 2017 18:38:17 +0300 | 13 | -- Dmitry Bogatov <KAction@gnu.org> Wed, 01 Mar 2017 18:38:17 +0300 |
13 | 14 | ||
diff --git a/postrm-runit b/postrm-runit index 9a69a53..5ce6acf 100644 --- a/postrm-runit +++ b/postrm-runit | |||
@@ -4,8 +4,8 @@ if [ "$1" = 'purge' ] ; then | |||
4 | # If runscript was never invoked, there will be no files | 4 | # If runscript was never invoked, there will be no files |
5 | # in this directory, and `dpkg' will remove it. In this case, | 5 | # in this directory, and `dpkg' will remove it. In this case, |
6 | # we have nothing to do. | 6 | # we have nothing to do. |
7 | for supervise in "/var/lib/runit/supervise/#NAME#" \ | 7 | for supervise in '/var/lib/runit/supervise/#NAME#' \ |
8 | "/var/lib/runit/log/supervise/#NAME#" ; do | 8 | '/var/lib/runit/log/supervise/#NAME#' ; do |
9 | if [ -d "$supervise" ] ; then | 9 | if [ -d "$supervise" ] ; then |
10 | 10 | ||
11 | # Actually only `down' may be absent, but it does not | 11 | # Actually only `down' may be absent, but it does not |
@@ -27,6 +27,19 @@ if [ "$1" = 'purge' ] ; then | |||
27 | done | 27 | done |
28 | fi | 28 | fi |
29 | 29 | ||
30 | # Following code makes sure, that after removal of package, in default | ||
31 | # setup, the only files belonged to log user, belong to root. | ||
32 | # | ||
33 | # This way user can be safely removed, solving part of #848239 (need | ||
34 | # interoperation from dh-sysuser). | ||
35 | # | ||
36 | # Sure, system administrator can make stupid thing and chown some file | ||
37 | # to log user, but consequences do not seem to be so severe. After | ||
38 | # all, with great power comes great responsibility. | ||
39 | if [ -d '/var/log/runit/#NAME#' ] ; then | ||
40 | chown --recursive root:root '/var/log/runit/#NAME#' | ||
41 | fi | ||
42 | |||
30 | # Local Variables: | 43 | # Local Variables: |
31 | # eval: (sh-set-shell "sh" t nil) | 44 | # eval: (sh-set-shell "sh" t nil) |
32 | # End: | 45 | # End: |