FS#43646 - [postfix] permissions diffier between package/installed
Attached to Project:
Arch Linux
Opened by Gustavo Alvarez (sl1pkn07) - Saturday, 31 January 2015, 20:42 GMT
Last edited by Gaetan Bisson (vesath) - Wednesday, 25 March 2015, 20:36 GMT
Opened by Gustavo Alvarez (sl1pkn07) - Saturday, 31 January 2015, 20:42 GMT
Last edited by Gaetan Bisson (vesath) - Wednesday, 25 March 2015, 20:36 GMT
|
Details
when update/reinstall postfix:
(1/1) reinstalling postfix [---------------------------------------------------------------------------------------] 100% warning: directory ownership differs on /var/lib/postfix/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/trace/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/saved/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/public/ filesystem: 73:75 package: 0:0 warning: directory ownership differs on /var/spool/postfix/maildrop/ filesystem: 73:75 package: 0:0 warning: directory ownership differs on /var/spool/postfix/private/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/incoming/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/hold/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/flush/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/deferred/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/defer/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/corrupt/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/bounce/ filesystem: 73:0 package: 0:0 warning: directory ownership differs on /var/spool/postfix/active/ filesystem: 73:0 package: 0:0 greetings |
This task depends upon
Closed by Gaetan Bisson (vesath)
Wednesday, 25 March 2015, 20:36 GMT
Reason for closing: Fixed
Additional comments about closing: postfix-3.0.0-3 in [extra]
Wednesday, 25 March 2015, 20:36 GMT
Reason for closing: Fixed
Additional comments about closing: postfix-3.0.0-3 in [extra]
Since pacman checks always permissions of the local filesystem against the permissions set in the packages, it will report every difference; hence it's not a good idea to change permission after installation since it makes not a difference if an install script did it, or malware.
You cannot set already the right permissions in the package, i.e. UID to 73 and not afterwards by a skript? Then permissions of the filesystem are always correct and pacman would not report a change.
I think just ignore is not a good advice for me; how can I decide in the future if the warning is false or right?
EDIT:
Sure if I had one I would have suggested it.
What could be done is to include a post or even pre-installation script that lets users know not to worry about these error messages.
I don't know how many of us use this check, I frequently do it to detect probably altered file permissions by malware; thats the check has been designed for. If this check is offered by pacman, than it should work and I can not detect case by case if the warning is false or true, depending on the package. If it is unreliable like now, then they should better remove this feature from pacman. A warning that has to be ignored has no sense.
Maybe we should report this problem to the pacman development team, too. It's a common problem not limited to postfix and if the application or install script changes file permissions after the installation, pacman will not be tired to issue a warning until we have a proof concept how to deal with it.
As this applies to package postfix which has user postfix as well as groups postfix and postdrop created statically by .INSTALL the problem could be fixed by modifying PKGBUILD like so
package() {
[...]
chown 73:0 var/lib/postfix
chown 73:0 var/spool/postfix/*
chown 73:75 var/spool/postfix/{maildrop,public}
chown 0:0 var/spool/postfix/pid
}
Usage of upstream script post-install isn't affected by these changes in any way.
All this results from from a discussion that took place recently in the forums, see https://bbs.archlinux.org/viewtopic.php?pid=1498566#p1498566 and following posts.
Btw. those warnings have been temporarily disabled in pacman 4.2.1 until a solution regarding dynamically set UIDs/GIDs is found.
| [2015-03-15 09:48] [ALPM] warning: directory permissions differ on /usr/share/doc/p7zip/MANUAL/
| filesystem: 704 package: 755
| [2015-03-15 09:48] [ALPM] warning: directory permissions differ on /usr/share/doc/p7zip/MANUAL/commands/
| filesystem: 704 package: 755
| [2015-03-15 09:48] [ALPM] warning: directory permissions differ on /usr/share/doc/p7zip/MANUAL/switches/
| filesystem: 704 package: 755
Btw. it seems they correspond to #43911 and make sense.