Bug#808282: wheezy-pu: package dbconfig-common/1.8.47+nmu1

[Paul Gevers]

tags 808282 patch
retitle 808282 wheezy-pu: package dbconfig-common/1.8.47+nmu1+deb7u1
tags 806247 patch
retitle 806247 jessie-pu: package dbconfig-common/1.8.47+nmu3+deb8u1
thanks

On Fri, 04 Dec 2015 11:54:24 +0100 Paul Gevers <elb...@debian.org> wrote:
> Please find attached my proposed fix for jessie. The delta for wheezy is
> nearly the same, minus the changelog.

And here is the debdiff for wheezy.

Paul

diff -Nru dbconfig-common-1.8.47+nmu1/debian/changelog 
dbconfig-common-1.8.47+nmu1+deb7u1/debian/changelog
--- dbconfig-common-1.8.47+nmu1/debian/changelog        2011-12-24 
09:26:16.000000000 +0100
+++ dbconfig-common-1.8.47+nmu1+deb7u1/debian/changelog 2015-12-20 
20:58:03.000000000 +0100
@@ -1,3 +1,11 @@
+dbconfig-common (1.8.47+nmu1+deb7u1) wheezy; urgency=medium
+
+  * Fix permission of PostgreSQL backup files, thanks Simon Ruderich
+    (Closes: #805638)
+  * Repair permissions of already created backups
+
+ -- Paul Gevers <elb...@debian.org>  Sun, 20 Dec 2015 20:19:30 +0100
+
 dbconfig-common (1.8.47+nmu1) unstable; urgency=low
 
   * Non-maintainer upload.
diff -Nru dbconfig-common-1.8.47+nmu1/debian/dbconfig-common.postinst 
dbconfig-common-1.8.47+nmu1+deb7u1/debian/dbconfig-common.postinst
--- dbconfig-common-1.8.47+nmu1/debian/dbconfig-common.postinst 2009-02-17 
23:05:34.000000000 +0100
+++ dbconfig-common-1.8.47+nmu1+deb7u1/debian/dbconfig-common.postinst  
2015-12-20 20:19:21.000000000 +0100
@@ -15,4 +15,11 @@
 
 dbc_write_global_config
 
+# Previously dumped databases in /var/cache/dbconfig-common/backups may
+# (depending on the local umask) be readable by everybody (bts: #805638). Limit
+# the permissions here on all files in that folder.
+if [ -d /var/cache/dbconfig-common/backups/ ] ; then
+    find /var/cache/dbconfig-common/backups/ -type f -exec chmod 600 {} \;
+fi
+
 #DEBHELPER#
diff -Nru dbconfig-common-1.8.47+nmu1/internal/pgsql 
dbconfig-common-1.8.47+nmu1+deb7u1/internal/pgsql
--- dbconfig-common-1.8.47+nmu1/internal/pgsql  2010-03-28 12:11:37.000000000 
+0200
+++ dbconfig-common-1.8.47+nmu1+deb7u1/internal/pgsql   2015-12-20 
20:19:20.000000000 +0100
@@ -174,14 +174,14 @@
        local extra retval PGSSLMODE localuser _dbc_asuser dumpfile old_umask
        dumpfile=$1
        localuser=`_dbc_psql_local_username`
-       touch $dumpfile
-       chown $localuser $dumpfile
        PGSSLMODE="prefer"
        retval=0
        _dbc_psql_cmd_setup
        if [ "$dbc_ssl" ]; then PGSSLMODE="require"; fi
        old_umask=`umask`
        umask 0066
+       touch $dumpfile
+       chown $localuser $dumpfile
        extra=`_dbc_psql_cmd_args`
        extra="-f \"$dumpfile\" $extra"
        _dbc_debug "su -s /bin/sh $localuser -c \"env HOME='$_dbc_pgsql_tmpdir' 
PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' pg_dump $extra 
$dbc_dbname\" 2>&1"

signature.asc
Description: OpenPGP digital signature