Hi Laurent and Julien, 2012/11/11 Laurent Bigonville <bi...@debian.org>
> Le Sun, 11 Nov 2012 19:06:52 +0100, > Julien Cristau <jcris...@debian.org> a écrit : > > > One more question... > > > > On Mon, Aug 13, 2012 at 15:36:14 +0200, Laurent Bigonville wrote: > > > > > + for file in nut.conf upsmon.conf upssched.conf ; do > > > + if [ -f /etc/nut/$file ] ; then > > > + chown root:nut /etc/nut/$file > > > + chmod 640 /etc/nut/$file > > > + fi > > > + done > > > > why is this is done unconditionally on postinst configure, instead of > > just on first install? > > These files could contains passwords, I guess that this is done to be > really sure the files are not world readable? Arnaud? > this is indeed to enforce security on these files, as Laurent said: ups.conf may contains SNMP credentials, upsd.users and upsmon.conf contain NUT internal users password. Thus, it's *mandatory* to ensure protection. The above is just a test upon install / update, but the same is planned for the configuration editing library and tools (work underway). cheers, Arnaud -- Linux / Unix / Opensource Engineering Expert - Eaton - http://opensource.eaton.com Network UPS Tools (NUT) Project Leader - http://www.networkupstools.org Debian Developer - http://www.debian.org Free Software Developer - http://arnaud.quette.fr
