Package: opendkim Version: 2.8.2-1 Severity: important Dear Maintainer,
The README file was not prescriptive about where to place the configuration files. It did say what the ownership, etc, of the files/directory should be. So I placed them in /etc/mail/dkim/ In recent versions of opendkim, I've been experiencing errors such as this: "key data is not secure: /etc/mail is writeable and owned by uid 100 which is not the executing uid (117) or the superuser" The directory /etc/mail/dkim has the correct ownership and permissions, but the parent directory /etc/mail does not. I can work around the problem by changing the ownership of /etc/mail to root. (but need to be careful, because I think /usr/sbin/sendmailconfig will change it back.) I feel that if a configuration directory was created by the installer, all users could write their files there as well as the opendkim.conf file. The installer could ensure the directory had the correct ownership and access permissions, so this error would not affect anyone else. I suggest: /etc/opendkim/ What do you think? -- Phil -- System Information: Debian Release: 7.0 APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing') Architecture: i386 (i686) Kernel: Linux 3.2.0-2-686-pae (SMP w/2 CPU cores) Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Versions of packages opendkim depends on: ii adduser 3.113+nmu3 ii libbsd0 0.4.2-1 ii libc6 2.13-38 ii libdb5.1 5.1.29-5 ii libldap-2.4-2 2.4.31-1+nmu1 ii liblua5.1-0 5.1.5-4 ii libmemcached10 1.0.8-1 ii libmemcachedutil2 1.0.8-1 ii libmilter1.0.1 8.14.4-4 ii libopendbx1 1.4.6-3 ii libopendkim9 2.8.2-1 ii librbl1 2.8.2-1 ii libssl1.0.0 1.0.1e-2 ii libunbound2 1.4.20-1 ii libvbr2 2.8.2-1 ii lsb-base 4.1+Debian9 opendkim recommends no packages. Versions of packages opendkim suggests: pn opendkim-tools <none> -- Configuration Files: /etc/opendkim.conf changed: Syslog yes UMask 002 KeyTable /etc/mail/dkim/KeyTable SigningTable refile:/etc/mail/dkim/SigningTable ADSPNoSuchDomain yes RemoveOldSignatures yes ExternalIgnoreList refile:/etc/mail/dkim/TrustedHosts InternalHosts refile:/etc/mail/dkim/TrustedHosts MilterDebug 9 SyslogSuccess yes OversignHeaders From OmitHeaders *,+To,+Cc -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
