On Sun, 31 Mar 2019 14:10:10 +0100 Jorge Daniel Sequeira Matias > Despite the fact I have tested this package doing a backport for Debian > "wheezy" the package upgrade operation aborts even the installer replaced > /etc/radsecproxy.conf. > This is due to the fact that if the config already exists it has owner/group > "root:root" because the upgrade is from version 1.6.9. And this ownership is > not updated before starting the service.
Hello Jorge, I think this bug is invalid and not a problem of the package but of a non-standard setup on your part. To reproduce this bug, I need to do the following things: On Stretch: 1) create a new user, for example "radsec:radsec". The name needs to be different than the user introduced in Buster "radsecproxy" 2) change the owner and group of /etc/radsecproxy.conf to that radsec:radsec 3) remove the permissions for other: chmod 640 /etc/radsecproxy.conf 4) Edit the Init-Script or systemd.unit to start radsecproxy as that user Step 3 and 4 are crucial here. Then, and only then, do I get an error during the upgrade to Buster where radsecproxy won't start because it can't read the configuration file. As long as the configuration file is world-readable, the upgrade works. It is not possible for any package to anticipate any and every way an administrator may have changed or altered the setup in the past and correct it automatically on package installation or upgrade. Grüße, Sven.
signature.asc
Description: OpenPGP digital signature
