Hi On Tue, Feb 09, 2010 at 10:52:51AM +0100, J.M.Roth wrote: > On 2/9/2010 8:45 AM, Ola Lundqvist wrote: > > On Mon, Feb 08, 2010 at 11:24:52PM +0100, J.M.Roth wrote: > >> On 2/8/2010 11:13 PM, Ola Lundqvist wrote: > >>>> drwxr-xr-x 2 ntop root 4096 2010-01-27 11:18 . > >>>> drwxr-xr-x 12 root root 4096 2010-01-27 11:17 .. > >>>> -rw-rw-rw- 1 root root 0 2010-01-27 11:18 access.log > >>> > >>> Not good. However I do not think postinst is good enough. We must change > >>> the umask instead so that it is created correctly. > >> > >> But umask would just change permissions like chmod. > >> Even when others could no longer read/write to the file due to changes > >> to the umask, the ntop user also wouldn't be able to anymore. More can't > >> be accomplished by playing with the umask. > > > > Yes, but what happens in the following case: > > 1) Someone install the package > > 2) Run ntop (log created) > > 3) Clean log files > > 4) Run ntop again (with -A) > > > > Now logfiles are there still with writeable access log. > > > > Your solution only works on upgrade (or did I completely misunderstood you?) > > When setting the correct permissions (u=rx,g=rxs,o= with ownership > ntop:ntop) on the directory, the permissions will always be ok: > - the directory will not be accessible by anyone else than ntop, > - the contained files will have appropriate rights to be read/written by > ntop. (I dislike the fact that they still are o=rw, but that doesn't > matter in that case)
I thought the complaint in the first place was that it was o=rw? > If you remove the directory altogether, ntop will no longer start: > "Starting network top daemon: ERR: logging directory /var/log/ntop does > not exist will not start network top daemon!" What I ment was to remove the files, only. Not the dir. > I'm not sure what happens on an upgrade. Is postinst run on upgrade? If > it is, then permissions would be correct afterwards. Postinst is run on upgrade, yes. My issue is if someone do not upgrade. :-) Best regards, // Ola > JM > > > -- --------------------- Ola Lundqvist --------------------------- / o...@debian.org Annebergsslingan 37 \ | o...@inguza.com 654 65 KARLSTAD | | http://inguza.com/ +46 (0)70-332 1551 | \ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 / --------------------------------------------------------------- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
