Package: postfixadmin Version: 2.3.2 Severity: grave Justification: causes non-serious data loss
After enabling the mailbox_postdeletion_script, and copying the script from examples, one might try to test the script if it is able to run properly from the command line. Running the script with no arguments will return no error, and move the actual mail dir(basedir) to trash(trashbase), making postfix unusable. To replicate the bug, set basedir=/home/vmail/ trashbase=/home/vmail/trash, in visudo: www-data ALL=(vmail) NOPASSWD: /usr/local/bin/postfixadmin-mailbox-postdeletion.sh , and run as www-data sudo -v vmail /usr/local/bin/postfixadmin-mailbox-postdeletion.sh . It will move /home/vmail/* to /home/vmail/date_/ . -- System Information: Debian Release: 5.0.7 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-2-amd64 (SMP w/2 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages postfixadmin depends on: ii apache2 2.2.9-10+lenny9 Apache HTTP Server metapackage ii apache2-mpm-prefor 2.2.9-10+lenny9 Apache HTTP Server - traditional n ii dbconfig-common 1.8.39 common framework for packaging dat ii debconf 1.5.24 Debian configuration management sy ii libapache2-mod-php 5.2.6.dfsg.1-1+lenny9 server-side, HTML-embedded scripti ii mysql-client-5.0 [ 5.0.51a-24+lenny5 MySQL database client binaries ii php5-imap 5.2.6.dfsg.1-1+lenny9 IMAP module for php5 ii php5-mysql 5.2.6.dfsg.1-1+lenny9 MySQL module for php5 ii wwwconfig-common 0.1.2 Debian web auto configuration Versions of packages postfixadmin recommends: ii mysql-server 5.0.51a-24+lenny5 MySQL database server (metapackage ii mysql-server-5.0 [mysq 5.0.51a-24+lenny5 MySQL database server binaries ii postfix-mysql 2.5.5-1.1 MySQL map support for Postfix Versions of packages postfixadmin suggests: ii dovecot-common 1:1.0.15-2.3+lenny1 secure mail server that supports m pn squirrelmail-postfix <none> (no description available) -- debconf information: postfixadmin/pgsql/app-pass: (password omitted) postfixadmin/pgsql/admin-pass: (password omitted) postfixadmin/mysql/admin-pass: (password omitted) postfixadmin/app-password-confirm: (password omitted) postfixadmin/mysql/app-pass: (password omitted) postfixadmin/password-confirm: (password omitted) postfixadmin/remote/newhost: postfixadmin/pgsql/method: unix socket postfixadmin/db/app-user: postfixadmin postfixadmin/purge: false * postfixadmin/reconfigure-webserver: apache2 postfixadmin/remote/port: postfixadmin/pgsql/changeconf: false * postfixadmin/dbconfig-install: true * postfixadmin/database-type: mysql postfixadmin/internal/reconfiguring: false postfixadmin/remote/host: postfixadmin/upgrade-error: abort postfixadmin/missing-db-package-error: abort postfixadmin/upgrade-backup: true postfixadmin/pgsql/authmethod-user: postfixadmin/mysql/admin-user: root postfixadmin/dbconfig-remove: postfixadmin/remove-error: abort postfixadmin/db/basepath: postfixadmin/passwords-do-not-match: postfixadmin/db/dbname: postfixadmin postfixadmin/install-error: abort postfixadmin/pgsql/no-empty-passwords: postfixadmin/dbconfig-reinstall: false postfixadmin/internal/skip-preseed: false postfixadmin/pgsql/admin-user: postgres postfixadmin/pgsql/authmethod-admin: ident postfixadmin/dbconfig-upgrade: true postfixadmin/mysql/method: unix socket postfixadmin/pgsql/manualconf: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
