[git.ipfire.org] IPFire 2.x development tree branch, master, updated. c1618483dec4b1421106b8f42cdeaa3d779175b8

public inbox for ipfire-scm@lists.ipfire.org
 help / color / mirror / Atom feed

* [git.ipfire.org] IPFire 2.x development tree branch, master, updated. c1618483dec4b1421106b8f42cdeaa3d779175b8
@ 2025-10-07 15:30 Michael Tremer
  0 siblings, 0 replies; only message in thread
From: Michael Tremer @ 2025-10-07 15:30 UTC (permalink / raw)
  To: ipfire-scm

This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "IPFire 2.x development tree".

The branch, master has been updated
       via  c1618483dec4b1421106b8f42cdeaa3d779175b8 (commit)
       via  68063bc7e7878c60dfc5c736a5b07b0e8f31ad43 (commit)
       via  c3b8ba152daf7ba6faa99d307d87b2f8eb85cfcb (commit)
      from  1081a699c68ba4d2aa39aee21607767208565382 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit c1618483dec4b1421106b8f42cdeaa3d779175b8
Author: Michael Tremer <michael.tremer@ipfire.org>
Date:   Tue Oct 7 15:27:43 2025 +0000

    core198: Update permissions of auth.conf
    
    Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit 68063bc7e7878c60dfc5c736a5b07b0e8f31ad43
Author: Michael Tremer <michael.tremer@ipfire.org>
Date:   Tue Oct 7 15:24:25 2025 +0000

    Add the suricata user to the mail group
    
    Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

commit c3b8ba152daf7ba6faa99d307d87b2f8eb85cfcb
Author: Michael Tremer <michael.tremer@ipfire.org>
Date:   Tue Oct 7 15:22:57 2025 +0000

    dma: Change ownership of auth.conf
    
    This file only needs to be written to by nobody (i.e. the web UI), but
    there are other users which need to read it in order to send emails.
    
    Signed-off-by: Michael Tremer <michael.tremer@ipfire.org>

-----------------------------------------------------------------------

Summary of changes:
 config/backup/backup.pl             | 11 +++++++++++
 config/etc/group                    |  2 +-
 config/rootfiles/core/198/update.sh |  7 +++++++
 lfs/dma                             |  3 ++-
 4 files changed, 21 insertions(+), 2 deletions(-)

Difference in files:
diff --git a/config/backup/backup.pl b/config/backup/backup.pl
index 8988427eae..9a54b50d3c 100644
--- a/config/backup/backup.pl
+++ b/config/backup/backup.pl
@@ -358,6 +358,17 @@ restore_backup() {
 	/etc/init.d/openvpn-n2n restart
 	/etc/init.d/openvpn-rw restart
 
+	#
+	# Core Update 198
+	#
+
+	# Add the suricata user to the mail group
+	usermod -a -G mail suricata
+
+	# Change ownership & permissions of auth.conf
+	chmod 640 /var/ipfire/dma/auth.conf
+	chown nobody:mail /var/ipfire/dma/auth.conf
+
 	return 0
 }
 
diff --git a/config/etc/group b/config/etc/group
index f1767b30cd..1264c43c6c 100644
--- a/config/etc/group
+++ b/config/etc/group
@@ -8,7 +8,7 @@ lp:x:7:daemon
 mem:x:8:
 kmem:x:9:
 wheel:x:10:root
-mail:x:12:mail
+mail:x:12:mail,suricata
 uucp:x:14:
 dialout:x:16:nobody
 floppy:x:19:
diff --git a/config/rootfiles/core/198/update.sh b/config/rootfiles/core/198/update.sh
index e258f65d7f..bb08f493eb 100644
--- a/config/rootfiles/core/198/update.sh
+++ b/config/rootfiles/core/198/update.sh
@@ -46,6 +46,13 @@ if ! [ -d "/var/run/suricata" ]; then
 	chown suricata:suricata /var/run/suricata
 fi
 
+# Add the suricata user to the mail group
+usermod -a -G mail suricata
+
+# Change ownership & permissions of auth.conf
+chmod 640 /var/ipfire/dma/auth.conf
+chown nobody:mail /var/ipfire/dma/auth.conf
+
 # update linker config
 ldconfig
 
diff --git a/lfs/dma b/lfs/dma
index 39507ff6aa..9200de2902 100644
--- a/lfs/dma
+++ b/lfs/dma
@@ -81,7 +81,8 @@ $(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
 	cd $(DIR_APP) && make install mailq-link install-spool-dirs install-etc
 	install -v -m 755 $(DIR_SRC)/config/dma/dma-cleanup-spool /usr/sbin
 	chown -R nobody.nobody /var/ipfire/dma
-	chown nobody.root /var/ipfire/dma/auth.conf
+	chown nobody.mail /var/ipfire/dma/auth.conf
+	chmod 640 /var/ipfire/dma/auth.conf
 	ln -svf dma /usr/sbin/sendmail.dma
 	/usr/sbin/alternatives --install /usr/sbin/sendmail sendmail /usr/sbin/sendmail.dma 20
 	@rm -rf $(DIR_APP)


hooks/post-receive
--
IPFire 2.x development tree


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2025-10-07 15:30 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-10-07 15:30 [git.ipfire.org] IPFire 2.x development tree branch, master, updated. c1618483dec4b1421106b8f42cdeaa3d779175b8 Michael Tremer

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox