Merged. Thank you!
Added a few commits on top.
This is making a bit of trouble:
## Fix permissions on the I2P configuration directory.
chown -R i2psvc:i2psvc /var/lib/i2p/i2p-config/
- (Would fail if folder does not exist (but I tried to avoid that by just using
mkdir --parents) but then…) - Would fail if user and/or group
i2psvcdoes not exist. - And lintian complains.
################################################################################
W: anon-apps-config: recursive-privilege-change postinst:56
N:
W: recursive-privilege-change
N:
N: The named maintainer script appears to call chmod or chown with a
N: --recursive/-R argument, or it uses find(1) with similar intent.
N:
N: All such uses are vulnerable to hardlink attacks on mainline (i.e.
N: non-Debian) kernels that do not set fs.protected_hardlinks=1.
N:
N: The security risk arises when when a non-privileged user set links to
N: files they do not own, such as such as /etc/shadow or files in
N: /var/lib/dpkg/. A superuser's recursive call to chown or chmod on
N: behalf of a role user account would then modify the non-owned files in
N: ways that allow the non-privileged user to manipulate them later.
N:
N: There are several ways to mitigate the issue in maintainer scripts:
N:
N: - For a static role user, please call chown at build time
N: and not during the installation.
N: - If that is too complicated, use runuser(1) in the
N: relevant build parts to create files with correct ownership.
N: - Given a static list of files to change, use non-recursive calls
N: for each file. (Please do not generate the list with find.)
N:
N: Refer to Bug#895597, Bug#889060, Bug#889488, and the runuser(1) manual
N: page for details.
N:
N: Severity: warning
N:
N: Check: scripts
N:
N: Renamed from:
N: maintainer-script-should-not-use-recursive-chown-or-chmod
N:
################################################################################
Hence asking is chown -R i2psvc:i2psvc /var/lib/i2p/i2p-config/ very important or will the i2p package later take care of setting proper permissions? That would be much better.
Meanwhile therefore I ported that part to systemd tmpfiles.d.