Gentoo Archives: gentoo-commits

From: Michael Orlitzky <mjo@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: mail-filter/opendkim/
Date: Sun, 31 Mar 2019 21:16:43
Message-Id: 1554066742.db3f841d797fc4d27befc756e1acf30dbb00035d.mjo@gentoo
1 commit: db3f841d797fc4d27befc756e1acf30dbb00035d
2 Author: Michael Orlitzky <mjo <AT> gentoo <DOT> org>
3 AuthorDate: Sun Mar 31 21:11:47 2019 +0000
4 Commit: Michael Orlitzky <mjo <AT> gentoo <DOT> org>
5 CommitDate: Sun Mar 31 21:12:22 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=db3f841d
7
8 mail-filter/opendkim: add "UMask 0117" to the config by default.
9
10 Ralph and I have been discussing the best way to handle a local UNIX
11 socket. One thing that we both agree on is that, regardless of the
12 other details, the daemon should be running with a UMask of 0117 to
13 create the socket group-writable but otherwise private. And since the
14 opendkim(8) man page says that the UMask is used only for the socket,
15 there's no reason we shouldn't add it to the default configuration. In
16 other words, it doesn't hurt anything if you're *not* using a local
17 socket. This is one fewer thing that we need to document.
18
19 Bug: https://bugs.gentoo.org/575666
20 Signed-off-by: Michael Orlitzky <mjo <AT> gentoo.org>
21 Package-Manager: Portage-2.3.62, Repoman-2.3.11
22
23 mail-filter/opendkim/opendkim-2.10.3-r9.ebuild | 8 +++++++-
24 1 file changed, 7 insertions(+), 1 deletion(-)
25
26 diff --git a/mail-filter/opendkim/opendkim-2.10.3-r9.ebuild b/mail-filter/opendkim/opendkim-2.10.3-r9.ebuild
27 index 841184ed46b..9a9ff14612a 100644
28 --- a/mail-filter/opendkim/opendkim-2.10.3-r9.ebuild
29 +++ b/mail-filter/opendkim/opendkim-2.10.3-r9.ebuild
30 @@ -140,7 +140,13 @@ src_install() {
31 echo "# For use with unbound" >> "${T}/opendkim.conf" || die
32 echo "#TrustAnchorFile /etc/dnssec/root-anchors.txt" \
33 >> "${T}/opendkim.conf" || die
34 - echo UserID opendkim >> "${T}/opendkim.conf" || die
35 + echo "UserID opendkim" >> "${T}/opendkim.conf" || die
36 +
37 + # The UMask is really only used for the PID file (root:root) and the
38 + # local UNIX socket, if you're using one. It should be 0117 for the
39 + # socket, so we might as well set that unconditionally here.
40 + echo "UMask 0117" >> "${T}/opendkim.conf" || die
41 +
42 insinto /etc/opendkim
43 doins "${T}/opendkim.conf"
44 }