[Dovecot] overview of patches used in Fedora
Hi,
I have gone through the patches that are used in the Fedora package and probably only the "mkcert-permissions" [1] can be considered to be included upstream. It is dated into package version 1.0-0.beta2.3, but I cannot find any particular reason for the inclusion (like a bug in bugzilla, etc.). Some (winbind support, quota warnings) were obsoleted by dovecot 1.1, two are used for distro specific settings. So the only real patch that remains is the "pam_setcred" [2] patch that fixes https://bugzilla.redhat.com/show_bug.cgi?id=146198
Current state of the package for Fedora is at http://cvs.fedoraproject.org/viewcvs/rpms/dovecot/devel/
Dan[1] http://cvs.fedoraproject.org/viewcvs/rpms/dovecot/devel/dovecot-1.0.beta2-mkcert-permissions.patch?rev=1.1&view=auto [2] http://cvs.fedoraproject.org/viewcvs/rpms/dovecot/devel/dovecot-1.0.rc2-pam-setcred.patch?rev=1.1&view=auto
Fedora and Red Hat package maintainer
On Fri, 2008-05-30 at 15:49 +0200, Dan Horák wrote:
Hi,
I have gone through the patches that are used in the Fedora package and probably only the "mkcert-permissions" [1] can be considered to be included upstream. It is dated into package version 1.0-0.beta2.3, but I cannot find any particular reason for the inclusion (like a bug in bugzilla, etc.).
Certificate file is public data, so chmoding it to 0600 doesn't really do any good. As for chowning the files to root:root, that's probably good if you use the script to generate certificates automatically, but I don't think the script should always do that since it may be run as non-root.
Some (winbind support, quota warnings) were obsoleted by dovecot 1.1, two are used for distro specific settings. So the only real patch that remains is the "pam_setcred" [2] patch that fixes https://bugzilla.redhat.com/show_bug.cgi?id=146198
Unnecessary (with v1.0 too). pam_setcred() is called only if setcred=yes is added to pam args.
Timo Sirainen píše v Po 02. 06. 2008 v 21:50 +0300:
On Fri, 2008-05-30 at 15:49 +0200, Dan Horák wrote:
Hi,
I have gone through the patches that are used in the Fedora package and probably only the "mkcert-permissions" [1] can be considered to be included upstream. It is dated into package version 1.0-0.beta2.3, but I cannot find any particular reason for the inclusion (like a bug in bugzilla, etc.).
Certificate file is public data, so chmoding it to 0600 doesn't really do any good. As for chowning the files to root:root, that's probably good if you use the script to generate certificates automatically, but I don't think the script should always do that since it may be run as non-root.
The script is run during package installation with the goal to be "ready to run" for the "general user".
Some (winbind support, quota warnings) were obsoleted by dovecot 1.1, two are used for distro specific settings. So the only real patch that remains is the "pam_setcred" [2] patch that fixes https://bugzilla.redhat.com/show_bug.cgi?id=146198
Unnecessary (with v1.0 too). pam_setcred() is called only if setcred=yes is added to pam args.
Thanks for the info. I will update the package appropriately.
Dan
participants (2)
-
Dan Horák
-
Timo Sirainen