Bugzilla – Bug 1179574
move /var/spool/mail/ to separate package
Last modified: 2024-07-15 17:05:16 UTC
/var/spool/mail/ is like /tmp 1777 so yet another location where users can write any file. It's only used by MUAs that are not installed by default anymore nowadays, so should be moved to separate package and required by MUAs. Also, the default of the CREATE_MAIL_SPOOL variable should be set to "no".
I would put that directory in the MUA packages (sendmail, postfix, ...). They are already mutual exclusive, and the permissions will not change. Avoids the overhead of another package and all the dependencies.
We have the following packages that provide smtp_daemon: - sendmail - postfix - exim - busybox-links - msmtp-mta One way or another the overhead is modifying those packages. I don't mind though, we could also include the dir in those individually. Permissions are enforced by the permissions package.
it's also the /var/mail symlink and the shadow package uses that for detecting whether to create mail spools on useradd. If we want to retain that feature we probably don't want shadow to pull in either of the smtp daemons in ring0.
for shadow it's actually not that bad. We use login from util-linux which has the location hardcoded. For useradd an admin can still set MAIL_DIR if needed.
(In reply to Ludwig Nussel from comment #2) > We have the following packages that provide smtp_daemon: > > - sendmail > - postfix > - exim > - busybox-links > - msmtp-mta > > One way or another the overhead is modifying those packages. I don't mind > though, we could also include the dir in those individually. Permissions are > enforced by the permissions package. Adding the requires to all packages and create a new package vs adding the directory to all packages, I still think the later one is less effort. But in the end I don't care, it was only a suggestion how I would make it. If there are problems because /var/mail is missing: this symlink is only optional, if something is failing we should fix it, and I doubt that much people are really using /var/mail or /var/spool/mail today, as everything is web or imap.
shadow has /var/mail hardcoded for a start :)
CC security-team. FYI https://github.com/rpm-software-management/rpmlint/pull/929
This is an autogenerated message for OBS integration: This bug (1179574) was mentioned in https://build.opensuse.org/request/show/1003484 Factory / rpmlint
This is an autogenerated message for OBS integration: This bug (1179574) was mentioned in https://build.opensuse.org/request/show/1004144 Factory / rpmlint
This is an autogenerated message for OBS integration: This bug (1179574) was mentioned in https://build.opensuse.org/request/show/1006967 Factory / exim
This is an autogenerated message for OBS integration: This bug (1179574) was mentioned in https://build.opensuse.org/request/show/1008186 Factory / sendmail
This is an autogenerated message for OBS integration: This bug (1179574) was mentioned in https://build.opensuse.org/request/show/1010635 Factory / rpmlint
Solving this bug with that way has broken mutt build see bug boo#1216035
This is an autogenerated message for OBS integration: This bug (1179574) was mentioned in https://build.opensuse.org/request/show/1187597 Backports:SLE-15-SP6 / exim