* Allow time-daemon to satisfy the openafs-fileserver recommends in
addition to ntp, allowing for openntpd. (Closes: #508258)
* Add ${misc:Depends} to all dependencies.
+ * Add explanations for the Lintian overrides.
* Translation updates:
- Spanish, thanks Francisco Javier Cuadrado. (Closes: #514452)
-openafs-client: non-standard-dir-perm
+# The AFS client cache should not be world-readable, since it may contain
+# files only readable by some of the local users based on their tokens.
+openafs-client: non-standard-dir-perm /var/cache/openafs/ 0700 != 0755
-openafs-dbserver: non-standard-dir-perm
+# The database directory should be kept locked down to prevent reading
+# database information that may not be accessible without authentication.
+openafs-dbserver: non-standard-dir-perm var/lib/openafs/db/ 0700 != 0755
-openafs-fileserver: non-standard-dir-perm
+# /etc/openafs/server contains the KeyFile for the server, so it's kept
+# locked down as an extra precaution.
+openafs-fileserver: non-standard-dir-perm etc/openafs/server/ 0700 != 0755
projects / packages / o / openafs.git / commitdiff