From 06b33ba789bfa557037138e840435392b27f41f7 Mon Sep 17 00:00:00 2001
From: Sean Whitton <spwhitton@spwhitton.name>
Date: Sat, 8 Dec 2018 16:55:04 -0700
Subject: remove recursive chown from the postinst

---
 debian/debug-me-server.postinst | 25 ++++++++++++++++++++++++-
 1 file changed, 24 insertions(+), 1 deletion(-)

(limited to 'debian/debug-me-server.postinst')

diff --git a/debian/debug-me-server.postinst b/debian/debug-me-server.postinst
index bb28c39..83a895a 100755
--- a/debian/debug-me-server.postinst
+++ b/debian/debug-me-server.postinst
@@ -9,6 +9,29 @@ if ! getent passwd _debug-me >/dev/null; then
 fi
 mkdir -p /var/log/debug-me
 chmod 700 /var/log/debug-me
-chown -R _debug-me:_debug-me /var/log/debug-me
+chown _debug-me:_debug-me /var/log/debug-me
+
+# We don't need to chown the contents of /var/log/debug-me because the
+# postrm either removes both the _debug-me user and the
+# /var/log/debug-me directory, or removes neither of them.  So we
+# cannot get a situation where there are log files in
+# /var/log/debug-me which need to be chowned to the UID of the new
+# _debug-me user.
+#
+# If the postrm is ever changed not to delete the logs in
+# /var/log/debug-me even on a package purge, but instead to chown them
+# to root, or similar, we would need something like the following
+# (untested):
+#
+# for f in /var/log/debug-me/*; do
+#     if test -f "$f"; then
+#         links="$(stat --format=%h \"$f\")"
+#         if test $links -eq 1; then
+#             chown _debug-me:_debug-me "$f"
+#         fi
+#     fi
+# done
+#
+# (`chown -R` should not be used -- see Lintian tag maintainer-script-should-not-use-recursive-chown-or-chmod)
 
 #DEBHELPER#
-- 
cgit v1.2.3