From eb9464fb4bbea788f2703a9bb3314dcd9fe2e0d5 Mon Sep 17 00:00:00 2001
From: Carsten Hey <carsten@debian.org>
Date: Sun, 18 Jul 2010 22:36:11 +0200
Subject: [PATCH] Bug#589574: [PATCH] dh_fixperms: Ensure files in
 /etc/sudoers.d/ are mode 440. Closes: #589574

Signed-off-by: Carsten Hey <carsten@debian.org>
---
 debian/changelog | 6 ++++++
 dh_fixperms      | 7 +++++++
 2 files changed, 13 insertions(+)

diff --git a/debian/changelog b/debian/changelog
index 628b043..c895d78 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+debhelper (7.9.4) UNRELEASED; urgency=low
+
+  * dh_fixperms: Ensure files in /etc/sudoers.d/ are mode 440. Closes: #589574
+
+ -- Carsten Hey <carsten@debian.org>  Sun, 18 Jul 2010 22:30:06 +0200
+
 debhelper (7.9.3) unstable; urgency=low
 
   * perl_makemaker: import compat(). Closes: #587654
diff --git a/dh_fixperms b/dh_fixperms
index 893ca56..65beac6 100755
--- a/dh_fixperms
+++ b/dh_fixperms
@@ -117,6 +117,13 @@ foreach my $package (@{$dh{DOPACKAGES}}) {
 			"-type f $find_options -print0",
 			"2>/dev/null | xargs -0r chmod 644");
 	}
+
+	# Files in $tmp/etc/sudoers.d/ must be mode 440.
+	if (-d "$tmp/etc/sudoers.d") {
+		complex_doit("find $tmp/etc/sudoers.d",
+			"-type f ! -perm 440 $find_options -print0",
+			"2>/dev/null | xargs -0r chmod 440");
+	}
 }
 
 =head1 SEE ALSO
-- 
2.39.2