#!/bin/sh
set -e

if	[ "$PIUPARTS_DISTRIBUTION" = "squeeze" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "squeeze/updates" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "squeeze-updates" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "squeeze-proposed-updates" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "squeeze-proposed" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "lenny" ]; then

case ${PIUPARTS_OBJECTS%%=*} in
	citadel-server|citadel-dbg|citadel-mta|citadel-suite|bcron-run|capisuite|debbugs|raccess4vbox3|smartlist|sxid)
		#WORKSAROUND #684964: citadel-server: world writable config file: /etc/citadel/netconfigs/7
		for file in /etc/citadel/netconfigs/7 /etc/citadel/refcount_adjustments.dat /etc/citadel/citadel.control
		do
			test ! -f "$file" || chmod -c o-w "$file"
		done
		;;
	linpopup)
		# package removed in squeeze
		for file in /var/lib/linpopup/messages.dat
		do
			test ! -f "$file" || chmod -c o-w "$file"
		done
		;;
esac

fi

if	[ "$PIUPARTS_DISTRIBUTION" = "wheezy" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "wheezy/updates" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "wheezy-updates" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "wheezy-proposed-updates" ] || \
	[ "$PIUPARTS_DISTRIBUTION" = "wheezy-proposed" ]; then

case ${PIUPARTS_OBJECTS%%=*} in
	citadel-server|citadel-dbg|citadel-mta|citadel-suite|bcron|bcron-run|capisuite|debbugs|exmh|nmh|raccess4vbox3|smartlist|xlbiff)
		#WORKSAROUND #684964: citadel-server: world writable config file: /etc/citadel/netconfigs/7
		for file in /etc/citadel/netconfigs/7 /etc/citadel/refcount_adjustments.dat /var/lib/citadel/data/refcount_adjustments.dat
		do
			test ! -f "$file" || chmod -c o-w "$file"
		done
		;;
esac

fi

case ${PIUPARTS_OBJECTS%%=*} in
	gpe-tetris|gpe)
		#WORKSAROUND #684178: gpe-tetris: creates world writable directory /var/games/gpe
		# package removed after wheezy
		for file in /var/games/gpe/gpe-tetris.dat
		do
			test ! -f "$file" || chmod -c o-w "$file"
		done
		for dir in /var/games/gpe
		do
			test ! -d "$dir" || chmod -c o-w "$dir"
		done
		;;
esac


# find world writables without sticky bit
BADPERMS=$(find / -mount ! -type l ! -type c ! -type p ! -type s -perm -o+w ! -perm -1000)

if [ -n "$BADPERMS" ]; then
	echo "ERROR: BAD PERMISSIONS"
	ls -lad $BADPERMS
	exit 1
fi
