1 files changed, 20 insertions, 9 deletions

diff --git a/bin/check_perms b/bin/check_perms
index 6918ab39c..d965bc56e 100755
--- a/bin/check_perms
+++ b/bin/check_perms
@@ -17,11 +17,10 @@ import getopt
 import grp
 from stat import *
 import paths
-import Mailman.mm_cfg
+from Mailman import mm_cfg
 
 MAILMAN_GRPNAME = 'mailman'
 MAILMAN_GID = grp.getgrnam(MAILMAN_GRPNAME)[2]
-PREFIX = Mailman.mm_cfg.PREFIX
 
 PROGRAM = sys.argv[0]
 
@@ -74,12 +73,11 @@ def checkwalk(arg, dirname, names):
                 print
 
 def checkall():
-    os.path.walk(PREFIX, checkwalk, STATE)
+    os.path.walk(mm_cfg.PREFIX, checkwalk, STATE)
 
 
 def checkarchives():
-    archives = os.path.join(PREFIX, 'archives')
-    private = os.path.join(archives, 'private')
+    private = mm_cfg.PRIVATE_ARCHIVE_FILE_DIR
     if STATE.VERBOSE:
         print 'checking perms on', private
     # private archives must not be other readable
@@ -95,10 +93,9 @@ def checkarchives():
 
 
 def checkcgi():
-    cgibin = os.path.join(PREFIX, 'cgi-bin')
-    exes = os.listdir(cgibin)
+    exes = os.listdir(mm_cfg.CGI_DIR)
     for f in exes:
-        path = os.path.join(cgibin, f)
+        path = os.path.join(mm_cfg.CGI_DIR, f)
         if STATE.VERBOSE:
             print 'checking set-gid for', path
         mode = statmode(path)
@@ -112,7 +109,7 @@ def checkcgi():
                 print
 
 def checkmail():
-    wrapper = os.path.join(PREFIX, 'mail', 'wrapper')
+    wrapper = os.path.join(mm_cfg.WRAPPER_DIR, 'wrapper')
     if STATE.VERBOSE:
         print 'checking set-gid for', wrapper
     mode = statmode(wrapper)
@@ -123,6 +120,19 @@ def checkmail():
             print '(fixing)'
             os.chmod(wrapper, mode | S_ISGID)
 
+def checkadminpw():
+    adminpw = os.path.join(mm_cfg.DATA_DIR, 'adm.pw')
+    targetmode = S_IFREG | S_IRUSR | S_IWUSR | S_IRGRP
+    if STATE.VERBOSE:
+        print 'checking perms on', adminpw
+    mode = statmode(adminpw)
+    if mode <> targetmode:
+        STATE.ERRORS = STATE.ERRORS + 1
+        print adminpw, 'permissions must be exactly 0640 (got %s)' % oct(mode)
+        if STATE.FIX:
+            print '(fixing)'
+            os.chmod(adminpw, targetmode)
+
 
 def usage(code=0, msg=''):
     print __doc__ % globals()
@@ -151,6 +161,7 @@ if __name__ == '__main__':
     checkarchives()
     checkcgi()
     checkmail()
+    checkadminpw()
 
     if not STATE.ERRORS:
         print 'No problems found'