There’s another thread:
I collected the output from some of my servers:
/etc/sudoers.d/20_nethserver_openvpn: bad permissions, should be mode 0440
/etc/sudoers.d/20_nethserver_suricata: bad permissions, should be mode 0440
/etc/sudoers.d/20_nethserver_subscription: bad permissions, should be mode 0440
/etc/sudoers.d/30_nethserver_sambastatus: bad permissions, should be mode 0440
/etc/sudoers.d/50_nsapi_nethserver_awstats: bad permissions, should be mode 0440
/etc/sudoers.d/50_nsapi_nethserver_crontabmanager: bad permissions, should be mode 0440
/etc/sudoers.d/50_nsapi_nethserver_dokuwiki: bad permissions, should be mode 0440
/etc/sudoers.d/50_nsapi_nethserver_phpldapadmin: bad permissions, should be mode 0440
/etc/sudoers.d/50_nsapi_nethserver_phpmyadmin: bad permissions, should be mode 0440
/etc/sudoers.d/50_nsapi_nethserver_phppgadmin: bad permissions, should be mode 0440
/etc/sudoers.d/samba-audit: bad permissions, should be mode 0440
/cc @stephdl
EDIT:
@federico.ballarini I tested your fixed packages and they still throw the permission error, even reinstalling did not work.
[root@testserver]# visudo -c|grep ^OK|sort
/etc/sudoers.d/20_nethserver_openvpn: bad permissions, should be mode 0440
/etc/sudoers.d/20_nethserver_subscription: bad permissions, should be mode 0440
/etc/sudoers.d/20_nethserver_suricata: bad permissions, should be mode 0440
I think this is relevant.
I don’t know how to handle it exactly but maybe just adding another --file param with the correct file may solve it.
%{genfilelist} %{buildroot} --file /etc/sudoers.d/50_nsapi_nethserver_suricata 'attr(0440,root,root)' > %{name}-%{version}-%{release}-filelist`
EDIT2:
Instead of using %attr(0440,root,root) /etc/sudoers.d/20_nethserver_suricata the following worked for me:
%{genfilelist} %{buildroot} \
--file /etc/sudoers.d/20_nethserver_suricata 'attr(0440,root,root)'
--file /etc/sudoers.d/50_nsapi_nethserver_suricata 'attr(0440,root,root)' > %{name}-%{version}-%{release}-filelist