Your message dated Mon, 19 Nov 2012 21:47:43 +0000
with message-id <[email protected]>
and subject line Bug#688891: fixed in psad 2.2-3.1
has caused the Debian Bug report #688891,
regarding psad: modifies conffiles (policy 10.7.3): /etc/psad/psad.conf
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
688891: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688891
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: psad
Version: 2.2-2
Severity: serious
Tags: squeeze-ignore
User: [email protected]
Usertags: piuparts
Control: found -1 2.1.7-1
Hi,
during a test with piuparts I noticed your package modifies conffiles.
This is forbidden by the policy, see
http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files
10.7.3: "[...] The easy way to achieve this behavior is to make the
configuration file a conffile. [...] This implies that the default
version will be part of the package distribution, and must not be
modified by the maintainer scripts during installation (or at any
other time)."
Note that once a package ships a modified version of that conffile,
dpkg will prompt the user for an action how to handle the upgrade of
this modified conffile (that was not modified by the user).
Further in 10.7.3: "[...] must not ask unnecessary questions
(particularly during upgrades) [...]"
If a configuration file is customized by a maintainer script after
having asked some debconf questions, it may not be marked as a
conffile. Instead a template could be installed in /usr/share and used
by the postinst script to fill in the custom values and create (or
update) the configuration file (preserving any user modifications!).
This file must be removed during postrm purge.
ucf(1) may help with these tasks.
See also http://wiki.debian.org/DpkgConffileHandling
In https://lists.debian.org/debian-devel/2012/09/msg00412.html and
followups it has been agreed that these bugs are to be filed with
severity serious.
debsums reports modification of the following files,
from the attached log (scroll to the bottom...):
/etc/psad/psad.conf
cheers,
Andreas
psad_2.2-2.log.gz
Description: GNU Zip compressed data
--- End Message ---
--- Begin Message ---
Source: psad
Source-Version: 2.2-3.1
We believe that the bug you reported is fixed in the latest version of
psad, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
gregor herrmann <[email protected]> (supplier of updated psad package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 18 Nov 2012 22:25:13 +0100
Source: psad
Binary: psad
Architecture: source amd64
Version: 2.2-3.1
Distribution: unstable
Urgency: low
Maintainer: Franck Joncourt <[email protected]>
Changed-By: gregor herrmann <[email protected]>
Description:
psad - Port Scan Attack Detector
Closes: 688891
Changes:
psad (2.2-3.1) unstable; urgency=low
.
* Non-maintainer upload with maintainer's approval.
* Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf", second try:
- add back changes to d.psad.preinst that revert changes to
/etc/psad/psad.conf
- but only for upgrades from versions before 2.2-3
(Closes: #688891)
Checksums-Sha1:
0ed87dad15f9c76932a03c8f95e7383d9d2736e2 1832 psad_2.2-3.1.dsc
78fe524fd37386d916096eb1d98f50549f361077 12927 psad_2.2-3.1.debian.tar.gz
c9fa2aca62d7cbf0366f2f895e50296835017360 200710 psad_2.2-3.1_amd64.deb
Checksums-Sha256:
0bc8352e56e34a27e52f734ebd4eb29f9f76e88b1c3406550c583cd5ab5b71ee 1832
psad_2.2-3.1.dsc
82b8d636b7ea97991f4ab14640c19f234693c03920179652e9810aa26e8d67cc 12927
psad_2.2-3.1.debian.tar.gz
ca7a0882debfc4b753594464b1ab0b534601851ba2a11876b1bc5191b63e86f6 200710
psad_2.2-3.1_amd64.deb
Files:
4aa2cc1b48ed74d4950722cee6b376bc 1832 admin optional psad_2.2-3.1.dsc
804577dc382ad8b3cc7ea431b0cfcee0 12927 admin optional
psad_2.2-3.1.debian.tar.gz
f61f0808885d57c064310fd7d55e827d 200710 admin optional psad_2.2-3.1_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJQqVLEAAoJELs6aAGGSaoGT64QAKPujvsnoL2msGVdFR0diQz9
27Dv85zqaWXs0lMiTmLR0L9uXP8fdI2uxrK/t8BdUVoIuRQmax9T6zjlHvMGJv+1
W9PwlhxFHAmctkTFCl7aeWIGpdV/imlC9+QtLMPgjm87bG79ChBXeBHcrKDfyieY
zYxx9Ub2RJhf5GyWRa6MPQWcC0jdBhvdz5iZJDOT0daeKnUW/auesV3k5U0gevpj
y/FKHKT+bI0oX/aEf9k1ooeRUBAHvSRhiUx0YmoTDi28POBidn9nNAmtxSnMVUhE
87SH9+Akgogr9pCi9qP/nuDDdpZPuM2uDUvgzHB51Xj/3dAh8cL5+8Ei0KpKXEcc
QENvKGSvHLu1/uYoDscww7VnF25IeC16oFbZnBBaOIYTxiIaQUIlnvI1v6CiotEg
jxHHa3OJHvT2T0mvc961KeOV80xUtLFTFJerMYBwmGtECpb70kGUWanUrknQoL5L
GI9LPmSlFk5LrJRJdU5KoVDFhj+Ie3+mk+IQBNPCC0NBheXN9Ot1D3xtL2sW6LzJ
smfGkors950dOPU21or/exuMl2O2atdwFyYZmrxIcQAZYGZf1Jt7EEvAP13oXIvI
5Bg+04bXUCIaWCrt18IyqKnuWA1dT0BRwe1greyzhUKMToZI3RqrjuWL7vrKYyzO
qmeleUUyFvmssMYLvIjP
=VInN
-----END PGP SIGNATURE-----
--- End Message ---