Your message dated Fri, 17 Nov 2017 18:19:17 +0000
with message-id <e1eflet-0009fh...@fasolo.debian.org>
and subject line Bug#720009: fixed in aide 0.16-2
has caused the Debian Bug report #720009,
regarding patch to allow override of conffiles
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
720009: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=720009
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Source: aide-common
Severity: wishlist
Tags: patch
Hi,
please consider the following patch which will make aide-common's
postinst keep its hands off an ucf-conffile that was registered to a
different package. This way, it is seamlessly possible to have a
conffile of aide-common overriden by a different package. This might
aid migration of aide rules to the packages that actually need the
aide rule, or to have locally changed rules in a local package.
This patch has been tested a little bit and didn't cause bad explosions.
Greetings
Marc
>From 00f2085dd7378b9297d3b61dc92489832f32138c Mon Sep 17 00:00:00 2001
From: Marc Haber <mh+debian-packa...@zugschlus.de>
Date: Sat, 17 Aug 2013 15:36:08 +0000
Subject: [PATCH] skip conffiles belonging to a different package
---
debian/aide-common.postinst | 33 +++++++++++++++++++--------------
1 file changed, 19 insertions(+), 14 deletions(-)
diff --git a/debian/aide-common.postinst b/debian/aide-common.postinst
index e00af8a..4fbcc15 100644
--- a/debian/aide-common.postinst
+++ b/debian/aide-common.postinst
@@ -42,20 +42,25 @@ UCFR="ucfr"
(cd "$TRGDIR"&& xargs -0 mkdir -p --)
for file in $(find $SRCDIR -type f -printf '%P\n' ); do
- OLDSUM=""
- if [ -f "$TRGDIR/$file" ]; then
- OLDSUM="$(md5sum "$TRGDIR/$file")"
- fi
- $UCF "$SRCDIR/$file" "$TRGDIR/$file"
- $UCFR "$PKGNAME" "$TRGDIR/$file"
- if cmp --quiet "$SRCDIR/$file" "$TRGDIR/$file" && \
- [ "$OLDSUM" != "$(md5sum "$TRGDIR/$file")" ]; then
- # "$TRGDIR/$file" has changed while ucf was running and it changed
- # to the file that was shipped with the package. We (hopefully safely)
- # assume that this means that the user decided to accept the new
- # version, and we're now copying over the file mode as well.
- # This is a workaround for ucf issue #406476.
- chmod --reference="$SRCDIR/$file" "$TRGDIR/$file"
+ PKG="$(ucfq --with-colons $TRGDIR/$file | awk '{print $2}' FS=":")"
+ # skip conffile if it is associated with a different package.
+ # This allows other packages to hijack aide's conffiles.
+ if [ -z "$PKG" ] || [ "$PKG" = "$PKGNAME" ]; then
+ OLDSUM=""
+ if [ -f "$TRGDIR/$file" ]; then
+ OLDSUM="$(md5sum "$TRGDIR/$file")"
+ fi
+ $UCF "$SRCDIR/$file" "$TRGDIR/$file"
+ $UCFR "$PKGNAME" "$TRGDIR/$file"
+ if cmp --quiet "$SRCDIR/$file" "$TRGDIR/$file" && \
+ [ "$OLDSUM" != "$(md5sum "$TRGDIR/$file")" ]; then
+ # "$TRGDIR/$file" has changed while ucf was running and it changed
+ # to the file that was shipped with the package. We (hopefully safely)
+ # assume that this means that the user decided to accept the new
+ # version, and we're now copying over the file mode as well.
+ # This is a workaround for ucf issue #406476.
+ chmod --reference="$SRCDIR/$file" "$TRGDIR/$file"
+ fi
fi
done
--
1.8.4.rc2
--- End Message ---
--- Begin Message ---
Source: aide
Source-Version: 0.16-2
We believe that the bug you reported is fixed in the latest version of
aide, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 720...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Marc Haber <mh+debian-packa...@zugschlus.de> (supplier of updated aide package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Thu, 02 Nov 2017 15:58:26 +0100
Source: aide
Binary: aide aide-xen aide-dynamic aide-common
Architecture: source
Version: 0.16-2
Distribution: unstable
Urgency: medium
Maintainer: Aide Maintainers <pkg-aide-maintain...@lists.alioth.debian.org>
Changed-By: Marc Haber <mh+debian-packa...@zugschlus.de>
Description:
aide - Advanced Intrusion Detection Environment - static binary
aide-common - Advanced Intrusion Detection Environment - Common files
aide-dynamic - Advanced Intrusion Detection Environment - dynamic binary
aide-xen - Advanced Intrusion Detection Environment - static binary for XEN
Closes: 289171 710912 720009 723904 724291 770095 841006 868749
Changes:
aide (0.16-2) unstable; urgency=medium
.
* improve rules:
* 10_aide_distribution: Take more care in sanitizing
distribution data. Thanks to Raphaƫl Hertzog (Closes: #868749)
* 31_aide_amanda-server
Thanks to Daniel Dickinson (Closes: #710912, #723904)
* 31_aide_apt
* Take multiarch patch from bug report.
Thanks to Simon Deziel (Closes: #770095)
* remove Pre-component Release Files (see discussion in #879272)
Thanks to Julian Andres Klode
* 31_aide_apt-listbugs: clean up obsolete dev comments
* 31_aide_cups
* 31_aide_dpkg
* 31_aide_isc-dhcp-server / 31_aide_isc-dhcp-client
* rename from 31_aide_dhcp3-server and 31_aide_dhcp3-client
* adapt paths
* 31_aide_logrotate
* 31_aide_man: add CACHEDIR
* 31_aide_mlocate: leaves around a lock file
* Add 31_aide_php7, remove 31_aide_php[45].
Thanks to Frederik Himpe (Closes: #724291)
* 31_aide_samba
* 31_aide_sudo: properly handle changing run directory
* 70_aide_run: /run changes link count
* new rules:
* 10_aide_prevyear: help log file handling
* 31_aide_atop
* 31_aide_cereal
* 31_aide_gnupg
* 31_aide_pam_motd
* 31_aide_php-common
* 31_aide_run_systemd_netif
* 31_aide_run_systemd_resolve
* 31_aide_runuser
* 31_aide_systemd_journal
* 31_aide_systemd_sessions
* remove rules that only had placeholder comments
* remove obsolete 31_aide_gpg
* remove obsolete 31-aide_apt_[un]stable
* aide.wrapper:
* wrapper now aborts immediately if lock cannot be
obtained (Closes: #841006)
* Use --config-check in wrapper (Closes: #289171)
* major rework of ucf handling:
* Allow rules to be overridden (Closes: #720009)
* The new code will eventually be submitted for inclusion in
ucf proper or packaged as ucf-helper
* Standards-Version: 4.1.1
* aide-xen and aide-dynamic are now Priority: optional
* no other changes necessary
Checksums-Sha1:
72024c9216c224ebe656615fbe8ea587d5e06f6d 2333 aide_0.16-2.dsc
bf4eb2b53d97ee18745a0fc7c7010ed066ae0b39 83876 aide_0.16-2.debian.tar.xz
7a886045a327f9762fadeb3c2ade695bb088987f 5973 aide_0.16-2_source.buildinfo
Checksums-Sha256:
4ce8e3f85f0c7faa06eb7b7e10eeecaa46b4257393dab0725f91469d87b6e59c 2333
aide_0.16-2.dsc
6fd801b5a87ba03bf1ba2ac7ddf0ffcd3c6bfb91296fe2ff8f32a9ac9ef6d63f 83876
aide_0.16-2.debian.tar.xz
249081299b511582101796f7ddf4c16524b63b2240fe3e50c36dd847bd1dcaee 5973
aide_0.16-2_source.buildinfo
Files:
0b12f9cc9dd2431dc77e35919d40ccd2 2333 admin optional aide_0.16-2.dsc
6d42771e4b7003f1ae532d4b0af286ab 83876 admin optional aide_0.16-2.debian.tar.xz
51821caa5e74ad52d401e5eebbe6b69c 5973 admin optional
aide_0.16-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEE6QL5UJ/L0pcuNEbjj3cgEwEyBEIFAloPJKkACgkQj3cgEwEy
BEIuSw//REQfYOEQIsVK8RDFijMsu/3xqv9pZAOARnw5gk6W8P3XSjExcA/I6k+9
4PFSWbkkPHa7vZBkW7XXDXf3Bgwafnttzm75qWDTHtoHR07TUFYMZT69o9dHxWht
XIVm0hItEtBdAmgJX0n4qYhwvF9kr/cy2IYAi2PQgXsXtYzrdeFkgd4n83ut9cC3
i9/lWjBudITkDOWdsxw8SeuaY1BusROA+LVxMfTEwFDS0nPqdgs8QgVUiu+bC8h7
Zw2lHGz6OfgVj6UD1S5hnQD4xR17euuUbapilc9oBLgOlUBx8i2xYXaP5yP/QDdm
mH0YAh2RuKBbLMJwF9mjet9kyS5dEYjs4wdrQmVE6IweypqpOBjQ7eRcJ7YsYwLF
odkydHu4hrxybb2hBv6UXtz7hS+hH9lxHKAjXQ5NZd+TUOzGyquAdJYdf8WQkMWY
IELNnXsaKxKcXcBlokbRIvDXvsfz3UXec8VMUrC0x3pb8j5DiY+leYxX+5RIOHlz
Cgqylb2+080jbeL8YRdMrI2aotTKmX1013y8yLAoC6rFYXVvzZUUVaD4wLJvGaBP
Uf92KKT0bkUApnK8pBqwYqmNhqeuMEq5smRJ7EXZpfEAiYn7lwHP2x8yIHJDD8/1
jyq7PBR6qkOy60Mb8R0uYX+6rf+VFjgcmyagI59Em8533Tp2d/A=
=TvYq
-----END PGP SIGNATURE-----
--- End Message ---
