On Thu, 01 Nov 2012 21:56:04 +0100, Andreas Beckmann wrote: > > #688891: psad: modifies conffiles (policy 10.7.3): /etc/psad/psad.conf > This seems to be fixed for upgrades from testing (psad 2.2-2), but > upgrades from squeeze (psad 2.1.7-1) now generate an unwanted prompt: > > Setting up psad (2.2-3) ... > Installing new version of config file /etc/init.d/psad ... > Installing new version of config file /etc/psad/ip_options ... > > Configuration file `/etc/psad/psad.conf' > ==> Modified (by you or by a script) since installation. > ==> Package distributor has shipped an updated version. > What would you like to do about it ? Your options are: > Y or I : install the package maintainer's version > N or O : keep your currently-installed version > D : show the differences between the versions > Z : start a shell to examine the situation > The default action is to keep your current version. > *** psad.conf (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing psad > (--configure): > EOF on stdin at conffile prompt > configured to not write apport reports > Errors were encountered while processing: > psad > > This was already reported as #675231 and fixed in 2.2-2.
Gnarf. Sorry for missing this. I've been thinking about this a bit, and I'm not sure what the elegant solution is. What I've tried now is: - add back the revert-changes part to the preinst - but guard it with a version check so that it adds back _CHANGEME_ only for upgrades from versions before this replacement was removed from the postinst This seems to allow upgrades from 2.1.7-1; it also changes back the value to _CHANGEME_ which is a bit ugly. Debdiff attached. Cheers, gregor -- .''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06 : :' : Debian GNU/Linux user, admin, and developer - http://www.debian.org/ `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Bruce Springsteen: Nothing Man
diff -Nru psad-2.2/debian/changelog psad-2.2/debian/changelog --- psad-2.2/debian/changelog 2012-10-28 16:07:12.000000000 +0100 +++ psad-2.2/debian/changelog 2012-11-04 16:10:41.000000000 +0100 @@ -1,3 +1,14 @@ +psad (2.2-3.1) UNRELEASED; urgency=low + + * Non-maintainer upload. + * Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf", second try: + - add back changes to d.psad.preinst that revert changes to + /etc/psad/psad.conf + - but only for upgrades from versions before 2.2-3 + (Closes: #688891) + + -- gregor herrmann <gre...@debian.org> Sun, 04 Nov 2012 15:56:57 +0100 + psad (2.2-3) unstable; urgency=low * Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf" diff -Nru psad-2.2/debian/psad.preinst psad-2.2/debian/psad.preinst --- psad-2.2/debian/psad.preinst 2012-10-28 16:07:12.000000000 +0100 +++ psad-2.2/debian/psad.preinst 2012-11-04 16:04:04.000000000 +0100 @@ -1,14 +1,54 @@ #!/bin/sh -# This script is only intended to fix bug #497574. -# We check for an upgrade from Psad older than 2.1.5 and remove the old -# Psad process if needed. # -# NB: As some commands can return an exit code other than 0 we do not use -# *set -e* at the beginning. +# Update_conf +# +# This function searchs a key entry in a file and updates its value with the new +# one. +# +# Syntax: +# +# update_conf new_val key conffile +# -> new_val ... : Value to set for the key value +# -> key ....... : Name of the key to be updated +# -> conffile .. : File to search +# +update_conf () +{ + local new_val + local key + local conffile + + new_val=$1 + key=$2 + conffile=$3 + + cp $conffile $conffile.old + + old_val=`awk '$1 == "'$key'" { print $2 }' $conffile` + awk '$1 == "'$key'" { gsub("'$old_val'","'$new_val';",$0); \ + print $0 } \ + $1 != "'$key'" { print $0 }' \ + $conffile.old > $conffile + + rm $conffile.old +} if [ "$1" = "upgrade" ]; then + # Revert changes added to the configuration file by the postinst script + # if we are upgrading from a version which changed it (#688891) + if [ -n "$2" ] && dpkg --compare-versions 2.2-3 gt $2 ; then + update_conf "_CHANGEME_" "HOSTNAME" "/etc/psad/psad.conf" + fi + + # This script is only intended to fix bug #497574. + # We check for an upgrade from Psad older than 2.1.5 and remove the old + # Psad process if needed. + # + # NB: As some commands can return an exit code other than 0 we do not use + # *set -e* at the beginning. + status=1; if [ -x "`which dpkg 2>/dev/null`" ]; then dpkg --compare-versions 2.1.5 gt $2
signature.asc
Description: Digital signature