On Thu, 01 Nov 2012 21:56:04 +0100, Andreas Beckmann wrote: > > #688891: psad: modifies conffiles (policy 10.7.3): /etc/psad/psad.conf > This seems to be fixed for upgrades from testing (psad 2.2-2), but > upgrades from squeeze (psad 2.1.7-1) now generate an unwanted prompt: > > Setting up psad (2.2-3) ... > Installing new version of config file /etc/init.d/psad ... > Installing new version of config file /etc/psad/ip_options ... > > Configuration file `/etc/psad/psad.conf' > ==> Modified (by you or by a script) since installation. > ==> Package distributor has shipped an updated version. > What would you like to do about it ? Your options are: > Y or I : install the package maintainer's version > N or O : keep your currently-installed version > D : show the differences between the versions > Z : start a shell to examine the situation > The default action is to keep your current version. > *** psad.conf (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing psad > (--configure): > EOF on stdin at conffile prompt > configured to not write apport reports > Errors were encountered while processing: > psad > > This was already reported as #675231 and fixed in 2.2-2.
Gnarf. Sorry for missing this. I've been thinking about this a bit, and I'm not sure what the elegant solution is. What I've tried now is: - add back the revert-changes part to the preinst - but guard it with a version check so that it adds back _CHANGEME_ only for upgrades from versions before this replacement was removed from the postinst This seems to allow upgrades from 2.1.7-1; it also changes back the value to _CHANGEME_ which is a bit ugly. Debdiff attached. Cheers, gregor -- .''`. Homepage: http://info.comodo.priv.at/ - OpenPGP key 0xBB3A68018649AA06 : :' : Debian GNU/Linux user, admin, and developer - http://www.debian.org/ `. `' Member of VIBE!AT & SPI, fellow of the Free Software Foundation Europe `- NP: Bruce Springsteen: Nothing Man
diff -Nru psad-2.2/debian/changelog psad-2.2/debian/changelog
--- psad-2.2/debian/changelog 2012-10-28 16:07:12.000000000 +0100
+++ psad-2.2/debian/changelog 2012-11-04 16:10:41.000000000 +0100
@@ -1,3 +1,14 @@
+psad (2.2-3.1) UNRELEASED; urgency=low
+
+ * Non-maintainer upload.
+ * Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf", second try:
+ - add back changes to d.psad.preinst that revert changes to
+ /etc/psad/psad.conf
+ - but only for upgrades from versions before 2.2-3
+ (Closes: #688891)
+
+ -- gregor herrmann <gre...@debian.org> Sun, 04 Nov 2012 15:56:57 +0100
+
psad (2.2-3) unstable; urgency=low
* Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf"
diff -Nru psad-2.2/debian/psad.preinst psad-2.2/debian/psad.preinst
--- psad-2.2/debian/psad.preinst 2012-10-28 16:07:12.000000000 +0100
+++ psad-2.2/debian/psad.preinst 2012-11-04 16:04:04.000000000 +0100
@@ -1,14 +1,54 @@
#!/bin/sh
-# This script is only intended to fix bug #497574.
-# We check for an upgrade from Psad older than 2.1.5 and remove the old
-# Psad process if needed.
#
-# NB: As some commands can return an exit code other than 0 we do not use
-# *set -e* at the beginning.
+# Update_conf
+#
+# This function searchs a key entry in a file and updates its value with the new
+# one.
+#
+# Syntax:
+#
+# update_conf new_val key conffile
+# -> new_val ... : Value to set for the key value
+# -> key ....... : Name of the key to be updated
+# -> conffile .. : File to search
+#
+update_conf ()
+{
+ local new_val
+ local key
+ local conffile
+
+ new_val=$1
+ key=$2
+ conffile=$3
+
+ cp $conffile $conffile.old
+
+ old_val=`awk '$1 == "'$key'" { print $2 }' $conffile`
+ awk '$1 == "'$key'" { gsub("'$old_val'","'$new_val';",$0); \
+ print $0 } \
+ $1 != "'$key'" { print $0 }' \
+ $conffile.old > $conffile
+
+ rm $conffile.old
+}
if [ "$1" = "upgrade" ]; then
+ # Revert changes added to the configuration file by the postinst script
+ # if we are upgrading from a version which changed it (#688891)
+ if [ -n "$2" ] && dpkg --compare-versions 2.2-3 gt $2 ; then
+ update_conf "_CHANGEME_" "HOSTNAME" "/etc/psad/psad.conf"
+ fi
+
+ # This script is only intended to fix bug #497574.
+ # We check for an upgrade from Psad older than 2.1.5 and remove the old
+ # Psad process if needed.
+ #
+ # NB: As some commands can return an exit code other than 0 we do not use
+ # *set -e* at the beginning.
+
status=1;
if [ -x "`which dpkg 2>/dev/null`" ]; then
dpkg --compare-versions 2.1.5 gt $2
signature.asc
Description: Digital signature
