Package: libapache2-modsecurity Version: 2.9.1-2 Severity: serious User: [email protected] Usertags: piuparts
Hi, during a test with piuparts I noticed your package failed the piuparts upgrade test because dpkg detected a conffile as being modified and then prompted the user for an action. As there is no user input, this fails. But this is not the real problem, the real problem is that this prompt shows up in the first place, as there was nobody modifying this conffile at all, the package has just been installed and upgraded... This is a violation of policy 10.7.3, see https://www.debian.org/doc/debian-policy/ch-files.html#s10.7.3, which says "[These scripts handling conffiles] must not ask unnecessary questions (particularly during upgrades), and must otherwise be good citizens." https://wiki.debian.org/DpkgConffileHandling should help with figuring out how to do this properly. In https://lists.debian.org/debian-devel/2009/08/msg00675.html and followups it has been agreed that these bugs are to be filed with severity serious. >From the attached log (scroll to the bottom...): Setting up libapache2-mod-security2 (2.9.1-2) ... Configuration file '/etc/apache2/mods-available/security2.conf' ==> Modified (by you or by a script) since installation. ==> Package distributor has shipped an updated version. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : start a shell to examine the situation The default action is to keep your current version. *** security2.conf (Y/I/N/O/D/Z) [default=N] ? dpkg: error processing package libapache2-mod-security2 (--configure): end of file on stdin at conffile prompt dpkg: dependency problems prevent configuration of libapache2-modsecurity: libapache2-modsecurity depends on libapache2-mod-security2; however: Package libapache2-mod-security2 is not configured yet. dpkg: error processing package libapache2-modsecurity (--configure): dependency problems - leaving unconfigured Setting up libcap2-bin (1:2.25-1) ... Processing triggers for libc-bin (2.24-8) ... Processing triggers for systemd (232-8) ... Errors were encountered while processing: libapache2-mod-security2 libapache2-modsecurity This was observed during a wheezy->jessie->stretch upgrade test. cheers, Andreas
libapache2-modsecurity_2.9.1-2.log.gz
Description: application/gzip
