Followup-For: Bug #689508
Control: tag -1 patch
Doing longterm dist-upgrade tests with piuparts (starting in lenny/squeeze
and going release by release up to stretch) I'm still running into false
positive reports for modified files that are actually obsolete conffiles
still "owned" by the package that shipped them in the past.
A common case is a former conffile that is now a configuration file
managed by ucf (and is no longer matching the ancient md5sum).
Making dpkg "forget" about the conffile is difficult if the name is
still being used (dpkg-maintscript-helper rm_conffile could be abused
in non-intuitive ways).
The attached patch unconditionally excludes all obsolete conffiles.
Maybe that is not the optimal approach and a new command line option
should be used instead (and then we could discuss whether obsolete
conffiles should be ignored by default - I would say yes).
Andreas
>From 54097a012d33c8c05e143a91d627394405c4ec71 Mon Sep 17 00:00:00 2001
From: Andreas Beckmann <a...@debian.org>
Date: Fri, 21 Apr 2017 01:35:49 +0200
Subject: [PATCH] ignore obsolete conffiles
even if still 'owned' by the package according to dpkg, the obsolete
conffile either no longer exists (in this case the old md5sum should
be still valid) or is managed differently (e.g using ucf) and the md5sum
is outdated and likely causes a false positive report of a modified file
---
debsums | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/debsums b/debsums
index faee262..1a748fb 100755
--- a/debsums
+++ b/debsums
@@ -262,7 +262,7 @@ my %replaced;
$package_name{$field{"Package"}} = $field{"binary:Package"};
}
$installed{$field{"binary:Package"}}{Conffiles} = {
- map m!^\s*/(\S+)\s+([\da-f]+)!, split /\n/, $field{Conffiles}
+ map m!^\s*/(\S+)\s+([\da-f]+)!, grep {!/ obsolete$/} split /\n/, $field{Conffiles}
} if $field{Conffiles};
for (split /,\s*/, $field{Replaces})
--
2.11.0
