Package: snort-rules-default Version: 2.3.2-2 Severity: serious Hello Javier,
When upgrading a pristine woody chroot with snort installed, and no snort conffiles modified manually, upgrading snort-rules-default cause dpkg to prompt conffiles handling for thirty-four (34) files. This is more than the total for a standard upgrade to sarge when snort is not installed. But given that I did not modify any of them in the first place even one would be too much. See the log below. This is easy to reproduce: 1) debootstrap woody 2) apt-get install snort 3) retarget apt to sarge 4) apt-get install snort-common ( to work around #311257) Apparenlty this is due to this line in snort-rules-default preinst: mv /etc/snort/*.rules /etc/snort/rules/ This is not acceptable. If you do that, then you cannot mark the files under /etc/snort/rules/... as conffiles anymore, you must handle them with tool like ucf that can be instructed of the move. Anyway, my opinion is those files are best placed in /usr/share with an overriding in /etc as spamassassin do. Cheers, -- Bill. <[EMAIL PROTECTED]> Imagine a large red swirl here. Setting up snort-rules-default (2.3.2-2) ... Configuration file `/etc/snort/classification.config' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** classification.config (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/attack-responses.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** attack-responses.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/backdoor.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** backdoor.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/bad-traffic.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** bad-traffic.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/ddos.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** ddos.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/dns.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** dns.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/dos.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** dos.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/exploit.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** exploit.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/finger.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** finger.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/ftp.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** ftp.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/icmp-info.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** icmp-info.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/icmp.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** icmp.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/info.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** info.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/local.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** local.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/misc.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** misc.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/netbios.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** netbios.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/policy.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** policy.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/porn.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** porn.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/rpc.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** rpc.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/rservices.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** rservices.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/scan.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** scan.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/shellcode.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** shellcode.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/smtp.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** smtp.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/sql.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** sql.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/telnet.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** telnet.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/tftp.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** tftp.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/virus.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** virus.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/web-attacks.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** web-attacks.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/web-cgi.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** web-cgi.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/web-coldfusion.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** web-coldfusion.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/web-frontpage.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** web-frontpage.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/web-iis.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** web-iis.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/web-misc.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** web-misc.rules (Y/I/N/O/D/Z) [default=N] ? Configuration file `/etc/snort/rules/x11.rules' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. *** x11.rules (Y/I/N/O/D/Z) [default=N] ? Setting up perl-modules (5.8.4-8) ... Setting up snort-common (2.3.2-2) ... Installing new version of config file /etc/cron.daily/5snort ... Installing new version of config file /etc/snort/snort.conf ... -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]