> I have been listening on the sideline, and really appreciate the good
> input on this.
great :)
> Have been too busy with real life to dig into the problem myself, but
> will appreciate a patch and package it.
well, then a patch is attached.
it is a patch against the tree built by the current state of :
apt-get source uw-imapd/unstable
the patch is inspired by dato's work, and create
{uw-imapd,ipopd}.{postrm,preinst,postinst} from templates.
the patch is presented as an NMU, so you will have to change the
debian/changelog entry and put your name in there ;)
cheers,
--
�O� Pierre Habouzit
��O
OOO http://www.madism.org
diff -ruN uw-imap-2002edebian1/debian/changelog
uw-imap-2002edebian1.new/debian/changelog
--- uw-imap-2002edebian1/debian/changelog 2005-02-26 18:13:55.249980232
+0100
+++ uw-imap-2002edebian1.new/debian/changelog 2005-02-26 18:18:54.796505956
+0100
@@ -1,3 +1,10 @@
+uw-imap (7:2002edebian1-6.1) unstable; urgency=low
+
+ * Non-maintainer upload.
+ * Handle inetd.conf correctly (closes: #295306).
+
+ -- Pierre Habouzit <[EMAIL PROTECTED]> Sat, 26 Feb 2005 18:18:08 +0100
+
uw-imap (7:2002edebian1-6) unstable; urgency=high
* Fix CERT security bug VU#702777: CRAM-MD5 authentication (disabled
diff -ruN uw-imap-2002edebian1/debian/ipopd.postinst
uw-imap-2002edebian1.new/debian/ipopd.postinst
--- uw-imap-2002edebian1/debian/ipopd.postinst 2005-02-26 18:13:55.251980049
+0100
+++ uw-imap-2002edebian1.new/debian/ipopd.postinst 1970-01-01
01:00:00.000000000 +0100
@@ -1,47 +0,0 @@
-#!/bin/sh
-
-set -e
-
-# Source debconf library.
-. /usr/share/debconf/confmodule
-db_version 2.0
-
-db_get ipopd/protocol
-for i in `echo "$RET" | sed 's/,/ /g'`; do
-
- if [ "$i" = "pop2" ]; then
- update-inetd --group mail --add "pop2 stream tcp nowait
root /usr/sbin/tcpd /usr/sbin/ipop2d"
- elif [ "$i" = "pop3" ]; then
- update-inetd --group mail --add "pop3 stream tcp nowait
root /usr/sbin/tcpd /usr/sbin/ipop3d"
- elif [ "$i" = "pop3s" ]; then
- update-inetd --group mail --add "pop3s stream tcp nowait
root /usr/sbin/tcpd /usr/sbin/ipop3d"
- fi
-done
-
-cd /etc/ssl/certs
-PATH=$PATH:/usr/bin/ssl
-if [ -f ipop3d.pem ]; then
- echo "You already have /etc/ssl/certs/ipop3d.pem"
-else
- echo "Creating generic self-signed certificate:
/etc/ssl/certs/ipop3d.pem"
- echo "(replace with hand-crafted or authorized one if needed)."
- HOSTNAME=`hostname -s`
- FQDN=`hostname -f`
- MAILNAME=`cat /etc/mailname 2> /dev/null || hostname -f`
- openssl req -new -x509 -days 365 -nodes -out ipop3d.pem -keyout
ipop3d.pem > /dev/null 2>&1 <<+
-.
-.
-.
-University of Washington POP3 daemon
-$HOSTNAME
-$FQDN
[EMAIL PROTECTED]
-+
- ln -sf ipop3d.pem `openssl x509 -noout -hash < ipop3d.pem`.0
- chown root.root /etc/ssl/certs/ipop3d.pem
- chmod 0640 /etc/ssl/certs/ipop3d.pem
-fi
-
-#DEBHELPER#
-
-exit 0
diff -ruN uw-imap-2002edebian1/debian/ipopd.postrm
uw-imap-2002edebian1.new/debian/ipopd.postrm
--- uw-imap-2002edebian1/debian/ipopd.postrm 2005-02-26 18:13:55.249980232
+0100
+++ uw-imap-2002edebian1.new/debian/ipopd.postrm 1970-01-01
01:00:00.000000000 +0100
@@ -1,34 +0,0 @@
-#!/bin/sh
-
-set -e
-
-# Source debconf library.
-. /usr/share/debconf/confmodule
-db_version 2.0
-
-##
-## Remove POP daemons from inetd.conf
-##
-db_get ipopd/protocol
-for i in `echo "$RET" | sed 's/,/ /g'`; do
- if [ "$i" = "pop2" ]; then
- update-inetd --remove pop2;
- elif [ "$i" = "pop3" ]; then
- update-inetd --remove pop3;
- elif [ "$i" = "pop3s" ]; then
- update-inetd --remove pop3s;
- fi
-done
-
-if [ "$1" = "purge" -a -f /etc/ssl/certs/ipop3d.pem ]; then
-# cd /etc/ssl/certs
-# PATH=$PATH:/usr/bin/ssl
-# rm -f `openssl x509 -noout -hash < ipop3d.pem`.0 || true
-# if [ -f ipop3d.pem ]; then rm -f ipop3d.pem; fi
- echo "SSL certificate /etc/ssl/certs/ipop3d.pem is NOT removed."
- echo "Please remove the file manually."
-fi
-
-#DEBHELPER#
-
-exit 0
diff -ruN uw-imap-2002edebian1/debian/rules
uw-imap-2002edebian1.new/debian/rules
--- uw-imap-2002edebian1/debian/rules 2005-02-26 18:13:55.292976293 +0100
+++ uw-imap-2002edebian1.new/debian/rules 2005-02-26 18:16:56.248395537
+0100
@@ -49,6 +49,11 @@
echo "Upstream version has changed (or debian/control.in is out
of sync)"; \
echo "Please do a 'debian/rules update-control' or edit
manually..."; \
exit 1)
+ for i in uw-imapd ipopd; do
\
+ for f in preinst postinst postrm; do
\
+ sed -e "s/@@PROGRAM@@/$$i/" debian/uw/$$f >
debian/$$i.$$f; \
+ done;
\
+ done
build: build-stamp
build-stamp: debian/stamp-patched
@@ -78,6 +83,11 @@
eval targetfile=`echo $$file | sed $(SEDRULE_FILENAME)`; \
rm -f $$targetfile; \
done
+ for i in uw-imapd ipopd; do \
+ for f in preinst postinst postrm; do \
+ rm -f debian/$$i.$$f; \
+ done; \
+ done
pre-build::
for file in `find debian -type f -name '*.in' -not -name control.in
-not -name POTFILES.in`; do \
diff -ruN uw-imap-2002edebian1/debian/uw/postinst
uw-imap-2002edebian1.new/debian/uw/postinst
--- uw-imap-2002edebian1/debian/uw/postinst 1970-01-01 01:00:00.000000000
+0100
+++ uw-imap-2002edebian1.new/debian/uw/postinst 2005-02-26 18:09:21.368077234
+0100
@@ -0,0 +1,72 @@
+#!/bin/sh
+
+set -e
+
+PROGRAM=@@PROGRAM@@
+
+# Source debconf library.
+. /usr/share/debconf/confmodule
+db_version 2.0
+
+if [ "$1" = "configure" ]; then
+ if [ -z "$2" ]; then
+ UPDATE_INETD_ARG='--group mail --add'
+ UPDATE_INETD_ARG_EXTRA=" stream tcp nowait root
/usr/sbin/tcpd /usr/sbin/imapd"
+ else
+ UPDATE_INETD_ARG='--enable'
+
+ # Bug#295306
+ if dpkg --compare-versions "$2" le 7:2002edebian1-6
+ then
+ MY_FILE=/var/cache/${PROGRAM}_inetd.conf_copy
+ if [ -r "$MY_FILE" ]; then
+ while read line; do
+ update-inetd --group mail --add "$line"
+ done < "$MY_FILE"
+ rm -f "$MY_FILE"
+ else
+ # The file has disappeared, or we're installing from
+ # 'config files' state. Install default entries.
+ UPDATE_INETD_ARG='--group mail --add'
+ UPDATE_INETD_ARG_EXTRA=" stream tcp nowait root
/usr/sbin/tcpd /usr/sbin/imapd"
+ fi
+ fi
+ fi
+
+ db_get uw-imapd/protocol
+ for i in `echo "$RET" | sed 's/,/ /g'`; do
+ case "$i" in
+ imap2|imap3|imaps)
+ update-inetd $UPDATE_INETD_ARG "${i}${UPDATE_INETD_ARG_EXTRA}"
+ ;;
+ esac
+ done
+fi
+
+cd /etc/ssl/certs
+PATH=$PATH:/usr/bin/ssl
+if [ -f imapd.pem ]; then
+ echo "You already have /etc/ssl/certs/imapd.pem"
+else
+ echo "Creating generic self-signed certificate:
/etc/ssl/certs/imapd.pem"
+ echo "(replace with hand-crafted or authorized one if needed)."
+ HOSTNAME=`hostname -s`
+ FQDN=`hostname -f`
+ MAILNAME=`cat /etc/mailname 2> /dev/null || hostname -f`
+ openssl req -new -x509 -days 365 -nodes -out imapd.pem -keyout
imapd.pem > /dev/null 2>&1 <<+
+.
+.
+.
+University of Washington IMAP daemon
+$HOSTNAME
+$FQDN
[EMAIL PROTECTED]
++
+ ln -sf imapd.pem `openssl x509 -noout -hash < imapd.pem`.0
+ chown root.root /etc/ssl/certs/imapd.pem
+ chmod 0640 /etc/ssl/certs/imapd.pem
+fi
+
+#DEBHELPER#
+
+exit 0
diff -ruN uw-imap-2002edebian1/debian/uw/postrm
uw-imap-2002edebian1.new/debian/uw/postrm
--- uw-imap-2002edebian1/debian/uw/postrm 1970-01-01 01:00:00.000000000
+0100
+++ uw-imap-2002edebian1.new/debian/uw/postrm 2005-02-26 17:45:14.548607725
+0100
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+set -e
+
+# Source debconf library.
+. /usr/share/debconf/confmodule
+db_version 2.0
+
+##
+## Remove imapd from inetd.conf
+##
+
+if [ "$1" = "purge" ]; then
+ UPDATE_INETD_ARG='--remove'
+else
+ # Note that we disable in upgrades too
+ UPDATE_INETD_ARG='--disable'
+fi
+
+db_get uw-imapd/protocol
+for i in `echo "$RET" | sed 's/,/ /g'`; do
+ case "$i" in
+ imap2|imap3|imaps)
+ update-inetd $UPDATE_INETD_ARG $i
+ ;;
+ esac
+done
+
+if [ "$1" = "purge" -a -f /etc/ssl/certs/imapd.pem ]; then
+ echo "SSL certificate /etc/ssl/certs/imapd.pem is NOT removed."
+ echo "Please remove manually if required."
+# cd /etc/ssl/certs
+# PATH=$PATH:/usr/bin/ssl
+# rm -f `openssl x509 -noout -hash < imapd.pem`.0 || true
+# if [ -f imapd.pem ]; then rm -f imapd.pem; fi
+fi
+
+#DEBHELPER#
+
+exit 0
diff -ruN uw-imap-2002edebian1/debian/uw/preinst
uw-imap-2002edebian1.new/debian/uw/preinst
--- uw-imap-2002edebian1/debian/uw/preinst 1970-01-01 01:00:00.000000000
+0100
+++ uw-imap-2002edebian1.new/debian/uw/preinst 2005-02-26 18:10:50.291928297
+0100
@@ -0,0 +1,16 @@
+#!/bin/sh
+
+set -e
+
+PROGRAM=@@PROGRAM@@
+
+MY_FILE=/var/cache/${PROGRAM}_inetd.conf_copy
+
+if [ "$1" = "upgrade" ] && dpkg --compare-versions "$2" le 7:2002edebian1-6
+then
+ # See Bug#295306: the postrm that will be called after unpacking
+ # will remove entries from /etc/inetd.conf, so we save them for
+ # restoring them in the postinst.
+ grep -E "^([# ]+|#<off># +)?imap[23s]" /etc/inetd.conf >>"$MY_FILE"
+fi
+
diff -ruN uw-imap-2002edebian1/debian/uw-imapd.postinst
uw-imap-2002edebian1.new/debian/uw-imapd.postinst
--- uw-imap-2002edebian1/debian/uw-imapd.postinst 2005-02-26
18:13:55.275977850 +0100
+++ uw-imap-2002edebian1.new/debian/uw-imapd.postinst 1970-01-01
01:00:00.000000000 +0100
@@ -1,46 +0,0 @@
-#!/bin/sh
-
-set -e
-
-# Source debconf library.
-. /usr/share/debconf/confmodule
-db_version 2.0
-
-db_get uw-imapd/protocol
-for i in `echo "$RET" | sed 's/,/ /g'`; do
- if [ "$i" = "imap2" ]; then
- update-inetd --group mail --add "imap2 stream tcp nowait
root /usr/sbin/tcpd /usr/sbin/imapd";
- elif [ "$i" = "imap3" ]; then
- update-inetd --group mail --add "imap3 stream tcp nowait
root /usr/sbin/tcpd /usr/sbin/imapd";
- elif [ "$i" = "imaps" ]; then
- update-inetd --group mail --add "imaps stream tcp nowait
root /usr/sbin/tcpd /usr/sbin/imapd";
- fi
-done
-
-cd /etc/ssl/certs
-PATH=$PATH:/usr/bin/ssl
-if [ -f imapd.pem ]; then
- echo "You already have /etc/ssl/certs/imapd.pem"
-else
- echo "Creating generic self-signed certificate:
/etc/ssl/certs/imapd.pem"
- echo "(replace with hand-crafted or authorized one if needed)."
- HOSTNAME=`hostname -s`
- FQDN=`hostname -f`
- MAILNAME=`cat /etc/mailname 2> /dev/null || hostname -f`
- openssl req -new -x509 -days 365 -nodes -out imapd.pem -keyout
imapd.pem > /dev/null 2>&1 <<+
-.
-.
-.
-University of Washington IMAP daemon
-$HOSTNAME
-$FQDN
[EMAIL PROTECTED]
-+
- ln -sf imapd.pem `openssl x509 -noout -hash < imapd.pem`.0
- chown root.root /etc/ssl/certs/imapd.pem
- chmod 0640 /etc/ssl/certs/imapd.pem
-fi
-
-#DEBHELPER#
-
-exit 0
diff -ruN uw-imap-2002edebian1/debian/uw-imapd.postrm
uw-imap-2002edebian1.new/debian/uw-imapd.postrm
--- uw-imap-2002edebian1/debian/uw-imapd.postrm 2005-02-26 18:13:55.286976843
+0100
+++ uw-imap-2002edebian1.new/debian/uw-imapd.postrm 1970-01-01
01:00:00.000000000 +0100
@@ -1,35 +0,0 @@
-#!/bin/sh
-
-set -e
-
-# Source debconf library.
-. /usr/share/debconf/confmodule
-db_version 2.0
-
-##
-## Remove imapd from inetd.conf
-##
-
-db_get uw-imapd/protocol
-for i in `echo "$RET" | sed 's/,/ /g'`; do
- if [ "$i" = "imap2" ]; then
- update-inetd --remove imap2;
- elif [ "$i" = "imap3" ]; then
- update-inetd --remove imap3;
- elif [ "$i" = "imaps" ]; then
- update-inetd --remove imaps;
- fi
-done
-
-if [ "$1" = "purge" -a -f /etc/ssl/certs/imapd.pem ]; then
- echo "SSL certificate /etc/ssl/certs/imapd.pem is NOT removed."
- echo "Please remove manually if required."
-# cd /etc/ssl/certs
-# PATH=$PATH:/usr/bin/ssl
-# rm -f `openssl x509 -noout -hash < imapd.pem`.0 || true
-# if [ -f imapd.pem ]; then rm -f imapd.pem; fi
-fi
-
-#DEBHELPER#
-
-exit 0
