Hi,
I played a little bit with this bug, and I find one possible solution is to have
those common config files in a -common package that becomes arch=all. Thus, they
would not be replaced or removed in the scenario reported by Andreas.
In this case, package src:libpam-ldap would generate two binary packages
libpam-ldap and libpam-ldap-common, with the following files:
# dpkg -c libpam-ldap_184-8.6_ppc64el.deb | awk '{print $6}'
./
./etc/
./usr/
./usr/share/
./usr/share/doc/
./usr/share/doc/libpam-ldap/
./usr/share/doc/libpam-ldap/AUTHORS
./usr/share/doc/libpam-ldap/changelog.gz
./usr/share/doc/libpam-ldap/copyright
./usr/share/doc/libpam-ldap/buildinfo_ppc64el.gz
./usr/share/doc/libpam-ldap/README.gz
./usr/share/doc/libpam-ldap/README.Debian
./usr/share/doc/libpam-ldap/changelog.Debian.gz
./usr/share/libpam-ldap/
./lib/
./lib/powerpc64le-linux-gnu/
./lib/powerpc64le-linux-gnu/security/
./lib/powerpc64le-linux-gnu/security/pam_ldap.so
and
# dpkg -c libpam-ldap-common_184-8.6_all.deb | awk '{print $6}'
./
./usr/
./usr/share/
./usr/share/man/
./usr/share/man/man5/
./usr/share/man/man5/pam_ldap.conf.5.gz
./usr/share/pam-configs/
./usr/share/pam-configs/ldap
./usr/share/doc/
./usr/share/doc/libpam-ldap-common/
./usr/share/doc/libpam-ldap-common/AUTHORS
./usr/share/doc/libpam-ldap-common/changelog.gz
./usr/share/doc/libpam-ldap-common/copyright
./usr/share/doc/libpam-ldap-common/buildinfo_all.gz
./usr/share/doc/libpam-ldap-common/README.gz
./usr/share/doc/libpam-ldap-common/changelog.Debian.gz
./usr/share/doc/libpam-ldap/
./usr/share/doc/libpam-ldap/ldapns.schema
./usr/share/doc/libpam-ldap/LDAP-Permissions.txt
./usr/share/doc/libpam-ldap/examples/
./usr/share/doc/libpam-ldap/examples/pam.conf
./usr/share/doc/libpam-ldap/examples/pam.d/
./usr/share/doc/libpam-ldap/examples/pam.d/ssh
./usr/share/doc/libpam-ldap/examples/pam.d/shutdown
./usr/share/doc/libpam-ldap/examples/pam.d/samba
./usr/share/doc/libpam-ldap/examples/pam.d/gdm
./usr/share/doc/libpam-ldap/examples/pam.d/su
./usr/share/doc/libpam-ldap/examples/pam.d/reboot
./usr/share/doc/libpam-ldap/examples/pam.d/xserver
./usr/share/doc/libpam-ldap/examples/pam.d/halt
./usr/share/doc/libpam-ldap/examples/pam.d/rsh
./usr/share/doc/libpam-ldap/examples/pam.d/rexec
./usr/share/doc/libpam-ldap/examples/pam.d/passwd
./usr/share/doc/libpam-ldap/examples/pam.d/mcserv
./usr/share/doc/libpam-ldap/examples/pam.d/xscreensaver
./usr/share/doc/libpam-ldap/examples/pam.d/xdm
./usr/share/doc/libpam-ldap/examples/pam.d/imap
./usr/share/doc/libpam-ldap/examples/pam.d/login
./usr/share/doc/libpam-ldap/examples/pam.d/other
./usr/share/doc/libpam-ldap/examples/pam.d/linuxconf
./usr/share/doc/libpam-ldap/examples/pam.d/chfn
./usr/share/doc/libpam-ldap/examples/pam.d/xlock
./usr/share/doc/libpam-ldap/examples/pam.d/pop
./usr/share/doc/libpam-ldap/examples/pam.d/rlogin
./usr/share/doc/libpam-ldap/examples/pam.d/chsh
./usr/share/doc/libpam-ldap/examples/pam.d/vlock
./usr/share/doc/libpam-ldap/examples/pam.d/poweroff
./usr/share/doc/libpam-ldap/examples/pam.d/ftp
./usr/share/doc/libpam-ldap/examples/pam.d/kde
./usr/share/doc/libpam-ldap/examples/pam.d/linuxconf-pair
./usr/share/doc/libpam-ldap/examples/pam.d/ppp
./usr/share/doc/libpam-ldap/examples/chfn
./usr/share/doc/libpam-ldap/examples/chsh
./usr/share/libpam-ldap/
./usr/share/libpam-ldap/ldap.conf
I created a patch to do it, and I would love to hear feedback about it.
Thank you,
Breno
Index: libpam-ldap-184/debian/control
===================================================================
--- libpam-ldap-184.orig/debian/control
+++ libpam-ldap-184/debian/control
@@ -8,10 +8,20 @@ Build-Depends: cdbs (>= 0.4.93~), quilt,
Package: libpam-ldap
Architecture: any
Multi-Arch: same
-Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime (>= 1.0.1-6), libpam0g (>= 1.1.3-2)
+Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime (>= 1.0.1-6), libpam0g (>= 1.1.3-2), libpam-ldap-common (= ${binary:Version})
Suggests: libnss-ldapd | libnss-ldap
Description: Pluggable Authentication Module for LDAP
This package provides an interface between an LDAP server and the PAM
user authentication system. Using it along with libnss-ldapd or libnss-ldap
allows LDAP to entirely replace other lookup methods (such as NIS or
+ flat-file) for system account tables.
+
+Package: libpam-ldap-common
+Architecture: all
+Depends:
+Suggests:
+Description: Pluggable Authentication Module for LDAP configuration
+ This package provides an interface between an LDAP server and the PAM
+ user authentication system. Using it along with libnss-ldapd or libnss-ldap
+ allows LDAP to entirely replace other lookup methods (such as NIS or
flat-file) for system account tables.
Index: libpam-ldap-184/debian/libpam-ldap-common.install
===================================================================
--- /dev/null
+++ libpam-ldap-184/debian/libpam-ldap-common.install
@@ -0,0 +1,9 @@
+debian/tmp/usr/share/pam-configs/ldap
+build-tree/*/ldap.conf usr/share/libpam-ldap
+build-tree/*/pam.d usr/share/doc/libpam-ldap/examples
+build-tree/*/chfn usr/share/doc/libpam-ldap/examples
+build-tree/*/chsh usr/share/doc/libpam-ldap/examples
+build-tree/*/pam.conf usr/share/doc/libpam-ldap/examples
+build-tree/*/pam_ldap.5 usr/share/man/man5
+build-tree/*/ldapns.schema usr/share/doc/libpam-ldap
+debian/LDAP-Permissions.txt usr/share/doc/libpam-ldap
Index: libpam-ldap-184/debian/libpam-ldap.install
===================================================================
--- libpam-ldap-184.orig/debian/libpam-ldap.install
+++ libpam-ldap-184/debian/libpam-ldap.install
@@ -1,10 +1 @@
-build-tree/*/ldap.conf usr/share/libpam-ldap
-build-tree/*/pam.d usr/share/doc/libpam-ldap/examples
-build-tree/*/chfn usr/share/doc/libpam-ldap/examples
-build-tree/*/chsh usr/share/doc/libpam-ldap/examples
-build-tree/*/pam.conf usr/share/doc/libpam-ldap/examples
-build-tree/*/pam_ldap.5 usr/share/man/man5
-build-tree/*/ldapns.schema usr/share/doc/libpam-ldap
-debian/LDAP-Permissions.txt usr/share/doc/libpam-ldap
debian/tmp/lib/*/security
-debian/tmp/usr/share/pam-configs/ldap
Index: libpam-ldap-184/debian/rules
===================================================================
--- libpam-ldap-184.orig/debian/rules
+++ libpam-ldap-184/debian/rules
@@ -12,6 +12,7 @@ include /usr/share/cdbs/1/rules/tarball.
DEB_DESTDIR = $(CURDIR)/debian/tmp
MY_INSTR_DIR = $(CURDIR)/debian/libpam-ldap
+MY_INSTR_COMM_DIR = $(CURDIR)/debian/libpam-ldap-common
DEB_CONFIGURE_EXTRA_FLAGS += \
--libdir=/lib/$(DEB_HOST_MULTIARCH) \
--with-ldap-lib=openldap \
@@ -23,18 +24,18 @@ DEB_OPT_FLAG += -fPIC
clean::
rm *.cdbs-config_list
-install/libpam-ldap::
+install/libpam-ldap-common::
install -D -m 644 debian/libpam-ldap.pam-auth-update debian/tmp/usr/share/pam-configs/ldap
-binary-post-install/libpam-ldap::
+binary-post-install/libpam-ldap-common::
# rename man page
- mv $(MY_INSTR_DIR)/usr/share/man/man5/pam_ldap.5 \
- $(MY_INSTR_DIR)/usr/share/man/man5/pam_ldap.conf.5
+ mv $(MY_INSTR_COMM_DIR)/usr/share/man/man5/pam_ldap.5 \
+ $(MY_INSTR_COMM_DIR)/usr/share/man/man5/pam_ldap.conf.5
# change all references from /etc/ldap.{conf,secret} to /etc/pam_ldap.{conf,secret}
- for file in $(MY_INSTR_DIR)/usr/share/man/man5/pam_ldap.conf.5 \
- $(MY_INSTR_DIR)/usr/share/libpam-ldap/ldap.conf \
- $(MY_INSTR_DIR)/usr/share/doc/libpam-ldap/examples/chfn \
- $(MY_INSTR_DIR)/usr/share/doc/libpam-ldap/examples/chsh ; do \
+ for file in $(MY_INSTR_COMM_DIR)/usr/share/man/man5/pam_ldap.conf.5 \
+ $(MY_INSTR_COMM_DIR)/usr/share/libpam-ldap/ldap.conf \
+ $(MY_INSTR_COMM_DIR)/usr/share/doc/libpam-ldap/examples/chfn \
+ $(MY_INSTR_COMM_DIR)/usr/share/doc/libpam-ldap/examples/chsh ; do \
sed -e 's,ldap.conf,pam_ldap.conf,' \
-e 's,ldap.secret,pam_ldap.secret,' \
< $$file > $$file-sed; \