Your message dated Sat, 23 Dec 2006 10:33:56 +0000 with message-id <[EMAIL PROTECTED]> and subject line Bug#335276: openssh conffile prompt: /etc/ssh/moduli has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what I am talking about this indicates a serious mail system misconfiguration somewhere. Please contact me immediately.) Debian bug tracking system administrator (administrator, Debian Bugs database)
--- Begin Message ---Package: ssh Version: 1:4.2p1-5 When testing upgrades of blacs-test-common from sarge to etch I ran into trouble with ssh: Setting up openssh-client (4.2p1-5) ... Configuration file `/etc/ssh/ssh_config' ==> File on system created by you or by a script. ==> File also in package provided by package maintainer. What would you like to do about it ? Your options are: Y or I : install the package maintainer's version N or O : keep your currently-installed version D : show the differences between the versions Z : background this process to examine the situation The default action is to keep your current version. Note that since this was all done without touching any conffiles, it would seem that a smooth upgrade from sarge isn't currently possible. Would it be possible to twiddle things around in ways that make it possible, at least for people who haven't touch their ssh conffiles? -- Do, or do not. There is no angst.
--- End Message ---
--- Begin Message ---On Thu, Dec 14, 2006 at 02:03:45PM -0500, Justin Pryzby wrote: > On Thu, Dec 14, 2006 at 12:20:10PM -0500, Justin Pryzby wrote: > > reopen 335276 > > found 335276 1:4.3p2-7 > > thanks > > > > I'm afraid this just happened again, this time with /etc/ssh/moduli. > > I don't know what this file does. Should it be included with the package? Yes; it's used for Diffie-Hellman group generation by both ssh-keygen and sshd. It has a man page and everything ... > > It it modified somehow, somewhen? 1:4.3p2-7 changed it by request in bug #335259. It is not edited by maintainer scripts. > > 2006-12-14 11:36:32 upgrade openssh-server 1:4.3p2-6 1:4.3p2-7 > > > > $ md5sum /etc/ssh/moduli* openssh-client-1\:4.3p2-6/etc/ssh/moduli > > 45e8268b1994ab38d5309eed05ba003c /etc/ssh/moduli > > 085771ebb2b6cfe60b84ad094de0788a /etc/ssh/moduli.dpkg-old > > d93b0dd7a654a68e39361caff3f3061e openssh-client-1:4.3p2-6/etc/ssh/moduli Well, that almost certainly indicates that you modified it inadvertently, perhaps in the process of resolving a previous conffile prompt from an upgrade before this bug was fixed. Please only reopen this bug if you can demonstrate that it was a truly unmodified conffile. Not *all* conffile prompts are bugs - only those where the admin genuinely never touched the conffile. openssh's maintainer scripts don't touch that file other than sometimes removing it to work around the old dpkg bug that was the original cause of this bug report. > This seems to be related to #335259; but, I'm somewhat confused, since I was > of > the impression that the test was: > > if [ md5sum(new-conffile) = dpkg-status-md5 ] > # Do nothing; the maintainer did not update the conffile > else if [ md5sum(file-on-disk) = dpkg-status-md5 ] > # The maintainer changed the conffile, but the admin did not > install_new_file > echo "Installed new file" > else > # Both the admin and the maintainer changed it > conffile_prompt > endif > > This algo should hit the second case and display an informative message, but > not prompt. > > A possibly solution might be to > grep -v '^# $OpenBSD' |md5sum |sed All the logic above is in dpkg, not openssh, so hardcoding OpenBSD would make no sense. There is absolutely no way I'm going to edit /var/lib/dpkg/status from openssh's maintainer scripts, if that's what you're suggesting. > I note another case which could be added after the first, avoiding some > needless prompts: > > else if [ md5sum(file-on-disk) = md5sum(new-conffile) ] > # The admin may have changed the conffile, but the contents are identical > # to the maintainer's new version > install_new-conffile Perhaps you should look at dpkg/src/configure.c, which already contains such a test. if (!strcmp(currenthash,newdisthash)) { /* They're both the same so there's no point asking silly questions. */ useredited= -1; distedited= -1; what= cfo_identical; } Cheers, -- Colin Watson [EMAIL PROTECTED]
--- End Message ---
