Bug#1040355: ntpdate: obsolete conffiles

[Richard Laager]

Fix pending as:
https://salsa.debian.org/debian/ntpsec/-/commit/ed7cf69b3c7ec6cc21a604e47fbf6ee9a9966117

Feedback welcome!

1. I brought back some of the (manual) postrm bits for the ntp &
   ntpdate packages.  This was something I should have preserved when
   making the transitional packages.

   ntpsec.service has ntp.service as an alias, so we do not mask
   ntp.service.

   I did not bring back the apparmor bits, as the apparmor profile
   still exists in the ntpsec package.

   I did not bring back the /etc/network/if-up.d/ntpdate removal in
   ntpdate, as that was conditionalized on 1:4.2.8p12+dfsg-2~, so that
   transition was completed in buster.

2. sntp needs to cleanup /var/lib/sntp because of /var/lib/sntp/kod.
   This seems to be a pre-existing bug in the ntp package.  (Though, if
   it wasn't, I still would have missed it with everything else.)

3. The obsolete ntp & ntpdate conffiles need to be cleaned up.  For
   most, this is accomplished by listing them in PACKAGE.conffiles with
   the "remove-on-upgrade" flag.

4. For /etc/default/ntp and /etc/ntp.conf, which are handled special in
   ntpsec.preinst, I'm not sure if the "remove-on-upgrade" functionality
   would even work; it seems like it would remove them too soon.

   The dpkg-maintscript-helper rm_conffile support seemed problematic
   too...

   If I run that in the ntpsec scripts (so I can get it to happen after
   the special handling), I don't think it would work, as it checks that
   the package in question owns the files, and in the ntp -> ntpsec
   case, it does not.

   If I run that in the ntp scripts, then it would run too early, so
   I'd need to make ntpsec.preinst look at some backup file.  I'm not
   sure how much ordering is guaranteed between the ntp and ntpsec
   maintainer scripts, so I might have to look at both the .dpkg-backup
   and .dpkg-bak versions.  It's also not clear to me whether I should
   care about the original name.

   Given that this already released in this state and I'm going to need
   a stable release update to fix this, it seems I should be
   conservative.  Policy 10.7.3 says I "should" remove these during
   upgrade, not that I "must".

   Ultimately, I am leaving these two files alone during the upgrade
   and removing them on purge of the ntp transitional package.

--
Richard



OpenPGP_signature
Description: OpenPGP digital signature

Bug#1040355: ntpdate: obsolete conffiles

[Sean Whitton]

Package: ntpdate
Version: 1:4.2.8p15+dfsg-2~1.2.2+dfsg1-1

Dear maintainer,

The upgrade from bullseye to bookworm leaves behind obsolete conffiles:

spwhitton@melete:~>dpkg-query -W -f='${Conffiles}\n' ntpdate | grep 
obsolete$
 /etc/logcheck/ignore.d.server/ntpdate 68d4df7cceb0e97bde87126c3a56b219 
obsolete
 /etc/dhcp/dhclient-exit-hooks.d/ntpdate cb47fd9d3e21a204fb3ba4ca3fc8ab46 
obsolete
 /etc/default/ntpdate 71d857cae72ae1f53380ea4f2e38cb2e obsolete

Please call dpkg-maintscript-helper (probably as arranged by
dh_installdeb) to remove the conffile on upgrade, per Policy 10.7.3.

-- 
Sean Whitton


signature.asc
Description: PGP signature