Bug#689881: Ships a folder in /var/run or /var/lock (Policy Manual section 9.3.2)

[Thomas Goirand]

Package: bastille
Version: 3.0.9-13
Severity: serious
Tags: patch

Dear Maintainer,

Andreas Beckmann <deb...@abeckmann.de> reported in -devel that your package
(as well as 27 others) ships a folder either in /var/run or /var/lock. This
is forbidden by policy.

Lintian detects the problem and warns as follow:

/var/run may be a temporary filesystem, so any directories or files needed
/there must be created dynamically at boot time.

Refer to Debian Policy Manual section 9.3.2 (Writing the scripts) for
details.

Severity: serious, Certainty: possible
Check: files, Type: binary, udeb

which is why I am reporting this bug with severity serious (and there fore,
release critical).

Please fix your package. I have attached what I believe is a good fix the
problem, however, I haven't tried it, and I haven't tested if something more
for creating the necessary folder at runtime should be added. Please make
sure to test before applying the patch blindly.

Cheers,

Thomas Goirand (zigo)

diff -u bastille-3.0.9/debian/dirs bastille-3.0.9/debian/dirs
--- bastille-3.0.9/debian/dirs
+++ bastille-3.0.9/debian/dirs
@@ -9,7 +9,6 @@
 usr/share/Bastille
 usr/share/Bastille/OSMap
 usr/share/Bastille/Questions
-var/lock/bastille
 var/log/Bastille
 var/log/Bastille/revert
 var/log/Bastille/revert/backup
diff -u bastille-3.0.9/debian/bastille-firewall bastille-3.0.9/debian/bastille-firewall
--- bastille-3.0.9/debian/bastille-firewall
+++ bastille-3.0.9/debian/bastille-firewall
@@ -75,6 +75,7 @@
 [ ! -d /var/lock ] && mkdir -m 0755 /var/lock
 
 mkdir -m 0700 /var/lock/bastille-firewall 2>/dev/null
+mkdir -m 0700 /var/lock/bastille
 if [ $? -ne 0 ]; then
   if [ -n "${BASTILLE_FWALL_QUIET_FAIL}" ]; then exit 0; fi
   echo "ERROR: bastille-firewall currently being reset or lock is stuck."
diff -u bastille-3.0.9/debian/changelog bastille-3.0.9/debian/changelog
--- bastille-3.0.9/debian/changelog
+++ bastille-3.0.9/debian/changelog
@@ -1,3 +1,10 @@
+bastille (1:3.0.9-13.1) unstable; urgency=low
+
+  * Non-maintainer upload.
+  * Fixes (Closes: #XXXXXX).
+
+ -- Thomas Goirand <z...@debian.org>  Sun, 07 Oct 2012 10:18:29 +0000
+
 bastille (1:3.0.9-13) unstable; urgency=high
 
   * Bastille/Debian_API.pm: Fix bug in the permissions
diff -u bastille-3.0.9/debian/postrm bastille-3.0.9/debian/postrm
--- bastille-3.0.9/debian/postrm
+++ bastille-3.0.9/debian/postrm
@@ -23,6 +23,7 @@
 		do
 		     [ -f "$file" ] && rm -f $file
 		done
+		rm -rf /var/lock/bastille /var/lock/bastille-firewall
 	;;
 	remove|upgrade|failed-upgrade|abort-install|abort-upgrade|disappear)
 # Do nothing