Your message dated Sun, 28 Oct 2012 16:47:25 +0000 with message-id <e1tsw1f-0005tv...@franck.debian.org> and subject line Bug#688891: fixed in psad 2.2-3 has caused the Debian Bug report #688891, regarding psad: modifies conffiles (policy 10.7.3): /etc/psad/psad.conf to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 688891: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688891 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: psad Version: 2.2-2 Severity: serious Tags: squeeze-ignore User: debian...@lists.debian.org Usertags: piuparts Control: found -1 2.1.7-1 Hi, during a test with piuparts I noticed your package modifies conffiles. This is forbidden by the policy, see http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files 10.7.3: "[...] The easy way to achieve this behavior is to make the configuration file a conffile. [...] This implies that the default version will be part of the package distribution, and must not be modified by the maintainer scripts during installation (or at any other time)." Note that once a package ships a modified version of that conffile, dpkg will prompt the user for an action how to handle the upgrade of this modified conffile (that was not modified by the user). Further in 10.7.3: "[...] must not ask unnecessary questions (particularly during upgrades) [...]" If a configuration file is customized by a maintainer script after having asked some debconf questions, it may not be marked as a conffile. Instead a template could be installed in /usr/share and used by the postinst script to fill in the custom values and create (or update) the configuration file (preserving any user modifications!). This file must be removed during postrm purge. ucf(1) may help with these tasks. See also http://wiki.debian.org/DpkgConffileHandling In https://lists.debian.org/debian-devel/2012/09/msg00412.html and followups it has been agreed that these bugs are to be filed with severity serious. debsums reports modification of the following files, from the attached log (scroll to the bottom...): /etc/psad/psad.conf cheers, Andreas
psad_2.2-2.log.gz
Description: GNU Zip compressed data
--- End Message ---
--- Begin Message ---Source: psad Source-Version: 2.2-3 We believe that the bug you reported is fixed in the latest version of psad, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 688...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Franck Joncourt <fra...@debian.org> (supplier of updated psad package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Sun, 28 Oct 2012 15:47:04 +0100 Source: psad Binary: psad Architecture: source amd64 Version: 2.2-3 Distribution: unstable Urgency: low Maintainer: Franck Joncourt <fra...@debian.org> Changed-By: Franck Joncourt <fra...@debian.org> Description: psad - Port Scan Attack Detector Closes: 688891 Changes: psad (2.2-3) unstable; urgency=low . * Fix "modifies conffiles (policy 10.7.3): /etc/psad/psad.conf" (Closes: #688891). Thanks gregoa to help me fix this. - Reverted the changes from 2.2-2 in d.psad.preinst. - Removed the d.psad.postinst script which updated the HOSTNAME variable from psad.conf. The psad daemon can start without the default value in psad.conf (_CHANGEME_). * Removed the /var/run/psad directory in d.psad.postrm when purging the package. Checksums-Sha1: c03f7b87abaa1781709bc16abe0a1cc3cc7c897c 1184 psad_2.2-3.dsc c2dee269b6a5d628ea2107d655ea66fd7f26f446 12554 psad_2.2-3.debian.tar.gz e1663cdeacc671737cbe6e9fa835506977389a16 198252 psad_2.2-3_amd64.deb Checksums-Sha256: 9c582c3e80b5bc790721b6a7a5555ffefd4f3427cdfea9a9bd20927d75b3614d 1184 psad_2.2-3.dsc 5ad0a40b2a1ac5027b1c0a8724cd2316ee3e78a02e0865cceacc3258f38abe1c 12554 psad_2.2-3.debian.tar.gz 65d827db04948a43ac126d5419f948df5a44ff7d978b9e1485c88029e196f2d6 198252 psad_2.2-3_amd64.deb Files: e8e9a9e30294a25c6897b4b537b963a6 1184 admin optional psad_2.2-3.dsc f771af9e8add67ba7601195b6dd455a6 12554 admin optional psad_2.2-3.debian.tar.gz e2efbfabe5c3a0b536105dbd9ed525a2 198252 admin optional psad_2.2-3_amd64.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlCNYR4ACgkQxJBTTnXAif4wzQCePlc9VTD8wgmsJ2Oi97uVaRMt DwcAoLAVbR247/KZeiP/GrQvRyNUuZg4 =kMcz -----END PGP SIGNATURE-----
--- End Message ---
