Your message dated Wed, 14 Nov 2012 21:32:27 +0000 with message-id <e1tykzp-0005i9...@franck.debian.org> and subject line Bug#688377: fixed in ferm 2.1-3 has caused the Debian Bug report #688377, regarding ferm: modifies conffiles (policy 10.7.3): /etc/default/ferm to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 688377: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=688377 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: ferm Version: 2.1-2 Severity: serious Tags: squeeze-ignore User: debian...@lists.debian.org Usertags: piuparts Control: found -1 2.0.7-1 Hi, during a test with piuparts I noticed your package modifies conffiles. This is forbidden by the policy, see http://www.debian.org/doc/debian-policy/ch-files.html#s-config-files 10.7.3: "[...] The easy way to achieve this behavior is to make the configuration file a conffile. [...] This implies that the default version will be part of the package distribution, and must not be modified by the maintainer scripts during installation (or at any other time)." Note that once a package ships a modified version of that conffile, dpkg will prompt the user for an action how to handle the upgrade of this modified conffile (that was not modified by the user). Further in 10.7.3: "[...] must not ask unnecessary questions (particularly during upgrades) [...]" If a configuration file is customized by a maintainer script after having asked some debconf questions, it may not be marked as a conffile. Instead a template could be installed in /usr/share and used by the postinst script to fill in the custom values and create (or update) the configuration file (preserving any user modifications!). This file must be removed during postrm purge. ucf(1) may help with these tasks. See also http://wiki.debian.org/DpkgConffileHandling In https://lists.debian.org/debian-devel/2012/09/msg00412.html and followups it has been agreed that these bugs are to be filed with severity serious. debsums reports modification of the following files, from the attached log (scroll to the bottom...): /etc/default/ferm cheers, Andreas
ferm_2.1-2.log.gz
Description: GNU Zip compressed data
--- End Message ---
--- Begin Message ---Source: ferm Source-Version: 2.1-3 We believe that the bug you reported is fixed in the latest version of ferm, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 688...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Alexander Wirt <formo...@debian.org> (supplier of updated ferm package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Format: 1.8 Date: Wed, 14 Nov 2012 22:23:42 +0100 Source: ferm Binary: ferm Architecture: source all Version: 2.1-3 Distribution: unstable Urgency: low Maintainer: Alexander Wirt <formo...@debian.org> Changed-By: Alexander Wirt <formo...@debian.org> Description: ferm - maintain and setup complicated firewall rules Closes: 688377 Changes: ferm (2.1-3) unstable; urgency=low . [ Salvatore Bonaccorso ] * Fix "ferm: modifies conffiles (policy 10.7.3): /etc/default/ferm" (Closes: #688377) - Don't install ferm.default as conffile in /etc/default - Read /etc/default/ferm in ferm.config. If /etc/default/ferm exists and ENABLED= is present then store the value of ENABLED into debconf db. - Create /etc/default/ferm in postinst. Create /etc/default/ferm if it does not yet exists in postinst. Furthermore if the admin deleted or commented the ENABLED then (re-)add it to the configuration file in postinst. - Remove configuration file on purge in postrm script Checksums-Sha1: 253b3bdae580044f733f896dbb966354825ac8d2 1025 ferm_2.1-3.dsc b3456e6175df339b946f34568f252925e7872b7f 15348 ferm_2.1-3.diff.gz 5f49d55c7854f9ca064196261d73291f0fee8aa8 111132 ferm_2.1-3_all.deb Checksums-Sha256: 4c494efbb588853c1c803275551bd0b9f28a4f34dceebfba74b6146d5d00eb70 1025 ferm_2.1-3.dsc 0c238aab01e666088630eae6742296ce2f7b6e41e0d7b37f45c0d913faf2c0c3 15348 ferm_2.1-3.diff.gz 39b0beafa18f30337c24e9a7f887daf4f0c787bc17e17e1c415639ec61597c01 111132 ferm_2.1-3_all.deb Files: 8852cecb5ae487ed812844b328f88488 1025 net optional ferm_2.1-3.dsc 73192062f20084dc219910599722bc29 15348 net optional ferm_2.1-3.diff.gz bab1d897ed8d70d55da63d0098c60773 111132 net optional ferm_2.1-3_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlCkDHYACgkQ01u8mbx9AgqfCgCeOAmjTn8ZPgiy4OgLs22PxPWL D9sAniqqC1L3nQYDBB7s6lFHOLKlJ8eg =pODT -----END PGP SIGNATURE-----
--- End Message ---
