diff options
| -rw-r--r-- | debian/changelog | 8 | ||||
| -rw-r--r-- | debian/openssh-client.preinst | 21 | ||||
| -rw-r--r-- | debian/openssh-server.preinst | 25 | ||||
| -rwxr-xr-x | debian/rules | 9 | ||||
| -rw-r--r-- | debian/substitute-conffile.pl | 26 |
5 files changed, 84 insertions, 5 deletions
diff --git a/debian/changelog b/debian/changelog index 6a30e56f0..1a684c7fa 100644 --- a/debian/changelog +++ b/debian/changelog | |||
| @@ -12,6 +12,14 @@ openssh (1:4.3p2-8) UNRELEASED; urgency=medium | |||
| 12 | GSSAPICleanupCredentials. Mark GSSUseSessionCCache and | 12 | GSSAPICleanupCredentials. Mark GSSUseSessionCCache and |
| 13 | GSSAPIUseSessionCredCache as known-but-unsupported options, and migrate | 13 | GSSAPIUseSessionCredCache as known-but-unsupported options, and migrate |
| 14 | away from them on upgrade. | 14 | away from them on upgrade. |
| 15 | * It turns out that the people who told me that removing a conffile in the | ||
| 16 | preinst was sufficient to have dpkg replace it without prompting when | ||
| 17 | moving a conffile between packages were very much mistaken. As far as I | ||
| 18 | can tell, the only way to do this reliably is to write out the desired | ||
| 19 | new text of the conffile in the preinst. This is gross, and requires | ||
| 20 | shipping the text of all conffiles in the preinst too, but there's | ||
| 21 | nothing for it. Fortunately this nonsense is only required for smooth | ||
| 22 | upgrades from sarge. | ||
| 15 | * debconf template translations: | 23 | * debconf template translations: |
| 16 | - Add Romanian (thanks, Stan Ioan-Eugen; closes: #403528). | 24 | - Add Romanian (thanks, Stan Ioan-Eugen; closes: #403528). |
| 17 | 25 | ||
diff --git a/debian/openssh-client.preinst b/debian/openssh-client.preinst index 0e200712e..9cf29dfba 100644 --- a/debian/openssh-client.preinst +++ b/debian/openssh-client.preinst | |||
| @@ -1,17 +1,34 @@ | |||
| 1 | #! /bin/sh -e | 1 | #! /bin/sh -e |
| 2 | 2 | ||
| 3 | ETC_SSH_MODULI=@ETC_SSH_MODULI@ | ||
| 4 | |||
| 5 | ETC_SSH_SSH_CONFIG=@ETC_SSH_SSH_CONFIG@ | ||
| 6 | |||
| 3 | action="$1" | 7 | action="$1" |
| 4 | version="$2" | 8 | version="$2" |
| 5 | 9 | ||
| 6 | prepare_transfer_conffile () { | 10 | prepare_transfer_conffile () { |
| 7 | CONFFILE="$1" | 11 | CONFFILE="$1" |
| 12 | TEXT="$2" | ||
| 13 | MODE="$3" | ||
| 8 | [ -e "$CONFFILE" ] || return 0 | 14 | [ -e "$CONFFILE" ] || return 0 |
| 9 | 15 | ||
| 10 | md5sum="$(md5sum "$CONFFILE" |sed -e 's/ .*//')" | 16 | md5sum="$(md5sum "$CONFFILE" |sed -e 's/ .*//')" |
| 11 | old_md5sum="$(sed -n -e "/^Conffiles:/,/^[^ ]/{\\' $CONFFILE'{s/^ [^ ]* //;s/ .*//;p}}" /var/lib/dpkg/status)" | 17 | old_md5sum="$(sed -n -e "/^Conffiles:/,/^[^ ]/{\\' $CONFFILE'{s/^ [^ ]* //;s/ .*//;p}}" /var/lib/dpkg/status)" |
| 12 | if [ "$md5sum" = "$old_md5sum" ]; then | 18 | if [ "$md5sum" = "$old_md5sum" ]; then |
| 13 | echo >&2 "Transferring ownership of conffile $CONFFILE ..." | 19 | echo >&2 "Transferring ownership of conffile $CONFFILE ..." |
| 20 | # We have to write out the desired new text of the conffile, | ||
| 21 | # which is tricky in the preinst, hence the nasty way we | ||
| 22 | # have to hardcode the text here. Fortunately, this is only | ||
| 23 | # necessary with sarge's dpkg and older. | ||
| 24 | if echo "$TEXT" | head -n1 | grep -q '^@.*@$'; then | ||
| 25 | echo >&2 'Unsubstituted conffile text! Please report this bug.' | ||
| 26 | exit 1 | ||
| 27 | fi | ||
| 28 | printf '%s' "$TEXT" >"$CONFFILE.dpkg-new" | ||
| 29 | chmod "$MODE" "$CONFFILE.dpkg-new" | ||
| 14 | mv -f "$CONFFILE" "$CONFFILE.moved-by-preinst" | 30 | mv -f "$CONFFILE" "$CONFFILE.moved-by-preinst" |
| 31 | mv -f "$CONFFILE.dpkg-new" "$CONFFILE" | ||
| 15 | return 0 | 32 | return 0 |
| 16 | fi | 33 | fi |
| 17 | } | 34 | } |
| @@ -19,8 +36,8 @@ prepare_transfer_conffile () { | |||
| 19 | case $action in | 36 | case $action in |
| 20 | install|upgrade) | 37 | install|upgrade) |
| 21 | if dpkg --compare-versions "$version" lt 0; then | 38 | if dpkg --compare-versions "$version" lt 0; then |
| 22 | prepare_transfer_conffile /etc/ssh/moduli | 39 | prepare_transfer_conffile /etc/ssh/moduli "$ETC_SSH_MODULI" 0644 |
| 23 | prepare_transfer_conffile /etc/ssh/ssh_config | 40 | prepare_transfer_conffile /etc/ssh/ssh_config "$ETC_SSH_SSH_CONFIG" 0644 |
| 24 | fi | 41 | fi |
| 25 | ;; | 42 | ;; |
| 26 | esac | 43 | esac |
diff --git a/debian/openssh-server.preinst b/debian/openssh-server.preinst index a5c507bd4..2c2e2687c 100644 --- a/debian/openssh-server.preinst +++ b/debian/openssh-server.preinst | |||
| @@ -1,17 +1,36 @@ | |||
| 1 | #!/bin/sh -e | 1 | #!/bin/sh -e |
| 2 | 2 | ||
| 3 | ETC_DEFAULT_SSH=@ETC_DEFAULT_SSH@ | ||
| 4 | |||
| 5 | ETC_INIT_D_SSH=@ETC_INIT_D_SSH@ | ||
| 6 | |||
| 7 | ETC_PAM_D_SSH=@ETC_PAM_D_SSH@ | ||
| 8 | |||
| 3 | action=$1 | 9 | action=$1 |
| 4 | version=$2 | 10 | version=$2 |
| 5 | 11 | ||
| 6 | prepare_transfer_conffile () { | 12 | prepare_transfer_conffile () { |
| 7 | CONFFILE="$1" | 13 | CONFFILE="$1" |
| 14 | TEXT="$2" | ||
| 15 | MODE="$3" | ||
| 8 | [ -e "$CONFFILE" ] || return 0 | 16 | [ -e "$CONFFILE" ] || return 0 |
| 9 | 17 | ||
| 10 | md5sum="$(md5sum "$CONFFILE" |sed -e 's/ .*//')" | 18 | md5sum="$(md5sum "$CONFFILE" |sed -e 's/ .*//')" |
| 11 | old_md5sum="$(sed -n -e "/^Conffiles:/,/^[^ ]/{\\' $CONFFILE'{s/^ [^ ]* //;s/ .*//;p}}" /var/lib/dpkg/status)" | 19 | old_md5sum="$(sed -n -e "/^Conffiles:/,/^[^ ]/{\\' $CONFFILE'{s/^ [^ ]* //;s/ .*//;p}}" /var/lib/dpkg/status)" |
| 12 | if [ "$md5sum" = "$old_md5sum" ]; then | 20 | if [ "$md5sum" = "$old_md5sum" ]; then |
| 13 | echo >&2 "Transferring ownership of conffile $CONFFILE ..." | 21 | echo >&2 "Transferring ownership of conffile $CONFFILE ..." |
| 22 | # We have to write out the desired new text of the conffile, | ||
| 23 | # which is tricky in the preinst, hence the nasty way we | ||
| 24 | # have to hardcode the text here. Fortunately, this is only | ||
| 25 | # necessary with sarge's dpkg and older. | ||
| 26 | if echo "$TEXT" | head -n1 | grep -q '^@.*@$'; then | ||
| 27 | echo >&2 'Unsubstituted conffile text! Please report this bug.' | ||
| 28 | exit 1 | ||
| 29 | fi | ||
| 30 | printf '%s' "$TEXT" >"$CONFFILE.dpkg-new" | ||
| 31 | chmod "$MODE" "$CONFFILE.dpkg-new" | ||
| 14 | mv -f "$CONFFILE" "$CONFFILE.moved-by-preinst" | 32 | mv -f "$CONFFILE" "$CONFFILE.moved-by-preinst" |
| 33 | mv -f "$CONFFILE.dpkg-new" "$CONFFILE" | ||
| 15 | return 0 | 34 | return 0 |
| 16 | fi | 35 | fi |
| 17 | } | 36 | } |
| @@ -92,9 +111,9 @@ EOF | |||
| 92 | fi | 111 | fi |
| 93 | 112 | ||
| 94 | if dpkg --compare-versions "$version" lt 0; then | 113 | if dpkg --compare-versions "$version" lt 0; then |
| 95 | prepare_transfer_conffile /etc/default/ssh | 114 | prepare_transfer_conffile /etc/default/ssh "$ETC_DEFAULT_SSH" 0644 |
| 96 | prepare_transfer_conffile /etc/init.d/ssh | 115 | prepare_transfer_conffile /etc/init.d/ssh "$ETC_INIT_D_SSH" 0755 |
| 97 | prepare_transfer_conffile /etc/pam.d/ssh | 116 | prepare_transfer_conffile /etc/pam.d/ssh "$ETC_PAM_D_SSH" 0644 |
| 98 | fi | 117 | fi |
| 99 | fi | 118 | fi |
| 100 | 119 | ||
diff --git a/debian/rules b/debian/rules index 4d9269666..fdef12dcf 100755 --- a/debian/rules +++ b/debian/rules | |||
| @@ -195,6 +195,10 @@ binary-openssh-client: build install | |||
| 195 | dh_installdeb | 195 | dh_installdeb |
| 196 | test ! -e debian/ssh/etc/ssh/ssh_prng_cmds \ | 196 | test ! -e debian/ssh/etc/ssh/ssh_prng_cmds \ |
| 197 | || echo "/etc/ssh/ssh_prng_cmds" >> debian/openssh-client/DEBIAN/conffiles | 197 | || echo "/etc/ssh/ssh_prng_cmds" >> debian/openssh-client/DEBIAN/conffiles |
| 198 | perl -i debian/substitute-conffile.pl \ | ||
| 199 | ETC_SSH_MODULI debian/openssh-client/etc/ssh/moduli \ | ||
| 200 | ETC_SSH_SSH_CONFIG debian/openssh-client/etc/ssh/ssh_config \ | ||
| 201 | debian/openssh-client/DEBIAN/preinst | ||
| 198 | dh_shlibdeps | 202 | dh_shlibdeps |
| 199 | dh_gencontrol -- -V'debconf-depends=debconf (>= $(MINDEBCONFVER)) | debconf-2.0' | 203 | dh_gencontrol -- -V'debconf-depends=debconf (>= $(MINDEBCONFVER)) | debconf-2.0' |
| 200 | dh_md5sums | 204 | dh_md5sums |
| @@ -229,6 +233,11 @@ endif | |||
| 229 | dh_compress | 233 | dh_compress |
| 230 | dh_fixperms | 234 | dh_fixperms |
| 231 | dh_installdeb | 235 | dh_installdeb |
| 236 | perl -i debian/substitute-conffile.pl \ | ||
| 237 | ETC_DEFAULT_SSH debian/openssh-server/etc/default/ssh \ | ||
| 238 | ETC_INIT_D_SSH debian/openssh-server/etc/init.d/ssh \ | ||
| 239 | ETC_PAM_D_SSH debian/openssh-server/etc/pam.d/ssh \ | ||
| 240 | debian/openssh-server/DEBIAN/preinst | ||
| 232 | dh_shlibdeps | 241 | dh_shlibdeps |
| 233 | dh_gencontrol -- -V'debconf-depends=debconf (>= $(MINDEBCONFVER)) | debconf-2.0' \ | 242 | dh_gencontrol -- -V'debconf-depends=debconf (>= $(MINDEBCONFVER)) | debconf-2.0' \ |
| 234 | -V'pam-depends=$(PAMDEP)' | 243 | -V'pam-depends=$(PAMDEP)' |
diff --git a/debian/substitute-conffile.pl b/debian/substitute-conffile.pl new file mode 100644 index 000000000..7dd23363e --- /dev/null +++ b/debian/substitute-conffile.pl | |||
| @@ -0,0 +1,26 @@ | |||
| 1 | #! /usr/bin/perl -p | ||
| 2 | |||
| 3 | # This is needed for a nasty preinst hack to work around a bug in sarge's | ||
| 4 | # version of dpkg. It substitutes the literal text of conffiles into preinst | ||
| 5 | # scripts so that they can be used when moving conffiles between packages. | ||
| 6 | |||
| 7 | BEGIN { | ||
| 8 | %texts = (); | ||
| 9 | while (@ARGV > 1) { | ||
| 10 | my $name = $ARGV[0]; | ||
| 11 | shift; | ||
| 12 | local *FILE; | ||
| 13 | open FILE, '<', $ARGV[0]; | ||
| 14 | local $/ = undef; | ||
| 15 | my $text = <FILE>; | ||
| 16 | close FILE; | ||
| 17 | # Quote for the shell. | ||
| 18 | $text =~ s/'/'\\''/g; | ||
| 19 | shift; | ||
| 20 | $texts{$name} = $text; | ||
| 21 | } | ||
| 22 | } | ||
| 23 | |||
| 24 | for my $name (keys %texts) { | ||
| 25 | s/\@$name\@/'$texts{$name}'/g; | ||
| 26 | } | ||