From ae04de0cb0a8b65548e009b4c3a03ba7f882e95a Mon Sep 17 00:00:00 2001 From: Colin Watson Date: Sat, 23 Dec 2006 18:35:21 +0000 Subject: * It turns out that the people who told me that removing a conffile in the preinst was sufficient to have dpkg replace it without prompting when moving a conffile between packages were very much mistaken. As far as I can tell, the only way to do this reliably is to write out the desired new text of the conffile in the preinst. This is gross, and requires shipping the text of all conffiles in the preinst too, but there's nothing for it. Fortunately this nonsense is only required for smooth upgrades from sarge. --- debian/changelog | 8 ++++++++ debian/openssh-client.preinst | 21 +++++++++++++++++++-- debian/openssh-server.preinst | 25 ++++++++++++++++++++++--- debian/rules | 9 +++++++++ debian/substitute-conffile.pl | 26 ++++++++++++++++++++++++++ 5 files changed, 84 insertions(+), 5 deletions(-) create mode 100644 debian/substitute-conffile.pl (limited to 'debian') diff --git a/debian/changelog b/debian/changelog index 6a30e56f0..1a684c7fa 100644 --- a/debian/changelog +++ b/debian/changelog @@ -12,6 +12,14 @@ openssh (1:4.3p2-8) UNRELEASED; urgency=medium GSSAPICleanupCredentials. Mark GSSUseSessionCCache and GSSAPIUseSessionCredCache as known-but-unsupported options, and migrate away from them on upgrade. + * It turns out that the people who told me that removing a conffile in the + preinst was sufficient to have dpkg replace it without prompting when + moving a conffile between packages were very much mistaken. As far as I + can tell, the only way to do this reliably is to write out the desired + new text of the conffile in the preinst. This is gross, and requires + shipping the text of all conffiles in the preinst too, but there's + nothing for it. Fortunately this nonsense is only required for smooth + upgrades from sarge. * debconf template translations: - Add Romanian (thanks, Stan Ioan-Eugen; closes: #403528). diff --git a/debian/openssh-client.preinst b/debian/openssh-client.preinst index 0e200712e..9cf29dfba 100644 --- a/debian/openssh-client.preinst +++ b/debian/openssh-client.preinst @@ -1,17 +1,34 @@ #! /bin/sh -e +ETC_SSH_MODULI=@ETC_SSH_MODULI@ + +ETC_SSH_SSH_CONFIG=@ETC_SSH_SSH_CONFIG@ + action="$1" version="$2" prepare_transfer_conffile () { CONFFILE="$1" + TEXT="$2" + MODE="$3" [ -e "$CONFFILE" ] || return 0 md5sum="$(md5sum "$CONFFILE" |sed -e 's/ .*//')" old_md5sum="$(sed -n -e "/^Conffiles:/,/^[^ ]/{\\' $CONFFILE'{s/^ [^ ]* //;s/ .*//;p}}" /var/lib/dpkg/status)" if [ "$md5sum" = "$old_md5sum" ]; then echo >&2 "Transferring ownership of conffile $CONFFILE ..." + # We have to write out the desired new text of the conffile, + # which is tricky in the preinst, hence the nasty way we + # have to hardcode the text here. Fortunately, this is only + # necessary with sarge's dpkg and older. + if echo "$TEXT" | head -n1 | grep -q '^@.*@$'; then + echo >&2 'Unsubstituted conffile text! Please report this bug.' + exit 1 + fi + printf '%s' "$TEXT" >"$CONFFILE.dpkg-new" + chmod "$MODE" "$CONFFILE.dpkg-new" mv -f "$CONFFILE" "$CONFFILE.moved-by-preinst" + mv -f "$CONFFILE.dpkg-new" "$CONFFILE" return 0 fi } @@ -19,8 +36,8 @@ prepare_transfer_conffile () { case $action in install|upgrade) if dpkg --compare-versions "$version" lt 0; then - prepare_transfer_conffile /etc/ssh/moduli - prepare_transfer_conffile /etc/ssh/ssh_config + prepare_transfer_conffile /etc/ssh/moduli "$ETC_SSH_MODULI" 0644 + prepare_transfer_conffile /etc/ssh/ssh_config "$ETC_SSH_SSH_CONFIG" 0644 fi ;; esac diff --git a/debian/openssh-server.preinst b/debian/openssh-server.preinst index a5c507bd4..2c2e2687c 100644 --- a/debian/openssh-server.preinst +++ b/debian/openssh-server.preinst @@ -1,17 +1,36 @@ #!/bin/sh -e +ETC_DEFAULT_SSH=@ETC_DEFAULT_SSH@ + +ETC_INIT_D_SSH=@ETC_INIT_D_SSH@ + +ETC_PAM_D_SSH=@ETC_PAM_D_SSH@ + action=$1 version=$2 prepare_transfer_conffile () { CONFFILE="$1" + TEXT="$2" + MODE="$3" [ -e "$CONFFILE" ] || return 0 md5sum="$(md5sum "$CONFFILE" |sed -e 's/ .*//')" old_md5sum="$(sed -n -e "/^Conffiles:/,/^[^ ]/{\\' $CONFFILE'{s/^ [^ ]* //;s/ .*//;p}}" /var/lib/dpkg/status)" if [ "$md5sum" = "$old_md5sum" ]; then echo >&2 "Transferring ownership of conffile $CONFFILE ..." + # We have to write out the desired new text of the conffile, + # which is tricky in the preinst, hence the nasty way we + # have to hardcode the text here. Fortunately, this is only + # necessary with sarge's dpkg and older. + if echo "$TEXT" | head -n1 | grep -q '^@.*@$'; then + echo >&2 'Unsubstituted conffile text! Please report this bug.' + exit 1 + fi + printf '%s' "$TEXT" >"$CONFFILE.dpkg-new" + chmod "$MODE" "$CONFFILE.dpkg-new" mv -f "$CONFFILE" "$CONFFILE.moved-by-preinst" + mv -f "$CONFFILE.dpkg-new" "$CONFFILE" return 0 fi } @@ -92,9 +111,9 @@ EOF fi if dpkg --compare-versions "$version" lt 0; then - prepare_transfer_conffile /etc/default/ssh - prepare_transfer_conffile /etc/init.d/ssh - prepare_transfer_conffile /etc/pam.d/ssh + prepare_transfer_conffile /etc/default/ssh "$ETC_DEFAULT_SSH" 0644 + prepare_transfer_conffile /etc/init.d/ssh "$ETC_INIT_D_SSH" 0755 + prepare_transfer_conffile /etc/pam.d/ssh "$ETC_PAM_D_SSH" 0644 fi fi diff --git a/debian/rules b/debian/rules index 4d9269666..fdef12dcf 100755 --- a/debian/rules +++ b/debian/rules @@ -195,6 +195,10 @@ binary-openssh-client: build install dh_installdeb test ! -e debian/ssh/etc/ssh/ssh_prng_cmds \ || echo "/etc/ssh/ssh_prng_cmds" >> debian/openssh-client/DEBIAN/conffiles + perl -i debian/substitute-conffile.pl \ + ETC_SSH_MODULI debian/openssh-client/etc/ssh/moduli \ + ETC_SSH_SSH_CONFIG debian/openssh-client/etc/ssh/ssh_config \ + debian/openssh-client/DEBIAN/preinst dh_shlibdeps dh_gencontrol -- -V'debconf-depends=debconf (>= $(MINDEBCONFVER)) | debconf-2.0' dh_md5sums @@ -229,6 +233,11 @@ endif dh_compress dh_fixperms dh_installdeb + perl -i debian/substitute-conffile.pl \ + ETC_DEFAULT_SSH debian/openssh-server/etc/default/ssh \ + ETC_INIT_D_SSH debian/openssh-server/etc/init.d/ssh \ + ETC_PAM_D_SSH debian/openssh-server/etc/pam.d/ssh \ + debian/openssh-server/DEBIAN/preinst dh_shlibdeps dh_gencontrol -- -V'debconf-depends=debconf (>= $(MINDEBCONFVER)) | debconf-2.0' \ -V'pam-depends=$(PAMDEP)' diff --git a/debian/substitute-conffile.pl b/debian/substitute-conffile.pl new file mode 100644 index 000000000..7dd23363e --- /dev/null +++ b/debian/substitute-conffile.pl @@ -0,0 +1,26 @@ +#! /usr/bin/perl -p + +# This is needed for a nasty preinst hack to work around a bug in sarge's +# version of dpkg. It substitutes the literal text of conffiles into preinst +# scripts so that they can be used when moving conffiles between packages. + +BEGIN { + %texts = (); + while (@ARGV > 1) { + my $name = $ARGV[0]; + shift; + local *FILE; + open FILE, '<', $ARGV[0]; + local $/ = undef; + my $text = ; + close FILE; + # Quote for the shell. + $text =~ s/'/'\\''/g; + shift; + $texts{$name} = $text; + } +} + +for my $name (keys %texts) { + s/\@$name\@/'$texts{$name}'/g; +} -- cgit v1.2.3