Package: wims-lti Version: 0.4.4-3 Severity: serious User: debian...@lists.debian.org Usertags: piuparts
Hi, during a test with piuparts I noticed your package modifies conffiles. This is forbidden by the policy, see https://www.debian.org/doc/debian-policy/ch-files.html#configuration-files 10.7.3: "[...] The easy way to achieve this behavior is to make the configuration file a conffile. [...] This implies that the default version will be part of the package distribution, and must not be modified by the maintainer scripts during installation (or at any other time)." Note that once a package ships a modified version of that conffile, dpkg will prompt the user for an action how to handle the upgrade of this modified conffile (that was not modified by the user). Further in 10.7.3: "[...] must not ask unnecessary questions (particularly during upgrades) [...]" If a configuration file is customized by a maintainer script after having asked some debconf questions, it may not be marked as a conffile. Instead a template could be installed in /usr/share and used by the postinst script to fill in the custom values and create (or update) the configuration file (preserving any user modifications!). This file must be removed during postrm purge. ucf(1) may help with these tasks. See also https://wiki.debian.org/DpkgConffileHandling In https://lists.debian.org/debian-devel/2012/09/msg00412.html and followups it has been agreed that these bugs are to be filed with severity serious. debsums reports modification of the following files, from the attached log (scroll to the bottom...): 0m37.1s ERROR: FAIL: debsums reports modifications inside the chroot: /etc/apache2/sites-available/wims-lti-django.conf-dist The diff from the shipped to the installed version is ===== @@ -5,7 +5,7 @@ <VirtualHost *:80> DocumentRoot "/var/lib/wims-lti" - ServerName SERVERNAME + ServerName Alias /static/ /var/lib/wims-lti/collected_static/ <Directory /var/lib/wims-lti/collected_static> ===== What is happening in postinst? ===== ## create the distribution's configuration for Apache sed -i "s/SERVERNAME/$virtualHost/" $apacheConfDist ## copy it to Apache configuration if the file does not exist [ -f $apacheConf ] || cp $apacheConfDist $apacheConf ===== You probably want to use ucf here ... the following is completely untested: * ship the template as /usr/share/wims-lti/wims-lti-django.conf-dist * depend on ucf * update the maintainer scripts: ===== postinst configure ===== apacheConfDist=/usr/share/wims-lti/wims-lti-django.conf-dist sed "s/SERVERNAME/$virtualHost/" $apacheConfDist > $apacheConf.new ucf --debconf-ok $apacheConf.new $apacheConf rm -f $apacheConf.new ucfr $DPKG_MAINTSCRIPT_PACKAGE $apacheConf ===== ===== ===== postrm purge ===== apacheConf=/etc/apache2/sites-available/wims-lti-django.conf rm -f $apacheConf if which ucf >/dev/null; then ucf --purge $apacheConf fi if which ucfr >/dev/null; then ucfr --purge $DPKG_MAINTSCRIPT_PACKAGE $apacheConf fi ===== ===== * get rid of /etc/apache2/sites-available/wims-lti-django.conf-dist ===== preinst, before #DEBHELPER# ===== if [ "$1" = "upgrade" ] && dpkg --compare-versions "$2" lt-nl "0.4.4-4~" ; then if [ -f /etc/apache2/sites-available/wims-lti-django.conf-dist ]; then # undo modifications s.t. it can be removed by dpkg-maintscript-helper sed -i 's/ServerName .*/ServerName SERVERNAME/' /etc/apache2/sites-available/wims-lti-django.conf-dist fi fi ===== ===== ===== debian/wims-lti.maintscript ===== rm_conffile /etc/apache2/sites-available/wims-lti-django.conf-dist 0.4.4-4~ ===== ===== cheers, Andreas
wims-lti_0.4.4-3.log.gz
Description: application/gzip
