Package: popa3d
Version: 1.0.3-1
Severity: serious
Tags: patch
Dear Maintainer,
The postinst script currently directly calls into the init script,
while Debian Policy mandate that all interactions from maintainer
scripts should happen via the policy helpers invoke-rc.d, et.al.
https://www.debian.org/doc/debian-policy/ch-opersys.html#running-init-scripts
For your convenience I've attached a patch that should fix this,
however notice that I have *not* tested it!
Bonus list of things you might want to consider looking at "while you're
in there" (some of these might be policy violations of their own, some
not):
* update_defaults is always called, should likely only be called
when package is reconfigured or initially configured.
Sysadms can make changes to the configuration, doesn't
need to use dpkg-reconfigure / debconf, and loosing their config
on package upgrades is critical severity because of data loss.
https://www.debian.org/doc/debian-policy/ap-flowcharts.html
https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#details-of-configuration
https://www.debian.org/doc/debian-policy/ch-files.html#behavior
https://www.debian.org/Bugs/Developer#severities
* update_defaults modifies conffiles in a non-policy compliant way.
consider using the ucf tool for installing changed /etc/default/popa3d
Using ucf will both prompt on changes and save a backup of the old
file, as required.
* tempfile command has no cleanup (see trap example in man tempfile).
* Attempt to catch $? and conditionally exit on error, but the script
already uses `set -e` so any command returning error will abort the
script immediately. Was this ever tested?
* "WARNING: tempfile is deprecated; consider using mktemp instead."
* "# /var/lib/popa3d should be created by package" well it's /var
so don't trust it to be unchanged. Should probably wrap the
chmod/chown commands in an `if test -d /var/lib/popa3d ; then`.
Regards,
Andreas Henriksson
diff --git a/debian/postinst b/debian/postinst
index 75e32aa..4b27350 100644
--- a/debian/postinst
+++ b/debian/postinst
@@ -17,7 +17,9 @@ update_defaults()
update-inetd --pattern "popa3d" --remove pop3
else
RUN_STANDALONE="no"
- pidof popa3d && /etc/init.d/popa3d stop
+ if invoke-rc.d --quiet popa3d status > /dev/null 2>&1 ; then
+ invoke-rc.d popa3d stop
+ fi
# Add service to /etc/inetd.conf
update-inetd --group MAIL --add 'pop3\t\tstream\ttcp\tnowait\troot\t/usr/sbin/tcpd\t/usr/sbin/popa3d'
fi
