Hi! * Alexander Reichle-Schmehl <toli...@debian.org> [101208 10:37]:
> It seems that upon installation of snort-pgsql or snort-mysql
> /etc/snort/snort.conf is changed. As this file actually belongs to
> snort-common, upgrade of that package fails.
>
> So, to solve this bug, snort-common should remove these entries in it's
> preinst, while snort-pgsql and snort-mysql add their configuration
> snippets in a policy conform way.
Huh, it seems that was easier than thought. Attached is a preview for a
patch, which splits the database related configuration of into a
/etc/snort/database.conf, removing it from /etc/snort/snort.conf, which
in turn isn't changed anymore, allowing snort-common to be succesfully
upgraded from previous versions.
The only part missing would to make sure, snort-{mysql,pgsql} write into
the new file instead of the old one, and purge the new file. But the
main part taking care of this bug can already be reviewed if someone
likes to do so ;)
Best Regards,
Alexander
diff -u snort-2.8.5.2/etc/snort.conf snort-2.8.5.2/etc/snort.conf --- snort-2.8.5.2/etc/snort.conf +++ snort-2.8.5.2/etc/snort.conf @@ -701,16 +701,8 @@ # output database: log, odbc, user=snort dbname=snort # output database: log, mssql, dbname=snort user=snort password=test # output database: log, oracle, dbname=snort user=snort password=test -# <debian> -# Keep your paws off of these (#DBSTART#) and (#DBEND#) tokens -# or you *will* break the configure process (snort-pgsql/snort-mysql only) -# Anything you put between them will be removed on (re)configure. -# -# (#DBSTART#) -# (#DBEND#) -# -# </debian> # +include database.conf # unified: Snort unified binary format alerting and logging diff -u snort-2.8.5.2/debian/changelog snort-2.8.5.2/debian/changelog --- snort-2.8.5.2/debian/changelog +++ snort-2.8.5.2/debian/changelog @@ -1,3 +1,11 @@ +snort (2.8.5.2-2.1) unstable; urgency=low + + * Non-maintainer upload. + * Move the DB-Configuration into a sepperate file, instead of modifying + /etc/snort/snort.conf, which causes upgrade problems (Closes: #603428) + + -- Alexander Reichle-Schmehl <toli...@debian.org> Thu, 16 Dec 2010 12:37:12 +0100 + snort (2.8.5.2-2) unstable; urgency=low * Remove the reverse_order debconf option since Snort no longer supports the only in patch2: unchanged: --- snort-2.8.5.2.orig/debian/snort-common.preinst +++ snort-2.8.5.2/debian/snort-common.preinst @@ -0,0 +1,70 @@ +#!/bin/sh + +set -e + +# summary of how this script can be called: +# * <new-preinst> `install' +# * <new-preinst> `install' <old-version> +# * <new-preinst> `upgrade' <old-version> +# * <old-preinst> `abort-upgrade' <new-version> + +DBCONF="/etc/snort/database.conf" +GENCONF="/etc/snort/snort.conf" + +case "$1" in + install) + # make sure database configuration file exists + touch $DBCONF + ;; + upgrade) + # earlier versions modified /etc/snort/snort.conf directly for the + # DB stuff, we splitt it off in a sepperate file, to ensure smooth + # upgrades + if dpkg --compare-versions "$2" le "2.8.5.2-2"; + then + GENCONF_TEMPFILE=`mktemp` + DBCONF_TEMPFILE=`mktemp` + WRITE_DB=0 + WRITE_GEN=1 + cat $GENCONF | while read LINE + do + if [ "$LINE" = "# (#DBEND#)" ] + then + WRITE_DB=0 + WRITE_GEN=1 + fi + if [ $WRITE_DB -eq 1 ] + then + echo $LINE >> $DBCONF_TEMPFILE + fi + if [ $WRITE_GEN -eq 1 ] + then + echo $LINE >> $GENCONF_TEMPFILE + fi + if [ "$LINE" = "# (#DBSTART#)" ] + then + WRITE_DB=1 + WRITE_GEN=0 + fi + done + mv $DBCONF_TEMPFILE $DBCONF + mv $GENCONF_TEMPFILE $DBCONF + fi + ;; + configure) + ;; + abort-upgrade) + ;; + *) + echo "preinst called with unknown argument \`$1'" >&2 + exit 0 + ;; +esac + +# dh_installdeb will replace this with shell code automatically +# generated by other debhelper scripts. + +#DEBHELPER# + +exit 0 +
signature.asc
Description: Digital signature
