Your message dated Mon, 20 Jul 2015 17:19:46 +0200
with message-id <20150720151946.ga10...@mail.beuc.net>
and subject line Re: Bug#789772: fusionforge-mta-exim4: modifies conffiles
(policy 10.7.3): /etc/exim4/exim4.conf.template
/etc/exim4/conf.d/main/01_exim4-config_listmacrosdefs
has caused the Debian Bug report #789773,
regarding fusionforge-shell: modifies conffiles (policy 10.7.3): /etc/pam.d/sshd
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
789773: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=789773
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: fusionforge-shell
Version: 6.0.1-1
Severity: serious
User: debian...@lists.debian.org
Usertags: piuparts
Hi,
during a test with piuparts I noticed your package modifies conffiles.
And this is not even a conffile shipped by your package.
This is forbidden by the policy, see
https://www.debian.org/doc/debian-policy/ch-files.html#s-config-files
10.7.3: "[...] The easy way to achieve this behavior is to make the
configuration file a conffile. [...] This implies that the default
version will be part of the package distribution, and must not be
modified by the maintainer scripts during installation (or at any
other time)."
Note that once a package ships a modified version of that conffile,
dpkg will prompt the user for an action how to handle the upgrade of
this modified conffile (that was not modified by the user).
Further in 10.7.3: "[...] must not ask unnecessary questions
(particularly during upgrades) [...]"
If a configuration file is customized by a maintainer script after
having asked some debconf questions, it may not be marked as a
conffile. Instead a template could be installed in /usr/share and used
by the postinst script to fill in the custom values and create (or
update) the configuration file (preserving any user modifications!).
This file must be removed during postrm purge.
ucf(1) may help with these tasks.
See also https://wiki.debian.org/DpkgConffileHandling
In https://lists.debian.org/debian-devel/2012/09/msg00412.html and
followups it has been agreed that these bugs are to be filed with
severity serious.
debsums reports modification of the following files,
from the attached log (scroll to the bottom...):
2m49.1s ERROR: FAIL: debsums reports modifications inside the chroot:
/etc/pam.d/sshd
cheers,
Andreas
fusionforge-shell_6.0.1-1.log.gz
Description: application/gzip
--- End Message ---
--- Begin Message ---
Hi,
I'm annoyed at having to repeatedly prove FusionForge's innocence
while the QA team keep reopening this bug without investigating the
issue in-depth, shifting all the workload on the FusionForge packagers.
In the past, FusionForge modified exim4's configuration files using
ucf (while this is not a fusionforge file, nor a ucf-managed
file). piuparts ignored ucf changes by default and hence this was
unnoticed. The user was asked twice about the change: 1) when
installing gforge-mta-exim4 and 2) when upgrading exim4.
Now, FusionForge modifies exim4's configuration directly. piuparts now
notices the change. The user is asked only once about the change:
1) when upgrading exim4 (if ever).
At the risk of repeating myself, this has been done, for a reason, for
the past decade, and users never complained.
I already explained what the fundamental problem is: the use case of
configuring/integrating other packages is not covered by the debian
policy.
You can play dumb, reopen the bug, and we'll play dumb too, working
around the piuparts warning, as was the case in the past. Or you can
see how to improve the policy to handle this use case. Or you can
just leave things as-is and keep the bugs closed.
Regards,
Sylvain
--- End Message ---
