Hi,
I played a little bit with this bug, and I find one possible solution is to have
those common config files in a -common package that becomes arch=all. Thus, they
would not be replaced or removed in the scenario reported by Andreas.
In this case, package src:libpam-ldap would generate two binary packages
libpam-ldap and libpam-ldap-common, with the following files:
# dpkg -c libpam-ldap_184-8.6_ppc64el.deb | awk '{print $6}'
./
./etc/
./usr/
./usr/share/
./usr/share/doc/
./usr/share/doc/libpam-ldap/
./usr/share/doc/libpam-ldap/AUTHORS
./usr/share/doc/libpam-ldap/changelog.gz
./usr/share/doc/libpam-ldap/copyright
./usr/share/doc/libpam-ldap/buildinfo_ppc64el.gz
./usr/share/doc/libpam-ldap/README.gz
./usr/share/doc/libpam-ldap/README.Debian
./usr/share/doc/libpam-ldap/changelog.Debian.gz
./usr/share/libpam-ldap/
./lib/
./lib/powerpc64le-linux-gnu/
./lib/powerpc64le-linux-gnu/security/
./lib/powerpc64le-linux-gnu/security/pam_ldap.so
and
# dpkg -c libpam-ldap-common_184-8.6_all.deb | awk '{print $6}'
./
./usr/
./usr/share/
./usr/share/man/
./usr/share/man/man5/
./usr/share/man/man5/pam_ldap.conf.5.gz
./usr/share/pam-configs/
./usr/share/pam-configs/ldap
./usr/share/doc/
./usr/share/doc/libpam-ldap-common/
./usr/share/doc/libpam-ldap-common/AUTHORS
./usr/share/doc/libpam-ldap-common/changelog.gz
./usr/share/doc/libpam-ldap-common/copyright
./usr/share/doc/libpam-ldap-common/buildinfo_all.gz
./usr/share/doc/libpam-ldap-common/README.gz
./usr/share/doc/libpam-ldap-common/changelog.Debian.gz
./usr/share/doc/libpam-ldap/
./usr/share/doc/libpam-ldap/ldapns.schema
./usr/share/doc/libpam-ldap/LDAP-Permissions.txt
./usr/share/doc/libpam-ldap/examples/
./usr/share/doc/libpam-ldap/examples/pam.conf
./usr/share/doc/libpam-ldap/examples/pam.d/
./usr/share/doc/libpam-ldap/examples/pam.d/ssh
./usr/share/doc/libpam-ldap/examples/pam.d/shutdown
./usr/share/doc/libpam-ldap/examples/pam.d/samba
./usr/share/doc/libpam-ldap/examples/pam.d/gdm
./usr/share/doc/libpam-ldap/examples/pam.d/su
./usr/share/doc/libpam-ldap/examples/pam.d/reboot
./usr/share/doc/libpam-ldap/examples/pam.d/xserver
./usr/share/doc/libpam-ldap/examples/pam.d/halt
./usr/share/doc/libpam-ldap/examples/pam.d/rsh
./usr/share/doc/libpam-ldap/examples/pam.d/rexec
./usr/share/doc/libpam-ldap/examples/pam.d/passwd
./usr/share/doc/libpam-ldap/examples/pam.d/mcserv
./usr/share/doc/libpam-ldap/examples/pam.d/xscreensaver
./usr/share/doc/libpam-ldap/examples/pam.d/xdm
./usr/share/doc/libpam-ldap/examples/pam.d/imap
./usr/share/doc/libpam-ldap/examples/pam.d/login
./usr/share/doc/libpam-ldap/examples/pam.d/other
./usr/share/doc/libpam-ldap/examples/pam.d/linuxconf
./usr/share/doc/libpam-ldap/examples/pam.d/chfn
./usr/share/doc/libpam-ldap/examples/pam.d/xlock
./usr/share/doc/libpam-ldap/examples/pam.d/pop
./usr/share/doc/libpam-ldap/examples/pam.d/rlogin
./usr/share/doc/libpam-ldap/examples/pam.d/chsh
./usr/share/doc/libpam-ldap/examples/pam.d/vlock
./usr/share/doc/libpam-ldap/examples/pam.d/poweroff
./usr/share/doc/libpam-ldap/examples/pam.d/ftp
./usr/share/doc/libpam-ldap/examples/pam.d/kde
./usr/share/doc/libpam-ldap/examples/pam.d/linuxconf-pair
./usr/share/doc/libpam-ldap/examples/pam.d/ppp
./usr/share/doc/libpam-ldap/examples/chfn
./usr/share/doc/libpam-ldap/examples/chsh
./usr/share/libpam-ldap/
./usr/share/libpam-ldap/ldap.conf
I created a patch to do it, and I would love to hear feedback about it.
Thank you,
Breno
Index: libpam-ldap-184/debian/control
===
--- libpam-ldap-184.orig/debian/control
+++ libpam-ldap-184/debian/control
@@ -8,10 +8,20 @@ Build-Depends: cdbs (= 0.4.93~), quilt,
Package: libpam-ldap
Architecture: any
Multi-Arch: same
-Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime (= 1.0.1-6), libpam0g (= 1.1.3-2)
+Depends: ${shlibs:Depends}, ${misc:Depends}, libpam-runtime (= 1.0.1-6), libpam0g (= 1.1.3-2), libpam-ldap-common (= ${binary:Version})
Suggests: libnss-ldapd | libnss-ldap
Description: Pluggable Authentication Module for LDAP
This package provides an interface between an LDAP server and the PAM
user authentication system. Using it along with libnss-ldapd or libnss-ldap
allows LDAP to entirely replace other lookup methods (such as NIS or
+ flat-file) for system account tables.
+
+Package: libpam-ldap-common
+Architecture: all
+Depends:
+Suggests: