I suggest a variation on A where before rm_conffile you checksum /etc/apparmor.d/local/usr.sbin.libvirtd, if different safely save that off, call rm_conffile, then move the saved off file into place.
-- You received this bug notification because you are a member of Ubuntu Touch seeded packages, which is subscribed to apparmor in Ubuntu. https://bugs.launchpad.net/bugs/1703763 Title: How to correctly transition from packaged to dh_apparmor generated local includes Status in apparmor package in Ubuntu: New Bug description: Hi, this is more a request how to "correctly do it" instead of a bug. I asked on IRC but got no reply yet, so to not forget I better file a bug. I have a package (libvirt) which used to explicitly package the local apparmor include files. So the package had files like: /etc/apparmor.d/local/usr.sbin.libvirtd These files were carried in the package itself and considered conffiles. These days that isn't needed anymore, thanks to dh_apparmor generating such local includes. Aligning with Debian we dropped the explicit files and use the generated ones. All fine so far, but I wonder how to correctly "transition" that. A) If I do rm_conffile A1) the user had no changes, old file gets removed, new one generated all is good A2) the user had changes, old file gets retained in backup, new one generated lacks the old content B) if I not have a rm_conffile B1) the user had no changes, the old file stays (and works) but is considered obsolete by "dpkg --status" B2) the user had changes, the old file stays (and works) but is considered obsolete by "dpkg --status" So far I think I'll go with B, as dropping user changes - especially thos explicitly added to likely fix/avoid something - would be bad. But I don't like having obsolete files forever. Is there a C) which would be able to retain old changes if there were any, but in any case make sure it is dropped from the package to no more be considered an obsolete conffile? To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/apparmor/+bug/1703763/+subscriptions -- Mailing list: https://launchpad.net/~touch-packages Post to : touch-packages@lists.launchpad.net Unsubscribe : https://launchpad.net/~touch-packages More help : https://help.launchpad.net/ListHelp
