Re: should a postinst script create config files?
> > is it a good way to create config files with postinst scripts? I allways
> > have some machines show a different behavior because i installed them
> > with different postinsts. For example the /etc/ssh/sshd_config: there
> > was a change in the ForwardX11 option, and i didn't recognised it
> > because in the scripts is allways something like if [ ! -e <conffile> ];
> > then <create file with contents of script>; fi. I don't have any chance
> > to recongnise the change in the config script! Okay I can read
> > changes.gz, but for all packeges!!?
> >
> > I think creating files in that way is very dirty and we should try to
> > avoid that. They should be shipped as _real_ config files in a deb
> > package.
>
> Just for the record, the problem with including it with a conffile
> (as you seem to imply), is that when the ForwardX11 option
> changes the system adminstrator has to decide which version of the
> file to install.
>
> If he/she picks don't install new file, then sshd is started with
> the old value of ForwardX11, until the adminstrator can/remembers
> to merge in the change.
>
> If he/she picks the new value, then sshd is started with the default
> policy, not the local policy. It is up to the system adminstrator to
> merge the changes together.
>
> In either case, if the system adminstrator is doing an "apt-get
> dist-upgrade", there may be a delay before he/she can fix the
> problem after sshd has started.
>
> This isn't so much a problem with sshd, but once I answered Yes to
> updating /etc/squid.conf. I intended to merge in my changes.
>
> To my surprise and horror, this not only set my cache size to a tiny
> 100Megs (IIRC), but also automatically started squid, and squid
> proceeded to purge items from my cache in order to make it the reduced
> size. No! No! No! I don't wont that!
>
> Perhaps dpkg really needs an option: I want to use *that* file, but
> please let me edit it before blindly using it! Please remind me if
> I forget to edit it!
I allways answer No for new conffiles. Then dpkg installes a
conffile.dpkg-dist file. The changes I made for the old conffile are
saved in a file generated with 'diff -u conffile.dpkg-dist conffile'.
That patch I try to apply to the new dpkg-dist file. Then I make a new
diff and save it for the next update.
If I make a change in conffile a cron job daily reports me that there is
a change but no existing diff for that.
To support that I have written /etc/cron.daily/patchdb and
/usr/local/sbin/patchdb-checkin. It is appended to that mail. Some
comments are in german - sorry - but the scripts are not so big. The
generated output is in english.
Maik
--
Maik Busch -o) maik.busch@web.de
Oldenburger Str.28 /\ +49/30/39494219 (home )
10551 Berlin _\_v maik.busch@charite.de
Germany +49/30/450557107 (office)
--
#!/bin/sh
# (c) by Maik Busch <maik.busch@web.de>
# dieses script sucht alle Dateien im System mit der Endung .dpkg-dist
# und erstellt ein patch zur Datei ohne diese Endung. Die
# Ausgabe wird wird mit dem patch, der unter $PATCHDIR zu finden ist
# verglichen. Wenn sie sich unterscheiden wird dieses gemeldet.
set -e
PATCHDIR=/var/lib/patchdb/`hostname --fqdn`
PATCHDIRESC='\/var\/lib\/patchdb\/'`hostname --fqdn`
EXITCODE=0
PROGNAME=`basename $0`
TMPFILE=`mktemp /tmp/$PROGNAME.XXXXXX`
TMPFILEWARN=`mktemp /tmp/$PROGNAME.XXXXXX`
TMPFILEDIFF1=`mktemp /tmp/$PROGNAME.XXXXXX`
TMPFILEDIFF2=`mktemp /tmp/$PROGNAME.XXXXXX`
for F in `locate .dpkg-dist | grep -e '\.dpkg-dist$' | sed 's/\.dpkg-dist$//'`; do
if [ -e $F -a -e ${F}.dpkg-dist ]; then
if [ ! -e ${PATCHDIR}${F}.diff ]; then
echo "W: ${PATCHDIR}${F}.diff does not exists" >> $TMPFILEWARN
else
diff -u ${F}.dpkg-dist $F |
grep -v -e "--- ${F}\.dpkg-dist" | grep -v -e "+++ ${F}" > ${TMPFILEDIFF1} || true
cat ${PATCHDIR}${F}.diff |
grep -v -e "--- ${F}\.dpkg-dist" | grep -v -e "+++ ${F}" > ${TMPFILEDIFF2} || true
diff -q ${TMPFILEDIFF1} ${TMPFILEDIFF2} > /dev/null ||
echo " ${F}" >> $TMPFILE
fi
fi
done
cat $TMPFILEWARN >> $TMPFILE
if [ -s $TMPFILE ]; then
echo "I found inkonsistencies for the following files:"
cat $TMPFILE
EXITCODE=1
fi
rm -f $TMPFILE
rm -f $TMPFILEWARN
rm -f $TMPFILEDIFF1
rm -f $TMPFILEDIFF2
#
#################################################
# Überprüfen, ob in der Datenbank überflüssige Dateien sind.
touch $TMPFILE
# alles was nicht .diff heißt ist überflüssig
find $PATCHDIR -type f ! \( -name \*.diff -o -name .\*.diff \) \
-exec echo What\'s that\? \{} \; >> $TMPFILE
# alles leeren Verzeichniss sind auch überflüssig
find $PATCHDIR -type d -empty -exec echo "Following dir is empty: " \{} \;
# alles wo es keine entsprechende .dpkg-dist und das orginal file gibt ist
# auch überflüssig.
for F in `find $PATCHDIR -type f \( -name \*.diff -o -name .\*.diff \) | sed "s/${PATCHDIRESC}\\(.*\\)\.diff\$/\\1/"`; do
if ! [ -e $F ]; then
echo -e "I miss ${F} for \\n ${PATCHDIR}${F}.diff" >> $TMPFILE
fi
if ! [ -e ${F}.dpkg-dist ]; then
echo -e "I miss ${F}.dpkg-dist for \\n ${PATCHDIR}${F}.diff" >> $TMPFILE
fi
done
if [ -s $TMPFILE ]; then
cat $TMPFILE
EXITCODE=1
fi
rm -f $TMPFILE
#
# find dpkg-old files
#
touch $TMPFILE
locate .dpkg-old | grep -e '\.dpkg-old$' | sed 's/^/ /' >> $TMPFILE
if [ -s $TMPFILE ]; then
echo "I found the following .dpkg-old files:"
cat $TMPFILE
EXITCODE=1
fi
rm -f $TMPFILE
#
exit $EXITCODE
#!/bin/bash
set -e
test -z "$1" && echo "usage: `basename $0` <filename>" && false
#
if ! echo $1 | grep -q '^/'; then
echo "W: You should give a full qualified path";
set `pwd`/$1
echo " I suggest you meen: $1"
fi
DIR=`dirname $1`
PATCHDIR=/var/lib/patchdb/`hostname --fqdn`
#
if ! [ -e $1 ]; then echo "$1 does not exists"; false; fi
if ! [ -e $1.dpkg-dist ]; then echo "$1.dpkg-dist does not exists"; false; fi
if ! [ -d ${PATCHDIR}/${DIR} ]; then
echo "W: directory ${PATCHDIR}/${DIR} does not exist"
echo " I will create it."
mkdir -p ${PATCHDIR}/${DIR}
fi
#
diff -u $1.dpkg-dist $1 > ${PATCHDIR}/$1.diff || true
#
echo "$1 checked in."
Reply to: