[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

md5sums for conffiles shipped in the distros


in order to evaluate the possible impact and the packages affected by

Bug #689836: dpkg: md5sums incorrectly recorded for conffile takeover

I'd like to generate lists of md5sums for the conffiles shipped in the
distros. List of conffiles can be generated by
  grep ^etc Contents

Since a conffile may be shipped by several (usually conflicting)
packages, we should get the md5sums *per package* that ships the file.

So what I'd like to have is lists of tuples (conffile, package, md5sum)
for lenny, squeeze, wheezy (,and sid).

The potential database corruption pairs would be

  (package1/distro1, package2/distro2)
      distro2 == distro1+1
      conffile1 == conffile2
      package1 != package2
      md5sum1 != md5sum2

Note that this dpkg database corruption can be fixed in distro1 by
reinstalling package1 *before* dist-upgrading to distro2
(discovered while analyzing #699744), it will probably heal
automatically, too, if the corruption happened during lenny->squeeze and
wheezy ships the same conffiles as squeeze). To prevent new corruptions
to happen during the upgrade process, dkpg needs to be upgraded to a
fixed version (1.16.9) before the the conffile overtaking packages.

Ignoring the md5sums, there are currently 298 package pairs that may
take over conffiles during squeeze->wheezy upgrades (although this seems
to include a lot of false positives like /etc/ftpusers that is shipped
by many packages - right now there are 64 pairs that can take over this
file) - too much to handle manually.

But more interesting is probably what happened during lenny->squeeze and
how to "fix" it (to avoid incorrect "modified conffile" prompts).


Reply to: