Bug#541872: debian-policy: identical notation for disabled-by-user and auto-generated entries in /etc/inetd.conf
On Sun, Aug 16, 2009 at 09:55:29PM +0200, Serafeim Zanikolas wrote:
> Package: debian-policy
> Version: 3.8.2.0
> Severity: normal
> Hello policy makers :)
> update-inetd is seriously bug infested, IMHO to some extent because of the
> issue below.
> Policy 11.2 says:
> If a package wants to install an example entry into `/etc/inetd.conf', the
> entry must be preceded with exactly one hash character (`#'). Such lines
> are treated as "commented out by user" by the `update-inetd' script and
> are not changed or activated during package updates.
> [presumably, "not changed" here implies also "not deleted"]
> Effectively this means that we cannot distinguish between two entirely
> different things: local-admin-policy and examples generated by postinst
> maintainer scripts.
> Now how does this lead to bugs? Say I install ftp-daemon-a, which adds an
> example entry to /etc/inetd.conf, and then I uninstall the package. The
> example entry will survive the package's removal (even if prerm calls
> update-inetd, it won't be removed because it's indistinguishable from
> local-admin-policy).
> Then I decide to install ftp-daemon-b. If the package's postinst calls
> update-inetd to enable the new service, the new entry won't be added because
> it's apparently local-admin-policy that ftp should be disabled.
> A potential fix would be to prescribe that example entries added by maintainer
> scripts are preceded with '#<example># ' (to be consistent with '#<off># '
> which is what update-inetd uses by default to denote disabled entries).
I would suggest disallowing example entries altogether; let packages use the
'#<off>#' syntax instead. Or is there some reason I'm missing why we would
want to support so many different ways for packages to add lines to
update-inetd?
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
Reply to: