Today I stumbled across this section in the policy and found it to be
confusing, self contradictory, contradictory|
with the debconf man page and contradictory with common sense.
The proposals seem quite sensible if perhaps not in their final form, but reading through the entire thread it seems to me that the thread lost its way by looking at specific packages, for which presumably someone can always come
up with reasons as to why the configuration files are particularly sensitive. As such I will just explain ways in which I am confused by the policy but I will try to avoid mentioning specifics.
Second paragraph: "The maintainer scripts must not alter a conffile of any package, including the one the scripts belong to."
This statement can be construed as prohibiting any automated generation of configuration files, and any user interaction with the construction of the configuration file via debconf.
Fourth paragraph: "If it is desirable for two or more related packages to share a configuration file and for all of the related packages to be able to modify that configuration file, then the following should be done:"
This statement contradicts the second paragraph.
As far as I can see if package A installs file pregenerated X where file X was originally installed by package B and where A's control file has a "Replaces: B" clause, then the system will know that file X is now owned by package A.
However if package A modifies file X, for example by using "sed", the system has no way of knowing that the file is
now owned by package A. I suspect that this might be what the policy section is attempting to express, but it is not at all clear.
Sixth paragraph: "The owning package should also provide a program that the other packages may use to modify the configuration file."
I suspect that a good example of this might be the "passwd" package which provides utilities such as "useradd" to modify its configuration files.