Bug#963340: buster-pu: package iptables-persistent/1.0.14

To: gustavo panizzo <gfa@debian.org>, 963340@bugs.debian.org
Subject: Bug#963340: buster-pu: package iptables-persistent/1.0.14
From: "Adam D. Barratt" <adam@adam-barratt.org.uk>
Date: Tue, 30 Jun 2020 17:22:50 +0100
Message-id: <[🔎] 6281930c41f2fbd2a6f1cd561576654234ddac0b.camel@adam-barratt.org.uk>
Reply-to: "Adam D. Barratt" <adam@adam-barratt.org.uk>, 963340@bugs.debian.org
In-reply-to: <[🔎] 159277076634.23090.3266518518187976456.reportbug@enceladus>
References: <[🔎] 159277076634.23090.3266518518187976456.reportbug@enceladus> <[🔎] 159277076634.23090.3266518518187976456.reportbug@enceladus>

Control: tags -1 + moreinfo

On Sun, 2020-06-21 at 22:19 +0200, gustavo panizzo wrote:
> I'd like to fix the bugs #961589 and #963012 in Buster uploading

That sounds like it would probably be OK, however:

> iptables-persistent 1.0.14 which is already in testing and backports.

I'm not sold on this as a solution currently.

> The updated package has been part of backports since Oct 2019 without
> report of problems, I personally use it on all systems I administer
> without problems.

Unfortunately, while useful input as to the stability of the changes,
none of that directly makes it suitable for a stable update.

> Besides fixing this 2 bugs this version changes the way iptables
> rules are flush (to be better IMHO),allows to toggle the rule saving
> for individual components (iptables, ip6tables and ipset) without
> changing the defaults and setups the iptables, ip6tables and ipset
> services in systemd using alternatives (See #926927)

What actual issues are these fixing for users of the current package in
stable? "Better" isn't very descriptive. :)

>From looking over the diff:

1) the whitespace unification makes it quite hard to find some of the
real changes

2) debhelper compat changes and the dh-exec migration aren't really
"minimal changes required to resolve the issue", and generally wouldn't
be appropriate for a change in stable

3) Does this hunk:

--- iptables-persistent-1.0.11/debian/ipset-persistent.prerm    1970-01-01 01:00:00.000000000 +0100
+++ iptables-persistent-1.0.14+deb10u1/debian/ipset-persistent.prerm    2020-06-21 21:12:04.000000000 +0200
@@ -0,0 +1,8 @@
+#!/bin/sh
+
+set -e
+
+# Remove alternatives
+update-alternatives --remove-all ipset.service

Do exactly what it suggests and remove any alternative using that name,
whether or not it was installed by this package? Again, how does this
benefit users of the package in stable, given that nothing else is
providing or using the alternatives?

As a side note:

+  * Rebuild for buster-updates.

Even if this gets to proposed-updates, and subsequently buster, buster-
updates is an additional suite that this request definitely does need
meet the requirements for.

Regards,

Adam

Reply to:

References:
- Bug#963340: buster-pu: package iptables-persistent/1.0.14
  - From: gustavo panizzo <gfa@debian.org>

Prev by Date: Bug#960974: buster-pu: package postfix/3.4.14-0+deb10u1
Next by Date: Processed: Re: Bug#963340: buster-pu: package iptables-persistent/1.0.14
Previous by thread: Bug#963340: buster-pu: package iptables-persistent/1.0.14
Next by thread: Processed: Re: Bug#963340: buster-pu: package iptables-persistent/1.0.14
Index(es):
- Date
- Thread