Bug#335276: openssh conffile prompt: /etc/ssh/moduli

[Justin Pryzby <justinpryzby@users.sourceforge.net>]

On Thu, Dec 14, 2006 at 12:20:10PM -0500, Justin Pryzby wrote:
> reopen 335276
> found 335276 1:4.3p2-7
> thanks
> 
> I'm afraid this just happened again, this time with /etc/ssh/moduli.
> I don't know what this file does.  Should it be included with the package?  It
> it modified somehow, somewhen?
> 
> 2006-12-14 11:36:32 upgrade openssh-server 1:4.3p2-6 1:4.3p2-7
> 
> $ md5sum /etc/ssh/moduli* openssh-client-1\:4.3p2-6/etc/ssh/moduli
> 45e8268b1994ab38d5309eed05ba003c  /etc/ssh/moduli
> 085771ebb2b6cfe60b84ad094de0788a  /etc/ssh/moduli.dpkg-old
> d93b0dd7a654a68e39361caff3f3061e  openssh-client-1:4.3p2-6/etc/ssh/moduli
This seems to be related to #335259; but, I'm somewhat confused, since I was of
the impression that the test was:

  if [ md5sum(new-conffile) = dpkg-status-md5 ]
    # Do nothing; the maintainer did not update the conffile
  else if [ md5sum(file-on-disk) = dpkg-status-md5 ]
    # The maintainer changed the conffile, but the admin did not
    install_new_file
    echo "Installed new file"
  else
    # Both the admin and the maintainer changed it
    conffile_prompt
  endif

This algo should hit the second case and display an informative message, but
not prompt.

A possibly solution might be to
  grep -v '^#    $OpenBSD' |md5sum |sed

I note another case which could be added after the first, avoiding some
needless prompts:

  else if [ md5sum(file-on-disk) = md5sum(new-conffile) ]
    # The admin may have changed the conffile, but the contents are identical
    # to the maintainer's new version
    install_new-conffile