On 2023-01-21, at 20:00:05 +0100, Romain Francoise wrote:
> I noticed while testing that you removed the '--no-start' argument to
> dh_installinit calls in the unified package, and that's not right, as
> README.Debian documents.
>
> The situation is even a bit more complex:
>
> * shorewall.postinst and shorewall6.postinst source the config file in
> /etc/default and just exit if 'startup' is not 1. So the postinst bits
> added by debhelper don't get executed at all, even though they exist.
> * shorewall-init.postinst is fully generated by debhelper and does not
> have this logic, so it enables and starts the shorewall-init service
> which by default refuses to start ("ERROR: No products configured"),
> leaving a failed systemd service behind.
>
> I think we should call dh_installinit with '--no-enable --no-start'.
>
> Also, the systemd services don't honor the 'startup' variable in
> /etc/default/shorewall{,6} at all, so it feels wrong for the postinst
> scripts to act differently based on it.
Agreed. Not sure what the thinking was (those changes were initially
made in April, '21). I think we can then remove the shorewall.postinst
and shorewall6.postinst scripts completely.
J.
Attachment:
signature.asc
Description: PGP signature