X Strike Force SVN commit: rev 371 - trunk/debian
Author: branden
Date: 2003-08-06 02:39:54 -0500 (Wed, 06 Aug 2003)
New Revision: 371
Modified:
trunk/debian/changelog
trunk/debian/xserver-common.config.in
trunk/debian/xserver-common.postinst.in
trunk/debian/xserver-common.preinst.in
trunk/debian/xserver-common.templates
Log:
Migrate away from the hated-and-reviled "manage Xwrapper.config with
debconf?" technique of handling the /etc/X11/Xwrapper.config non-conffile
configuration file, and to a proto-ucf style of handling:
- debian/xserver-common.templates: drop the
xserver-common/manage_config_with_debconf and
xserver-common/move_existing_nondebconf_config templates
- debian/xserver-common.config.in: stop asking the now-deleted questions
- debian/xserver-common.preinst.in: when upgrading from xserver-common <<
4.2.1-10, check value of xserver-common/manage_config_with_debconf; if
it is true; attempt to store md5sum of existing Xwrapper.config file;
unregister the now-deleted questions
- debian/xserver-common.postinst.in: automatically update the
Xwrapper.config file (based on the values of the debconf templates) if
and only if:
+ the file exists;
+ the MD5 checksum file exists;
+ the MD5 checksum of the current version of the file matches the
stored checksum (indicating that the file hasn't changed since we last
touched it); and
+ the newly written file actually differs from the existing one
With luck, this new approach will meet with less anger and hatred from
people who do not read fully-capitalized warnings within the files they
are editing, let alone a manual page.
debian/xserver-common.*.in: update copyright notices, and $Id$ expandos, and
set svn:keywords property to "Id" where necessary
Modified: trunk/debian/changelog
==============================================================================
--- trunk/debian/changelog 2003-08-06 06:33:33 UTC (rev 370)
+++ trunk/debian/changelog 2003-08-06 07:39:54 UTC (rev 371)
@@ -135,8 +135,32 @@
- debian/xserver-common.postinst.in: stop manipulating X server socket
directory
- -- Branden Robinson <branden@debian.org> Wed, 6 Aug 2003 01:28:24 -0500
+ * Migrate away from the hated-and-reviled "manage Xwrapper.config with
+ debconf?" technique of handling the /etc/X11/Xwrapper.config non-conffile
+ configuration file, and to a proto-ucf style of handling:
+ - debian/xserver-common.templates: drop the
+ xserver-common/manage_config_with_debconf and
+ xserver-common/move_existing_nondebconf_config templates
+ - debian/xserver-common.config.in: stop asking the now-deleted questions
+ - debian/xserver-common.preinst.in: when upgrading from xserver-common <<
+ 4.2.1-10, check value of xserver-common/manage_config_with_debconf; if
+ it is true; attempt to store md5sum of existing Xwrapper.config file;
+ unregister the now-deleted questions
+ - debian/xserver-common.postinst.in: automatically update the
+ Xwrapper.config file (based on the values of the debconf templates) if
+ and only if:
+ + the file exists;
+ + the MD5 checksum file exists;
+ + the MD5 checksum of the current version of the file matches the
+ stored checksum (indicating that the file hasn't changed since we last
+ touched it); and
+ + the newly written file actually differs from the existing one
+ With luck, this new approach will meet with less anger and hatred from
+ people who do not read fully-capitalized warnings within the files they
+ are editing, let alone a manual page.
+ -- Branden Robinson <branden@debian.org> Wed, 6 Aug 2003 02:24:20 -0500
+
xfree86 (4.2.1-9) unstable; urgency=high
* urgency due to xterm security fixes; see below
Modified: trunk/debian/xserver-common.config.in
==============================================================================
--- trunk/debian/xserver-common.config.in 2003-08-06 06:33:33 UTC (rev 370)
+++ trunk/debian/xserver-common.config.in 2003-08-06 07:39:54 UTC (rev 371)
@@ -4,6 +4,8 @@
# Licensed under the GNU General Public License, version 2. See the file
# /usr/share/common-licenses/GPL or <http://www.gnu.org/copyleft/gpl.txt>.
+# $Id$
+
set -e
THIS_PACKAGE=xserver-common
@@ -11,8 +13,6 @@
#INCLUDE_SHELL_LIB#
-CONFIGFILE=/etc/X11/Xwrapper.config
-
# set the default nice value based on what Linux kernel version is being used;
# the new process scheduler in 2.5, to be released in 2.6, makes a default of
# -10 a bad idea; with that scheduler, the X server should run with priority 0
@@ -45,43 +45,9 @@
# source debconf library
. /usr/share/debconf/confmodule
-# *sigh* migration issues
+# if one were going to parse the on-disk Xwrapper.config file and set the
+# debconf template values to match, one would do so here; but we're not
-ASK_TO_REPLACE=
-if [ -e $CONFIGFILE ]; then
- # does the file have debconf markers in it?
- if egrep -q '^### BEGIN DEBCONF SECTION' $CONFIGFILE && \
- egrep -q '^### END DEBCONF SECTION' $CONFIGFILE; then
- PRIORITY=medium
- else
- ASK_TO_REPLACE=yes
- PRIORITY=high
- fi
-else
- PRIORITY=medium
-fi
-
-# use debconf to manage X server wrapper configuration file?
-db_input $PRIORITY xserver-common/manage_config_with_debconf || true
-db_go
-db_get xserver-common/manage_config_with_debconf
-if [ "$RET" = "false" ]; then
- exit 0
-fi
-
-# move existing non-debconf-marked X server wrapper configuration file out of
-# the way?
-if [ -n "$ASK_TO_REPLACE" ]; then
- db_input $PRIORITY xserver-common/move_existing_nondebconf_config || true
- db_go
- db_get xserver-common/move_existing_nondebconf_config
- if [ "$RET" = "true" ]; then
- mv $CONFIGFILE $CONFIGFILE.debconf-backup
- else
- exit 0
- fi
-fi
-
db_input low xserver-common/xwrapper/allowed_users || true
db_go
Modified: trunk/debian/xserver-common.postinst.in
==============================================================================
--- trunk/debian/xserver-common.postinst.in 2003-08-06 06:33:33 UTC (rev 370)
+++ trunk/debian/xserver-common.postinst.in 2003-08-06 07:39:54 UTC (rev 371)
@@ -1,6 +1,6 @@
#!/bin/sh
# Debian xserver-common package post-installation script
-# Copyright 1998--2001 Branden Robinson.
+# Copyright 1998--2003 Branden Robinson.
# Licensed under the GNU General Public License, version 2. See the file
# /usr/share/common-licenses/GPL or <http://www.gnu.org/copyleft/gpl.txt>.
# Acknowlegements to Stephen Early, Mark Eichin, and Manoj Srivastava.
@@ -14,6 +14,10 @@
#INCLUDE_SHELL_LIB#
+XWRAPPER_CONFIG=/etc/X11/Xwrapper.config
+CHECKSUM_DIR="/var/lib/$THIS_PACKAGE"
+XWRAPPER_CONFIG_CHECKSUM="$CHECKSUM_DIR/$(basename "$XWRAPPER_CONFIG").md5sum"
+
# source debconf library
. /usr/share/debconf/confmodule
@@ -26,54 +30,41 @@
#DEBHELPER#
-db_get xserver-common/manage_config_with_debconf
-if [ "$RET" = "true" ]; then
- # create/update /etc/X11/Xwrapper.config using debconf db values
- db_get xserver-common/xwrapper/actual_allowed_users
- ALLOWED_USERS="$RET"
- db_get xserver-common/xwrapper/nice_value
- NICE_VALUE="$RET"
-
- CONFIGFILE=/etc/X11/Xwrapper.config
- WORKTMP=$CONFIGFILE.xserver-common-tmp
- DEBCONFTMP=$CONFIGFILE.xserver-common-debconf
-
- rm -f $WORKTMP $DEBCONFTMP
-
- cat > $DEBCONFTMP << EOF
-### BEGIN DEBCONF SECTION
-# Do not edit within this region if you want your changes to be preserved by
-# debconf. Instead, make changes after the "### END DEBCONF SECTION" line.
+# only mess with config file if it exists; if it does not, assume that's the
+# way the user wants it
+if [ -e "$XWRAPPER_CONFIG" ]; then
+ # similarly, check for the existence of the checksum file; if it doesn't
+ # exist, assume that's the way the user wants it
+ if [ -e "$XWRAPPER_CONFIG_CHECKSUM" ]; then
+ # compare the current and stored checksums; if they do not match, assume
+ # that's the way the user wants it
+ CURRENT_MD5SUM=$(md5sum "$XWRAPPER_CONFIG")
+ if [ "$CURRENT_MD5SUM" = "$(cat "$XWRAPPER_CONFIG_CHECKSUM")" ]; then
+ # they match; prepare a new version of the config file
+ db_get xserver-common/xwrapper/actual_allowed_users
+ ALLOWED_USERS="$RET"
+ db_get xserver-common/xwrapper/nice_value
+ NICE_VALUE="$RET"
+ NEW_XWRAPPER_CONFIG=$(tempfile)
+ cat > "$NEW_XWRAPPER_CONFIG" << EOF
allowed_users=$ALLOWED_USERS
nice_value=$NICE_VALUE
-### END DEBCONF SECTION
EOF
-
- if [ -e $CONFIGFILE ]; then
- # does the file have debconf markers in it?
- if egrep -q '^### BEGIN DEBCONF SECTION' $CONFIGFILE && \
- egrep -q '^### END DEBCONF SECTION' $CONFIGFILE; then
- # see if the beginning of the file was left alone; sed cannot backtrack in an
- # address range
- if ! head -n 1 $CONFIGFILE | egrep -q '^### BEGIN DEBCONF SECTION'; then
- # sick, sick, sick
- LINES=$(sed -n '1,/^### BEGIN DEBCONF SECTION/p' < $CONFIGFILE | wc -l)
- sed -n 1,$(( $LINES - 1 ))p < $CONFIGFILE > $WORKTMP
+ if ! cmp -s "$XWRAPPER_CONFIG" "$NEW_XWRAPPER_CONFIG"; then
+ cp "$NEW_XWRAPPER_CONFIG" "${XWRAPPER_CONFIG}.dpkg-new"
+ mv "${XWRAPPER_CONFIG}.dpkg-new" "$XWRAPPER_CONFIG"
+ md5sum "$XWRAPPER_CONFIG" > "$XWRAPPER_CONFIG_CHECKSUM"
fi
- cat $DEBCONFTMP >> $WORKTMP
- sed -n '/^### END DEBCONF SECTION/,$p' < $CONFIGFILE | tail -n +2 >> $WORKTMP
+ rm -f "$NEW_XWRAPPER_CONFIG"
else
- message "Existing $CONFIGFILE has missing or half-open debconf region;" \
- "not writing X server wrapper configuration file."
- exit 0
+ message "Note: not updating $XWRAPPER_CONFIG; file has been customized"
fi
else
- cp $DEBCONFTMP $WORKTMP
+ message "Note: not updating $XWRAPPER_CONFIG; no stored MD5 checksum"\
+ "available"
fi
-
- mv $WORKTMP $CONFIGFILE
-
- rm -f $WORKTMP $DEBCONFTMP
+else
+ message "Note: not updating $XWRAPPER_CONFIG; file does not exist"
fi
exit 0
Modified: trunk/debian/xserver-common.preinst.in
==============================================================================
--- trunk/debian/xserver-common.preinst.in 2003-08-06 06:33:33 UTC (rev 370)
+++ trunk/debian/xserver-common.preinst.in 2003-08-06 07:39:54 UTC (rev 371)
@@ -1,10 +1,12 @@
#!/bin/sh
# Debian xserver-common package pre-installation script
-# Copyright 1998-2001 Branden Robinson.
+# Copyright 1998--2003 Branden Robinson.
# Licensed under the GNU General Public License, version 2. See the file
# /usr/share/common-licenses/GPL or <http://www.gnu.org/copyleft/gpl.txt>.
# Acknowlegements to Stephen Early, Mark Eichin, and Manoj Srivastava.
+# $Id$
+
set -e
THIS_PACKAGE=xserver-common
@@ -12,6 +14,10 @@
#INCLUDE_SHELL_LIB#
+XWRAPPER_CONFIG=/etc/X11/Xwrapper.config
+CHECKSUM_DIR="/var/lib/$THIS_PACKAGE"
+XWRAPPER_CONFIG_CHECKSUM="$CHECKSUM_DIR/$(basename "$XWRAPPER_CONFIG").md5sum"
+
if [ "$1" = "install" -o "$1" = "upgrade" ]; then
# xserver dir moved to /etc/X11 in 4.x
if [ -e /usr/X11R6/lib/X11/xserver -a ! -L /usr/X11R6/lib/X11/xserver ]; then
@@ -26,6 +32,50 @@
mv /etc/X11/Xserver /etc/X11/Xserver.xserver-common-backup
fi
+ # if upgrading from < 4.2.1-10, migrate Xwrapper.config to (simplified)
+ # ucf-style handling
+ if dpkg --compare-versions "$2" lt "4.2.1-10"; then
+ db_get xserver-common/manage_config_with_debconf
+ # attempt to pre-seed the md5sum file based on the current content of the
+ # file
+ if [ "$RET" = "true" ]; then
+ WRITE_MD5SUM=yes
+ # if the config file doesn't even exist, don't bother
+ if [ -e "$XWRAPPER_CONFIG" ]; then
+ # this is the preinst, so our checksum directory might not have been
+ # unpacked yet (in fact, if we're upgrading from < 4.2.1-10, we expect
+ # it not to be)
+ if [ ! -e "$CHECKSUM_DIR" ]; then
+ mkdir --mode=755 "$CHECKSUM_DIR"
+ else
+ # if the checksum pathname does exist but is not a directory, give
+ # up; dpkg will probably vomit on unpack anyway
+ if [ ! -d "$CHECKSUM_DIR" ]; then
+ message "Warning: cannot store MD5 checksum of $XWRAPPER_CONFIG;" \
+ "$CHECKSUM_DIR exists but is not a directory."
+ WRITE_MD5SUM=
+ fi
+ fi
+ if [ -n "$WRITE_MD5SUM" ]; then
+ # people were letting debconf "manage" the config file even though
+ # they complained when it did so, so store a backup to keep people
+ # quiet
+ message "Note: migrating $XWRAPPER_CONFIG away from management" \
+ "by debconf; backup stored in ${XWRAPPER_CONFIG}.dpkg-old" \
+ "and MD5 checksum stored in $WRAPPER_CONFIG_CHECKSUM"
+ md5sum "$XWRAPPER_CONFIG" > "$WRAPPER_CONFIG_CHECKSUM"
+ cp "$XWRAPPER_CONFIG" "${XWRAPPER_CONFIG}.dpkg-old"
+ fi
+ fi
+ else
+ message "Note: not storing MD5 checksum of $XWRAPPER_CONFIG; file not" \
+ "under management of debconf."
+ fi
+
+ # in other news, unregister the now no-longer-used templates
+ db_unregister xserver-common/manage_config_with_debconf
+ db_unregister xserver-common/move_existing_nondebconf_config
+ fi
fi
#DEBHELPER#
Modified: trunk/debian/xserver-common.templates
==============================================================================
--- trunk/debian/xserver-common.templates 2003-08-06 06:33:33 UTC (rev 370)
+++ trunk/debian/xserver-common.templates 2003-08-06 07:39:54 UTC (rev 371)
@@ -1,28 +1,3 @@
-Template: xserver-common/manage_config_with_debconf
-Type: boolean
-Default: true
-_Description: Manage X server wrapper configuration file with debconf?
- The /etc/X11/Xwrapper.config file, which contains configuration information
- controlling who is permitted to start the X server and how it is invoked, can
- be handled automatically by debconf, or manually by you.
- .
- Note that only specific, marked sections of the configuration file will be
- handled by debconf if you select this option; if those markers are absent,
- you will have to update the file manually, or move or delete the file.
-
-Template: xserver-common/move_existing_nondebconf_config
-Type: boolean
-Default: false
-_Description: Replace existing X server wrapper configuration file?
- The existing /etc/X11/Xwrapper.config file currently on the system does not
- contain a marked section for debconf to write its data.
- .
- If you select this option, the existing X server wrapper configuration file
- will be backed up to /etc/X11/Xwrapper.config.debconf-backup and a new file
- written to /etc/X11/Xwrapper.config. If you do not select this option, the
- existing configuration file will not be managed by debconf, and no further
- questions about X server wrapper configuration will be asked.
-
Template: xserver-common/xwrapper/allowed_users
Type: select
_Choices: Root Only, Console Users Only, Anybody
Reply to: