Bug#991630: snort-common: maintainer scripts must always call dpkg-maintscript-helper

Andreas Beckmann Thu, 29 Jul 2021 03:09:16 -0700

Package: snort-common
Version: 2.9.15.1-5
Severity: serious
Tags: patch
User: debian...@lists.debian.org
Usertags: piuparts


Hi,

debsums reports modification of the following files,
from the attached log (scroll to the bottom...):

  /etc/cron.daily/snort-common

This happens in the following scenario:
* install snort-common/buster
* remove (nut not purge) snort-common
* upgrade system from bsuter to bullseye
* install snort-common/bullseye

dpkg-maintscript-helper gets "$@" as arguments s.t. it can decide what
to do depending on the action.
The preinst/postinst scripts only call dpkg-maintscript-helper for a limited
set of actions, especially missing "preinst install $oldversion", which
causes the wrong action being taken by the postinst in the above scenario
(it preserves the unmodified old file and moves it to the new location).

cheers,

Andreas

diff -Nru snort-2.9.15.1/debian/changelog snort-2.9.15.1/debian/changelog
--- snort-2.9.15.1/debian/changelog     2021-04-10 22:55:04.000000000 +0200
+++ snort-2.9.15.1/debian/changelog     2021-07-29 11:33:46.000000000 +0200
@@ -1,3 +1,10 @@
+snort (2.9.15.1-6) UNRELEASED; urgency=medium
+
+  * snort-common.{pre,post}inst: Call dpkg-maintscript-helper for all actions.
+    (Closes: #-1)
+
+ -- Andreas Beckmann <a...@debian.org>  Thu, 29 Jul 2021 11:33:46 +0200
+
 snort (2.9.15.1-5) unstable; urgency=medium
 
   * debian/snort-common.{preinst,postinst,postrm}:
diff -Nru snort-2.9.15.1/debian/snort-common.postrm 
snort-2.9.15.1/debian/snort-common.postrm
--- snort-2.9.15.1/debian/snort-common.postrm   2021-04-10 22:55:04.000000000 
+0200
+++ snort-2.9.15.1/debian/snort-common.postrm   2021-07-29 11:33:46.000000000 
+0200
@@ -6,17 +6,6 @@
 set -e
 test $DEBIAN_SCRIPT_DEBUG && set -v -x
 
-# summary of how this script can be called:
-#        * <postrm> `remove'
-#        * <postrm> `purge'
-#        * <old-postrm> `upgrade' <new-version>
-#        * <new-postrm> `failed-upgrade' <old-version>
-#        * <new-postrm> `abort-install'
-#        * <new-postrm> `abort-install' <old-version>
-#        * <new-postrm> `abort-upgrade' <old-version>
-#        * <disappearer's-postrm> `disappear' <r>overwrit>r> <new-version>
-# for details, see /usr/doc/packaging-manual/
-
 
 case "$1" in
        purge)
@@ -33,7 +22,8 @@
           rm -f /etc/snort/database.conf
        fi
        ;;
-       abort-install|abort-upgrade)
+esac
+
        # if installation was aborted then revert the rename of the cron job 
using dpkg-maintscript-helper
        if dpkg-maintscript-helper supports mv_conffile; then
        dpkg-maintscript-helper mv_conffile \
@@ -43,17 +33,8 @@
        if dpkg-maintscript-helper supports rm_conffile; then
            dpkg-maintscript-helper rm_conffile /etc/snort/database.conf 2.9.3~ 
snort-common  -- "$@"
        fi
-       ;;
-       remove|upgrade|failed-upgrade|abort-install|abort-upgrade)
-        # nothing
-       ;;
-esac
-
-
-
 
 # dh_installdeb will replace this with shell code automatically
 # generated by other debhelper scripts.
 
 #DEBHELPER#
-
diff -Nru snort-2.9.15.1/debian/snort-common.preinst 
snort-2.9.15.1/debian/snort-common.preinst
--- snort-2.9.15.1/debian/snort-common.preinst  2021-04-10 22:55:04.000000000 
+0200
+++ snort-2.9.15.1/debian/snort-common.preinst  2021-07-29 11:33:45.000000000 
+0200
@@ -3,20 +3,9 @@
 set -e
 test $DEBIAN_SCRIPT_DEBUG && set -v -x
 
-# summary of how this script can be called:
-#        * <new-preinst> `install'
-#        * <new-preinst> `install' <old-version>
-#        * <new-preinst> `upgrade' <old-version>
-#        * <old-preinst> `abort-upgrade' <new-version>
-
 GENCONF="/etc/snort/snort.conf" # generic configuration file
 DBCONF="/etc/snort/database.conf" # deprecated
 
-case "$1" in
-    install)
-        # Do nothing
-    ;;
-    upgrade)
          # versions previous to 2.9.3 created the /etc/snort/database.conf
          # file for configuration
          #if dpkg --compare-versions "$2" le "2.9.3" &&  [ -e "$DBCONF" ] && ! 
[ -s "$DBCONF" ] 
@@ -32,7 +21,9 @@
             if dpkg-maintscript-helper supports rm_conffile; then
                 dpkg-maintscript-helper rm_conffile $DBCONF 2.9.3~ 
snort-common -- "$@" 
             else
+              if [ "$1" = "upgrade" ]; then
                 rm -f $DBCONF
+              fi
             fi
          fi
 
@@ -44,26 +35,15 @@
             # Manually move the file, this will generate a dpkg prompt to
             # approve the changes
             if [ -e /etc/cron.daily/5snort ]; then
+              if [ "$1" = "upgrade" ]; then
                  mv /etc/cron.daily/5snort /etc/cron.daily/snort-common
+              fi
             fi
         fi
 
-    ;;
-    configure)
-        # Do nothing
-    ;;
-    abort-upgrade)
-    ;;
-    *) 
-        echo "preinst called with unknown argument \`$1'" >&2
-        exit 0
-    ;;
-esac
-
 # dh_installdeb will replace this with shell code automatically
 # generated by other debhelper scripts.
 
 #DEBHELPER#
 
 exit 0
-

snort-common_2.9.15.1-5.log.gz
Description: application/gzip

Bug#991630: snort-common: maintainer scripts must always call dpkg-maintscript-helper

Reply via email to