Hi Debian release team! In the light of #291700 I prepared a new PostgreSQL stable upload. It fixes a grave misbehaviour if a database is called "peer", and fixes the calling of dpkg --compare-versions which caused the help screen to be printed when installing the package from scratch.
Would you accept the following debdiff for stable-proposed-updates?
Thanks and have a nice day!
diff -u postgresql-7.2.1/debian/postgresql-dump.in
postgresql-7.2.1/debian/postgresql-dump.in
--- postgresql-7.2.1/debian/postgresql-dump.in
+++ postgresql-7.2.1/debian/postgresql-dump.in
@@ -20,7 +20,7 @@
level.)"
exit 1
fi
- if grep -Eq '^[ ]*local[ ].*[ ]peer[ ]'
/etc/postgresql/pg_hba.conf
+ if grep -qs '^[\t ]*local[\t ]\+\w\+[\t ]\+peer[\t ]*'
/etc/postgresql/pg_hba.conf
then
echo "/etc/postgresql/pg_hba.conf still includes lines that request
'peer'
authentication. This is no longer valid; all occurrences of 'peer' must be
diff -u postgresql-7.2.1/debian/changelog postgresql-7.2.1/debian/changelog
--- postgresql-7.2.1/debian/changelog
+++ postgresql-7.2.1/debian/changelog
@@ -1,3 +1,15 @@
+postgresql (7.2.1-2woody9) stable; urgency=low
+
+ * debian/postinst.in, debian/postgresql-dump.in: Fix grep/sed expressions
+ for testing obsolete "peer" authentication. Closes: #291700
+ * debian/postgresql-startup.in: Remove check for obsolete "peer"
authentication
+ since it is already checked at installation time.
+ * debian/postinst.in: Check that we indeed have a second script argument
+ before calling dpkg --compare-versions with it (otherwise we get a
+ confusing dpkg help output).
+
+ -- Martin Pitt <[EMAIL PROTECTED]> Sun, 27 Feb 2005 22:11:17 +0100
+
postgresql (7.2.1-2woody8) stable-security; urgency=low
* Maintainer security upload to fix various vulnerabilities.
diff -u postgresql-7.2.1/debian/postinst.in postgresql-7.2.1/debian/postinst.in
--- postgresql-7.2.1/debian/postinst.in
+++ postgresql-7.2.1/debian/postinst.in
@@ -275,7 +275,7 @@
# 7.2-5 and 7.2-6 erroneously included /etc/logcheck/ignore.d and the
# removal of the older package will have destroyed it
-if dpkg --compare-versions $2 '>=' 7.2-5 &&
+if [ "$2" ] && dpkg --compare-versions $2 '>=' 7.2-5 &&
dpkg --compare-versions $2 '<=' 7.2-6
then
if [ -d /etc/logcheck ]
@@ -617,7 +617,7 @@
done
# Check for instances of "peer" authentication and change them to "ident"
-if grep -qs '^[ ]*local[ ]*.*[ ]*peer[ ]*'
/etc/postgresql/pg_hba.conf
+if grep -qs '^[\t ]*local[\t ]\+\w\+[\t ]\+peer[\t ]*'
/etc/postgresql/pg_hba.conf
then
echo -n "You have \"peer\" authentication in use in
/etc/postgresql/pg_hba.conf
This is no longer valid: \"peer\" must be changed to \"ident\"
@@ -627,7 +627,7 @@
if [ "$x" = "Y" -o "$x" = "y" -o -z "$x" ]
then
cp /etc/postgresql/pg_hba.conf /etc/postgresql/$$
- sed -e '/^local.*[ ]peer[ ]*/s:peer:ident:'
</etc/postgresql/$$ >/etc/postgresql/pg_hba.conf
+ sed -e 's/^\([\t ]*local[\t ]\+[a-z]\+[\t ]\+\)peer\([\t
]*\)/\1ident\2/' </etc/postgresql/$$ >/etc/postgresql/pg_hba.conf
echo "peer changed to ident"
else
echo "You must make this change yourself before you can start
postgresql"
@@ -724,7 +724,7 @@
done
if su - postgres -c "unset PGHOST;
PATH=/usr/lib/postgresql/bin:/bin:/usr/bin postgresql-dump -icldvp $savedir -Ft
/usr/lib/postgresql/dumpall/db.out"
then
- if grep -qs '^[ ]*local[ ]*.*[
]*peer[ ]*' /etc/postgresql/pg_hba.conf
+ if grep -qs '^[\t ]*local[\t ]\+\w\+[\t
]\+peer[\t ]*' /etc/postgresql/pg_hba.conf
then
:
else
diff -u postgresql-7.2.1/debian/postgresql-startup.in
postgresql-7.2.1/debian/postgresql-startup.in
--- postgresql-7.2.1/debian/postgresql-startup.in
+++ postgresql-7.2.1/debian/postgresql-startup.in
@@ -102,13 +102,6 @@
fi
fi
-if grep -qs '^local.*[ ]*peer[ ]' /etc/postgresql/pg_hba.conf
-then
- echo "Invalid pg_hba.conf authentication spec. Change all occurrences
of
-peer authentication to ident in /etc/postgresql/pg_hba.conf."
- exit 1
-fi
-
# Make sure we have a database directory
if [ ! -d ${PGDATA} ]
then
--
Martin Pitt http://www.piware.de
Ubuntu Developer http://www.ubuntulinux.org
Debian GNU/Linux Developer http://www.debian.org
signature.asc
Description: Digital signature
