Package: dh-nss
Version: 1.7
Severity: normal
X-Debbugs-Cc: [email protected]
Dear Maintainer,
If a module is added to a new database, dh-nss generates a script that
does not check for the presency in all the listed databases and may just
accept if a service is in at least one database.
This is because the generated post-install script uses chained grep
patterns, and grep -e <pattern1> -e <pattern2> ... -e <patternN> will
make grep to exit without an error if at least one matches.
This implies that if a service file is:
passwd: files systemd sss
group: files systemd sss
shadow: files sss
systemd won't ever be added to the shadow db.
Also, if the packager decides to move the position of the service, the
orded won't be adapted.
Ideally dh-nss should always:
- Check the presency (and the right order) of the service per each database
+ If the service file is not defined for each database
- Add the service in the right position in all the services
+ If the order does not match:
- Remove the service
- Add the service again in the right position
See also: https://bugs.launchpad.net/ubuntu/+source/dh-nss/+bug/2121017
