On Wed, 13 Dec 2006, Brian May wrote:
> I consider this cleaner then Peter's solution which always enables hprop on
> upgrades even if you don't want it.
It does not always enable hprop. It only enables it if was previously
enabled.
> It has always been my intention that hprop should be disabled by default.
And it is, with my patch:
[EMAIL PROTECTED]:/tmp/buildd# tail -n 2 /etc/inetd.conf
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
#krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
[EMAIL PROTECTED]:/tmp/buildd# dpkg -s heimdal-kdc | grep Version
Version: 0.7.2.dfsg.1-6
[EMAIL PROTECTED]:/tmp/buildd# dpkg -i
heimdal-kdc_0.7.2.dfsg.1-6+weasel_i386.deb
(Reading database ... 18095 files and directories currently installed.)
Preparing to replace heimdal-kdc 0.7.2.dfsg.1-6 (using
heimdal-kdc_0.7.2.dfsg.1-6+weasel_i386.deb) ...
Unpacking replacement heimdal-kdc ...
Setting up heimdal-kdc (0.7.2.dfsg.1-6+weasel) ...
[EMAIL PROTECTED]:/tmp/buildd# tail -n 2 /etc/inetd.conf
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
#krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
It also keeps the proper state when it is enabled:
[EMAIL PROTECTED]:/tmp/buildd# tail -n 2 /etc/inetd.conf
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
[EMAIL PROTECTED]:/tmp/buildd# dpkg -s heimdal-kdc | grep Version
Version: 0.7.2.dfsg.1-6
[EMAIL PROTECTED]:/tmp/buildd# dpkg -i
heimdal-kdc_0.7.2.dfsg.1-6+weasel_i386.deb
(Reading database ... 18095 files and directories currently installed.)
Preparing to replace heimdal-kdc 0.7.2.dfsg.1-6 (using
heimdal-kdc_0.7.2.dfsg.1-6+weasel_i386.deb) ...
Unpacking replacement heimdal-kdc ...
Setting up heimdal-kdc (0.7.2.dfsg.1-6+weasel) ...
[EMAIL PROTECTED]:/tmp/buildd# tail -n 2 /etc/inetd.conf
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
What happens is that --disable does not touch commented lines, as my
short changelog entry explained. So from
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
the prerm makes
#<off># kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
#<off># krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
and my postinst enables it back to
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
And from
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
#krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
we end up at
#<off># kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
#krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
and back at
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
#krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
after the postinst.
> Peter is mistaken, add_servers is only called if "$2" is empty - i.e. on an
> initial installation.
Am not:
[EMAIL PROTECTED]:~# tail -n 2 /etc/inetd.conf
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
[EMAIL PROTECTED]:~# dpkg -s heimdal-kdc | grep Version
Version: 0.7.2.dfsg.1-6
[EMAIL PROTECTED]:~# dpkg -i heimdal-kdc_0.7.2.dfsg.1-7_i386.deb #
with set -x in its postinst
(Reading database ... 18095 files and directories currently installed.)
Preparing to replace heimdal-kdc 0.7.2.dfsg.1-6 (using
heimdal-kdc_0.7.2.dfsg.1-7_i386.deb) ...
Unpacking replacement heimdal-kdc ...
Setting up heimdal-kdc (0.7.2.dfsg.1-7) ...
+ . /usr/share/debconf/confmodule
++ '[' '!' '' ']'
++ PERL_DL_NONLAZY=1
++ export PERL_DL_NONLAZY
++ '[' '' ']'
++ exec /usr/share/debconf/frontend
/var/lib/dpkg/info/heimdal-kdc.postinst configure 0.7.2.dfsg.1-6
+ . /usr/share/debconf/confmodule
++ '[' '!' 1 ']'
++ '[' -z '' ']'
++ exec
++ '[' '' ']'
++ exec
++ DEBCONF_REDIR=1
++ export DEBCONF_REDIR
+ '[' '!' -f /var/log/heimdal-kdc.log ']'
+ '[' '!' -f /etc/heimdal-kdc/.configured ']'
+ '[' '!' -f /etc/heimdal-kdc/.configured ']'
+ case "$1" in
+ '[' -n 0.7.2.dfsg.1-6 ']'
+ add_servers
+ kadmin_entry='kerberos-adm stream tcp nowait root
/usr/sbin/tcpd /usr/lib/heimdal-servers/kadmind'
+ hprop_entry='#krb_prop stream tcp nowait root
/usr/sbin/tcpd /usr/sbin/hpropd'
+ update-inetd --group KRB5 --add 'kerberos-adm stream tcp nowait
root /usr/sbin/tcpd /usr/lib/heimdal-servers/kadmind'
+ update-inetd --group KRB5 --add '#krb_prop stream tcp nowait
root /usr/sbin/tcpd /usr/sbin/hpropd'
+ '[' -x /etc/init.d/heimdal-kdc ']'
+ update-rc.d heimdal-kdc defaults
++ which invoke-rc.d
+ '[' -x /usr/sbin/invoke-rc.d ']'
+ invoke-rc.d heimdal-kdc start
[EMAIL PROTECTED]:~# tail -n 2 /etc/inetd.conf
kerberos-adm stream tcp nowait root /usr/sbin/tcpd
/usr/lib/heimdal-servers/kadmind
krb_prop stream tcp nowait root /usr/sbin/tcpd
/usr/sbin/hpropd
The postinst script reads:
| if [ -n "$2" ]
| then
| add_servers
} -n STRING
} the length of STRING is nonzero
> The disadvantage is that if upgrading from an old version, the old version
> will still disable hprop.
It won't, your current version actually does not break anything. It
just is not entirely clear that this is intentionally, as it is the
add_servers that enables the services.
Peter
--
| .''`. ** Debian GNU/Linux **
Peter Palfrader | : :' : The universal
http://www.palfrader.org/ | `. `' Operating System
| `- http://www.debian.org/
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
