On Wed, May 23, 2007 at 11:49:43PM +0100, Steve Kemp wrote: Hello, > For example running the following: > > echo "#!/bin/sh" > /usr/sbin/policy-rc.d > echo "exit 101" >> /usr/sbin/policy-rc.d > chmod 755 /usr/sbin/policy-rc.d > > This *should* mean that local init scripts won't work. > > This means you'd expect running: > > /etc/init.d/ssh stop > /etc/init.d/ssh start
You make small mistake. policy-rc.d don't work if you call init scripts directly. All dpkg pre- and post- install scripts should use /usr/sbin/invoke-rc.d. Excerpt from invoke-rc.d(8) man page: invoke-rc.d is a generic interface to execute System V style init script /etc/init.d/name actions, obeying runlevel constraints as well as any local policies set by the system administrator. All access to the init scripts by Debian packages’ maintainer scripts should be done through invoke-rc.d. ... > Should result in having no sshd process running - the stop should stop > the running daemon. Then the startup should be prohibited by our > policy-rc.d file - however it still starts. It wont start if you use invoke-rc.d, as package post-install script should use. Kupson
