Hello Laurant, Hello Andreas, On Wed, 2023-04-12 at 13:43 +0200, Andreas Henriksson wrote: > On Tue, Apr 11, 2023 at 09:37:27AM +0200, bi...@debian.org wrote: > > Package: arno-iptables-firewall > > Version: 2.1.1-7 > > Severity: serious > > Tags: sid bookworm > > User: debhel...@packages.debian.org > > Usertags: systemd-files-in-usr-bookworm > > > > Dear Maintainer, > > > > It seems that your package arno-iptables-firewall is shipping files > > (.service, .socket or > > .timer) in /usr/lib/systemd/system. > [...] > > It seems the package has manually written maintainer scripts (instead > of > letting debhelper generating the proper code): > > ``` > arno-iptables-firewall-2.1.1> grep -R deb-systemd-helper debian/ > debian/postrm: # Remove deb-systemd-helper's state file > debian/postrm: deb-systemd-helper purge > arno-iptables-firewall.service > debian/postinst: deb-systemd-helper enable > arno-iptables-firewall.service > ``` > > So while I think manually written maintscript code should be frowned > upon (since it's a very common source of bugs), I guess this means > this bug is not RC severity?! >
Laurent, as Andreas already pointed out arno-iptables-firewall (AIF) does not make use of dh_installsystemd but instead uses deb-systemd- helper with its maintainer scripts. A quick look into the source code of deb-systemd-helper [1] showed that this tools can deal with a service file stored in /usr/lib/systemd/system. This matches my observation that since arno-iptables-firewall 2.1.1-5 local debci runs using qemu as well as those at the Ubuntu site [2] were processed successfully. Debian's CI [3] unfortunately does not support the isolation-machine restriction, so there are no successful tests logged there. Therefore this bug against arno-iptables-firewall seems like a false negative to me, and I would like to ask you to check my arguments and close the bug eventually. Let me know if you still believe the service file should be moved back to /lib from /usr/lib. Andreas, I am not sure how it might be possible to have everything created automatically by debhelper, especially the part creating an initial configuration from user input might prevent this. If you have any suggestions how to simplify the maintainer scripts I am happy to adopt these. Best, Sven [1] https://sources.debian.org/src/init-system-helpers/1.65.2/script/deb-systemd-helper/#L153 [2] https://autopkgtest.ubuntu.com/packages/arno-iptables-firewall/jammy/amd64 [3] https://ci.debian.net/packages/a/arno-iptables-firewall/ -- GPG Fingerprint 3DF5 E8AA 43FC 9FDF D086 F195 ADF5 0EDA F8AD D585
signature.asc
Description: This is a digitally signed message part
