[snip] > > It should be sufficient to do > > update-rc.d -f portmap remove > > update-rc.d -f lpd remove > > update-rc.d -f bind remove > > As an aside, I did this with proftpd, but when I upgrade the install > scripts restart it. Is there a proper way way to deal with this? Is > there some debian policy relating to it?
I usually divert the package's binary to something else. That way the init script sees that the executable does not exist and therefore doesn't start it. For portmap use something like: dpkg-divert --rename --divert /sbin/portmap.diverted /sbin/portmap Even if the init scripts get put back in place by un upgrade, they are looking for /sbin/portmap and not /sbin/portmap.diverted. :-) Man dpkg-divert for more info. There are several variations one could use on this theme. For an extreme example, you could create an encrypted filesystem (using the Internation Kernel Patch) at, say, /var/lib/local-diversions. The fs would not be mounted under normal circumstances. You would divert files onto that filesystem (make sure it is mounted at the time of diversion and upgrades, though). That way the binaries are only available when needed by an admin. Symlinks could be created for the original names so that init scripts would only work when the encrypted fs is mounted. Now only if there was as nifty a debian tool to make the package system think that a particular package was installed, without actually having it installed. -Garrick James
