[Pkg-dns-devel] Bug#816425: unbound: re-enables upstream forwarding
Jakub Wilk
jwilk at debian.org
Tue Mar 1 21:26:54 UTC 2016
Hi Robert!
* Robert Edmonds <edmonds at debian.org>, 2016-03-01, 14:58:
>I just tested an upgrade from 1.5.7-1 to 1.5.7-2. dpkg says:
>
> Installing new version of config file /etc/resolvconf/update.d/unbound ...
>
>But it keeps the permission bits of the old version of the conffile
>(even though I didn't touch them), which is surprising.
Sounds like #192981.
>I'm not entirely sure what the correct way is to migrate the
>permissions on a conffile on an upgrade. Do we maybe need something
>like this in the preinst?
>
> # XXX: Check if upgrading from a version less than 1.5.7-2~, then do:
> if [ -f /etc/default/unbound ]; then
> . /etc/default/unbound
> case "x$RESOLVCONF" in xfalse|x0|xno)
> RESOLVCONF="false"
> *)
> RESOLVCONF="true"
> esac
>
> if ! $RESOLVCONF; then
> if [ -f /etc/resolvconf/update.d/unbound ]; then
> chmod -x /etc/resolvconf/update.d/unbound || true
> fi
> fi
> fi
s/RESOLVCONF/RESOLVCONF_FORWARDERS/g
My slight worry is that people who never edited /etc/default/unbound
would retain forwarding enabled on upgrade, unlike people who installed
the new version afresh. Is that intentional?
I'd rather let the maintainer script abort if chmod fails than to ignore
the error.
>That doesn't help for upgrades from 1.5.7-2, since /etc/default/unbound
>will no longer exist. (Maybe we could specially check
>/etc/default/unbound.dpkg-bak for upgrades from 1.5.7-2? Ugh.)
Yeah, ugh. I don't think there's any pretty solution to this...
--
Jakub Wilk
More information about the pkg-dns-devel
mailing list