[pkg-fetchmail-maint] Bug#288063: Reopen? /etc/fetchmailrc contains passwords

Jeremy S Bygott jeremy at jsbygott.fsnet.co.uk
Wed Oct 5 15:15:27 UTC 2005


-- Start of PGP signed section.
> Hi,
> * Jeremy S Bygott <jeremy at jsbygott.fsnet.co.uk> [2005-10-05 14:29]:
> > Hi, I see that Nico agreed with the bug report and wrote
> > 
> > 	you are right, it should be deleted. it will be fixed with
> > 	the next upload.
> > 
> > But are we happy about this?  There is at least one reason why
> > fetchmail ( <= 6.2.5-12sarge1 ) does not purge this file. The message
> > in the postrm,
> > 
> >        "Not removing /etc/fetchmailrc ..."
> > 
> > is uninformative but does show that non-deletion was a deliberate
> > decision by the postrm's author.  And in the changelog.Debian.gz for
> > fetchmail (5.7.6-2) we read:
> > 
> >   * Remind user that /etc/fetchmailrc is not removed on package
> >     purge (we don't provide it, after all...)
> > 
> > That seems to be a good and decisive reason!
> 
> [...] 
> Ok, what about a message like:
> echo "In the next step /etc/fetchmailrc will be removed, if 
>       you have any important data in it, backup it and press 
>       [RETURN]"
> 
> After pressing return the file will be removed.
> Regards Nico

This seems like a good compromise.  [Small detail:  s/backup it/back it up/ ]

In general, we don't want too many questions on package install/purge
etc.  But here we want permission to delete a file which may be useless or
important and which doesn't exactly belong to us.  D'accord.

Are there any packaging/policy experts reading this who disagree?  It
would be nice to know what the author of version 5.7.6-2 thought.

You could also have a comment line in the postrm to help people
quickly understand what is going on, something like

# Ask for confirmation because fetchmail doesn't create this file (#288063)






More information about the pkg-fetchmail-maint mailing list