[Logcheck-commits] Frédéric Brière : Support removing even older conffiles in logcheck-database's preinst

Frédéric Brière fbriere-guest at alioth.debian.org
Mon Aug 24 00:28:41 UTC 2009 

Module: logcheck
Branch: master
Commit: 7c0a9db4606434b8366b64f82b31f428228a9237
URL:    http://git.debian.org/?p=logcheck/logcheck.git;a=commit;h=7c0a9db4606434b8366b64f82b31f428228a9237

Author: Frédéric Brière <fbriere at fbriere.net>
Date:   Sun Aug 23 16:24:37 2009 -0400

Support removing even older conffiles in logcheck-database's preinst

Many conffiles have come and gone throughout logcheck's history, and due
to the fact that dpkg did not remove them, these obsolete files are
still left rotting on many installations.  (See bug #453519 for an
example.)

This attempts to delete those files on install/upgrade, after making
sure they have not been "adopted" by another package in the meantime.
If a file is deemed to have been modified, it will be backed up and
subsequently ignored by logcheck.

Since there may no longer be any record of that conffile[*], a list of
past MD5 checksums must be provided in $OLD_CONFFILES.  More than one
checksum is allowed per conffile, as the package may have been upgraded
past the last modification, leaving the conffile in an older state.

Unlike with rm_conffile(), we do bother comparing package versions here,
as the call to dpkg-query --search can be costly.  One single version
check should be enough, as we don't plan (with any luck) to add any
files to that list.

[*] Actually, dpkg will keep a record of that conffile up until the
package is purged, or another package adopts it.

---

 debian/logcheck-database.preinst |   56 +++++++++++++++++++++++++++++++++++++-
 1 files changed, 55 insertions(+), 1 deletions(-)

diff --git a/debian/logcheck-database.preinst b/debian/logcheck-database.preinst
index c2d6589..a7e3eca 100644
--- a/debian/logcheck-database.preinst
+++ b/debian/logcheck-database.preinst
@@ -18,10 +18,22 @@ set -e
 # deleted (or backed away) at the next upgrade.
 #
 # Conffiles must be listed here from the very moment of their removal; adding
-# them later on will not work correctly.
+# them later on will not work correctly.  If you ever forget, you'll need to
+# add them to OLD_CONFFILES below, instead.
 
 REMOVED_CONFFILES=""
 
+# List of conffiles which were once part of this package a long time ago, and
+# have never been cleaned up properly.  They will be removed if they are still
+# around, unclaimed, and match any specified MD5 checksum.
+#
+# Each line contains one filename, followed by one or many MD5 checksums, all
+# separated by whitespace.  When adding files to this list,
+# OLD_CONFFILES_VERSION needs to be bumped up to the current version.
+
+OLD_CONFFILES_VERSION="1.3.4"
+OLD_CONFFILES=""
+
 
 # Copied from <http://wiki.debian.org/DpkgConffileHandling>
 rm_conffile() {
@@ -46,6 +58,33 @@ rm_conffile() {
     fi
 }
 
+# Delete an old forgotten conffile if it's still around and unclaimed, and
+# matches one of any MD5 checksums.  If no checksum matches, it will be
+# backed up and move aside.
+rm_old_conffile() {
+    local PKGNAME="$1"
+    local CONFFILE="$2"
+    shift 2
+
+    [ -e "$CONFFILE" ] || return 0
+
+    # Leave that file alone if it now belongs to another package
+    dpkg-query --search "$CONFFILE" >/dev/null 2>&1 && return 0
+
+    local md5sum="$(md5sum $CONFFILE | sed -e 's/ .*//')"
+    for OLD_MD5SUM in "$@"; do
+        if [ "$md5sum" = "$OLD_MD5SUM" ]; then
+            echo "Removing obsolete conffile $CONFFILE ..."
+            rm -f "$CONFFILE"
+            return
+        fi
+    done
+
+    echo "Obsolete conffile $CONFFILE has been modified by you."
+    echo "Saving as $CONFFILE.dpkg-bak ..."
+    mv -f "$CONFFILE" "$CONFFILE".dpkg-bak
+}
+
 
 case "$1" in
     install|upgrade)
@@ -56,6 +95,21 @@ case "$1" in
                 rm_conffile logcheck-database "$CONFFILE"
             done
         fi
+
+        # Remove $OLD_CONFFILES on a new install, or when upgrading
+        # from an old version.
+        if dpkg --compare-versions "$2" lt "$OLD_CONFFILES_VERSION"; then
+            echo "$OLD_CONFFILES" | while read CONFFILE MD5SUMS; do
+                if [ "$2" ]; then
+		    # It's actually quite possible that the file still
+		    # "belongs" to us, and that we can avoid a costly call to
+		    # dpkg-query --search.
+                    rm_conffile logcheck-database "$CONFFILE"
+                fi
+
+                rm_old_conffile logcheck-database "$CONFFILE" $MD5SUMS
+            done
+        fi
     ;;
 
     abort-upgrade)

More information about the Logcheck-commits mailing list