The document you linked to is the FAQ, which, while relevant, isn't necessarily regarded as authoritative (the distinctions are probably subtle though and any inconsistency is really a bug). The authoritative document is the Debian Policy Manual, which has a whole chapter dedicated to maintainer scripts. Because that's not all that easy to read, there are helpful diagrams on the wiki which explain the relationships between the maintainer scripts.
Basically, the only script which needs to stop services in the matching package is prerm
; as you point out this script is called when removing the package as well as when upgrading it. An important point in some cases is that it's the prerm
script of the installed package which is used by default; if it fails before an upgrade though, the packaging system will try the upgraded prerm
script too.
preinst
always comes after prerm
during an upgrade, and by the time it's run the services are supposed to be stopped. Some packages' preinst
scripts do try to stop the services again, just to be sure; examples of this include mysql-server-5.6
and timidity
, but there aren't many.
So in summary, you must stop your services in prerm
, and you may do so in preinst
too (although there's no need effectively); you mustn't prefer preinst
over prerm
for this, and you don't need both. I'd just use prerm
.
(Strictly speaking, I should clarify that the Policy Manual is descriptive rather than prescriptive, in that it documents current practice rather than defining it — so it's not as authoritative as you might expect, and practices do evolve before they're documented there. But in this particular case Policy is accurate. While I'm at it, since prerm
knows whether it's being called for an upgrade, it may be tempting to try clever tricks and leave services running until some later script can restart them, in order to reduce service downtime; but that's just asking for trouble.)
"Deleted" is also a valid state for a configuration file that is kept across upgrades, as long as the package is in a state where conffiles remain, such as when the package is removed without purging configuration files.
If the conffile is installed when you install with either --force-confnew
or --force-confmiss
, that is an indication that the conffile was previously registered with dpkg, and is known to be deleted.
Best Answer
This is explained in the “details” section:
preinst
is called withupgrade
and the old and new versions;rc
indpkg -l
’s output),preinst
is called withinstall
and the old and new versions;preinst
is called withinstall
and no version information.Since
preinst
runs before the unpack phase,upgrade
indicates that a previous version of the package’s contents is available, whereasinstall
indicates that no version of the package’s contents is present (other than configuration files). Separately, if version information is provided, that indicates that there might be configuration files needing to be handled.There aren’t many scenarios where the difference between
upgrade
andinstall
is significant, but one that does spring to mind is upgrades that involve exporting data. For example, inupgrade
mode,slapd
’spreinst
exports its databases; it can’t do that ininstall
mode because the appropriate tools aren’t present.