Source: backuppc Version: 4.4.0-4 Severity: important Tags: patch bookworm sid User: reproducible-bui...@lists.alioth.debian.org Usertags: usrmerge X-Debbugs-Cc: reproducible-b...@lists.alioth.debian.org
If backuppc is built on a merged-/usr system (as created by new installations of Debian >= 10, debootstrap --merged-usr, or installing the usrmerge package into an existing installation), the path to ping6 is recorded in the binary as /usr/bin/ping6. This can be seen on the reproducible-builds.org infra: https://tests.reproducible-builds.org/debian/rb-pkg/unstable/amd64/diffoscope-results/backuppc.html (search for "ping6" to see the difference I'm concerned about). If you have sbuild available, an easy way to reproduce this is to build twice, once with --add-depends-arch=usrmerge and once without. The problematic situation is if the package is *built* on a merged-/usr system, but *used* on a non-merged-/usr system. In this situation, /usr/bin/ping6 exists on the build system but not on the system where backuppc will be used, resulting in the feature that uses ping6 not being available. Technical Committee resolution #978636 mandates heading towards a transition to merged-/usr, and this will become a non-issue at the end of that transition; but variation between merged-/usr and non-merged-/usr builds is a problem while that transition is taking place, because it can lead to partial upgrades behaving incorrectly. It is likely that this class of bugs will become release-critical later in the bookworm development cycle. Some Debian developers advocate that instead of merged-/usr, we should use a different strategy where /bin becomes a "symlink farm" with individual symlinks such as /bin/ping6 -> /usr/bin/ping6. If that route is taken instead of merged-/usr, then resolving bugs like this one will be equally important as part of that transition, because it shares the property that both /bin/ping6 and /usr/bin/ping6 exist after the transition, but only /bin/ping6 exists on untransitioned systems. The attached patch resolves this: with it applied, the package builds identically with and without --add-depends-arch=usrmerge. A side benefit of fixing this is that this change seems to be sufficient to make the package reproducible (as recommended by Policy ยง4.15). smcv
>From 7a89355ff53e827de8f3a5b91f7ebb79d47ad1c6 Mon Sep 17 00:00:00 2001 From: Simon McVittie <s...@debian.org> Date: Sat, 21 Aug 2021 18:26:59 +0100 Subject: [PATCH] d/rules: Specify canonical path to ping6 If backuppc is built on a merged-/usr system where both /usr/bin/ping6 and /bin/ping6 exist, it will hard-code the former into configuration, resulting in configuration that will not work correctly when used on non-merged-/usr systems. Forcing the canonical path will make it work on any combination of merged-/usr and non-merged-/usr build and runtime systems. Signed-off-by: Simon McVittie <s...@debian.org> --- debian/rules | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/debian/rules b/debian/rules index eabbf04..8b66440 100755 --- a/debian/rules +++ b/debian/rules @@ -34,7 +34,8 @@ override_dh_install: --bin-path sendmail=/usr/sbin/sendmail \ --bin-path hostname=/bin/hostname --bin-path split=/usr/bin/split \ --bin-path par2=/usr/bin/par2 --bin-path cat=/bin/cat \ - --bin-path gzip=/bin/gzip --bin-path bzip2=/bin/bzip2 + --bin-path gzip=/bin/gzip --bin-path bzip2=/bin/bzip2 \ + --bin-path ping6=/bin/ping6 mv -f debian/backuppc/usr/share/backuppc/cgi-bin/* debian/backuppc/usr/share/backuppc/lib/realindex.cgi install --mode=755 index.cgi debian/backuppc/usr/lib/backuppc/cgi-bin install --mode=755 debian/BackupPC_deleteFile debian/backuppc/usr/share/backuppc/bin -- 2.33.0
