On Fri, 21 Jun 2024 20:27:56 +0200 Helmut Grohne <hel...@subdivi.de>
wrote:
> Package: debian-policy
> Version: 4.7.0.0
> X-Debbugs-Cc:
bl...@debian.org,m...@debian.org,mbi...@debian.org,z...@debian.org
> 
> Hi,
> 
> given the progress we have made with /usr-move and DEP17, I think it
is
> time to consider encoding the changes into policy. As of this
writing,
> there are 216 source packages in unstable that still install into
> aliased locations and their number has been dropping since a while.
All
> but very few packages have bug reports of important severity and will
> have their severity upgraded to serious on August 6th.
> 
> Generally speaking DEP17 says that no package should install any
files
> below /bin/, /lib*/ and /sbin/. Doing so would amount to a symlink vs
> directory conflict between base-files which now installs symlinks at
the
> relevant locations. What happens with these locations depends on the
> order of unpacks. In many cases, this is not a problem, because
> base-files is essential and thus unpacked early. Other than that,
> running dpkg-deb -x foo.deb / causes these symlinks to be overwritten
> with actual directories possibly breaking the installation. We
currently
> have mitigations for these problems in place and plan to drop them
after
> trixie.
> 
> For these reasons, I propose changing section 10.1 and encoding the
> avoidance of symlink vs directory conflicts into policy. To get a
> discussion going, I suggest the following update.
> 
> - To support merged-/usr systems, packages must not install files in
both
> - /path and /usr/path. For example, a package must not install both
> - /bin/example and /usr/bin/example.
> + Since base-files implements mandatory merged-/usr by installing the
> + aliasing symbolic links, other packages must not install files into
> + aliased paths such as /bin, /lib, /lib* or /sbin. The package
manager is
> + not prepared to deal with such aliasing and in prohibiting the
> + installation into aliased locations, we avoid triggering undefined
> + behaviour. Conversely, packages may assume that /bin, /lib and
/sbin are
> + symlinks at all times and that their files below /usr/bin, /usr/lib
and
> + /usr/sbin are also accessible via their aliased locations.

Seconded

-- 
Kind regards,
Luca Boccassi

Attachment: signature.asc
Description: This is a digitally signed message part

Reply via email to