Package: safe-rm Version: 0.2-3 Severity: critical Your usage of dpkg-divert in the maintainer scripts is very dangerous, because there are several situations where the system may be left without a functional /bin/rm:
,----[ safe-rm.preinst ] | if [ install = "$1" ]; then | dpkg-divert --package safe-rm --add --rename --divert /bin/rm.real /bin/rm | ln -s /bin/rm.real /usr/bin/rm | fi `---- Using dpkg-divert --rename on a file that is crucial for the system is fundamentally wrong. If the system crashes between the two commands, it will likely become unbootable. And if unpacking safe-rm fails (think of a full root filesystem), the situation is not much better if /usr is on a separate filesystem. Moreover, the script is not idempotent -- if /usr/bin/rm already exists, the ln command and thus the script will fail. ,----[ safe-rm.postrm ] | if [ remove = "$1" ]; then | dpkg-divert --package safe-rm --remove --rename --divert /bin/rm.real /bin/rm | fi `---- Here the situation is even more critical, because there is no functional rm command at all at the time between removing safe-rm's files and the postrm invocation. If the system crashes or the user interrupts dpkg in between, the system is hosed. Playing such games is not the way to go. Please have a look at the dash and insserv packages for how to safely divert an essential file. -- System Information: Debian Release: lenny/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 2.6.25.10 Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
