Your message dated Sat, 27 Sep 2014 09:11:53 +0200
with message-id
<f16074c648595e9c21274693c439382c.squir...@aphrodite.kinkhorst.nl>
and subject line Re: Bug#763012: bash: 'dpkg --purge bash' should work, rather
than give this:
has caused the Debian Bug report #763012,
regarding bash: 'dpkg --purge bash' should work, rather than give this:
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
763012: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=763012
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: bash
Version: 4.2+dfsg-0.1+deb7u3
Severity: critical
Tags: security
Justification: breaks the whole system
Dear Maintainer,
Please consider allowing the following to work in (some) situations:
# dpkg --purge bash
dpkg: error processing bash (--purge):
This is an essential package - it should not be removed.
Errors were encountered while processing:
bash
-- System Information:
Debian Release: 7.6
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.17.0-rc1+ (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages bash depends on:
ii base-files 7.1wheezy6
ii dash 0.5.7-3
ii debianutils 4.3.2
ii libc6 2.13-38+deb7u4
ii libtinfo5 5.9-10
Versions of packages bash recommends:
ii bash-completion 1:2.0-1
Versions of packages bash suggests:
pn bash-doc <none>
-- no debconf information
--- End Message ---
--- Begin Message ---
Hi Troy,
On Sat, September 27, 2014 06:56, Troy Benjegerdes wrote:
> Package: bash
> Version: 4.2+dfsg-0.1+deb7u3
> Severity: critical
> Tags: security
> Justification: breaks the whole system
>
> Dear Maintainer,
> Please consider allowing the following to work in (some) situations:
> # dpkg --purge bash
> dpkg: error processing bash (--purge):
> This is an essential package - it should not be removed.
> Errors were encountered while processing:
> bash
> So what, besides the fact it's never really been tested until I just did
> it,is the problem with running an unbashed debian system?
This is expected behaviour because bash is part of the essential set. You
may read more about the essential set in Debian Policy, but in short these
are packages that are ensured to be present on any Debian system.
Although the recent advent of new shells has changed this a bit, this was
surely an obviously correct thing to do in the early days.
One consequence of that is that packages making use of bash do not declare
an explicit dependency on it. This means that you can indeed uninstall it
and no packages will need to be removed. However, of the 10.000's packages
in Debian there are probably thousands that use a !/bin/bash script
somewhere which will then immediately break.
Essential or not, there will always be large numbers of Debian systems
that are going to require bash, so it will always be a top priority of
Debian to address any security issues in it immediately.
Removing bash from the essential set is a herculean task, not impossible,
but definitely not something that needs to be tracked in an RC bug. If you
want to take on that work, you'd probably better start a discussion on
debian-devel.
Cheers,
Thijs
--- End Message ---
