Your message dated Sun, 24 Dec 2023 00:21:04 +0000
with message-id <e1rhceq-005lfq...@fasolo.debian.org>
and subject line Bug#1057220: fixed in systemd 255.1-2
has caused the Debian Bug report #1057220,
regarding systemd-sysv: may loose files in upgrade from bookworm
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
1057220: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1057220
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: systemd-sysv
Version: 255~rc1-4
Severity: serious
Justification: silent file loss in upgrade
User: helm...@debian.org
Usertags: dep17p7
Hi Luca and Michael et al,
while preparing patches for molly-guard, I figured an upgrade file loss
scenario for systemd-sysv. This is unfortunate on multiple accounts and
I cannot offer a solution at this time.
Let me start with a reproducer and move on to an explanation.
mmdebstrap \
bookworm \
/dev/null \
http://deb.debian.org/debian \
--variant=apt \
--include=molly-guard,systemd-sysv \
--customize-hook='sed -i -e s/bookworm/sid/ "$1/etc/apt/sources.list"' \
--chrooted-customize-hook="apt update" \
--chrooted-customize-hook='apt-get -y upgrade --with-new-pkgs' \
--chrooted-customize-hook='apt-get download libsystemd-shared
libsystemd0 libudev1 systemd systemd-sysv' \
--chrooted-customize-hook='echo "molly-guard:all deinstall" | dpkg
--set-selections' \
--chrooted-customize-hook='dpkg --auto-deconfigure --unpack *.deb' \
--chrooted-customize-hook="dpkg --configure -a" \
--customize-hook='ls -la "$1/usr/sbin/halt"'
In testing the molly-guard patches I noticed an odd behaviour.
Occasionally, dpkg would unpack sid's systemd-sysv before removing or
upgrading bookworm's molly-guard. This is surprising given that
systemd-sysv declares versioned Conflicts for molly-guard. I reduced
this into a minimal test case and discussed it with Guillem Jover. He
suggested that this behaviour is covered by debian policy section §6.6
and after reading it over and over, I agree. I now consider the
explanation of Conflicts in §7.4 misleading. Since apt developers were
also surprised, I filed #1057199 against debian-policy to ask for
clarification. That said, we won't be changing how dpkg works in
bookworm and hence have to find a solution that works with the current
implementation. Fundamentally, we allow unpacking a package (e.g.
systemd-sysv) while conflicting packages are still installed as long as
those conflicting packages are scheduled for (temporary or permanent)
removal.
Hence the test case above crafts a bookworm installation containing both
systemd-sysv and molly-guard. It then proceeds to upgrading systemd-sysv
and removing molly-guard. While this is a bit of an artificial
reproducer bypassing apt, I managed to reproduce this with apt in more
complex upgrades. While the moratorium is formally lifted, the release
team still classifies file loss due to /usr-merge as RC bugs.
Let me stress that this scenario does not involve a molly-guard from
trixie or sid. It relies purely on the molly-guard released with
bookworm. So there is nothing that molly-guard can do to assist here. A
similar situation happens when upgrading molly-guard rather than
removing it. The updated molly-guard.preinst is only run after
systemd-sysv has been unpacked and files have been lost.
I appreciate ideas, proof of concepts and other forms of help. I do
request patience with uploading a fix though. I've got the molly-guard
patch wrong about four times already. Please let us pass a solution
through review and extensive testing before uploading.
Helmut
--- End Message ---
--- Begin Message ---
Source: systemd
Source-Version: 255.1-2
Done: Michael Biebl <bi...@debian.org>
We believe that the bug you reported is fixed in the latest version of
systemd, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 1057...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Michael Biebl <bi...@debian.org> (supplier of updated systemd package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 24 Dec 2023 00:52:15 +0100
Source: systemd
Architecture: source
Version: 255.1-2
Distribution: experimental
Urgency: medium
Maintainer: Debian systemd Maintainers
<pkg-systemd-maintain...@lists.alioth.debian.org>
Changed-By: Michael Biebl <bi...@debian.org>
Closes: 1057220 1057953 1059278
Changes:
systemd (255.1-2) experimental; urgency=medium
.
[ Michael Biebl ]
* Upgrade the Breaks to Conflicts for the systemd-ukify package split.
This avoids potential loss of the /usr/lib/systemd/ukify compat symlink
for upgrades from bookworm-backports.
* Update package description of libnss-myhostname to use the correct IPv4
address (Closes: #1057953)
* resolved: actually check authenticated flag of SOA transaction.
Patch cherry-picked from upstream Git.
CVE-2023-7008 (Closes: #1059278)
* Explicitly disable ukify for stage1 builds
* Enable dh-exec for systemd.manpages and udev.install.
This enables files to be installed specific to certain architectures or
build profiles. Unfortunately for systemd.manpages this requires to add a
debian/tmp/ prefix to all files.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1053834#46
* Restrict pcr/tpm2 related files to UEFI architectures.
Mirrors the python3-pyelftools [amd64 i386 arm64 armhf riscv64]
Build-Depends.
* Install dmi_memory_id and its udev rules file only on dmi architectures.
* Fix stage1 profile build
.
[ Helmut Grohne ]
* Restore diverted symlinks in systemd-sysv.postinst that may have been lost
due to /usr-merge (Closes: #1057220)
Checksums-Sha1:
6c001336a543b351314f71953b8e829ca7ce0544 6958 systemd_255.1-2.dsc
62411f6e1bba32ae12e3ad53bbf7a09e911fc565 169788 systemd_255.1-2.debian.tar.xz
922c3d05489c25289b89068f90c5b015feb81333 11546 systemd_255.1-2_source.buildinfo
Checksums-Sha256:
e8e7323c18f95e752adf56c6cf0d1a3dd10cd2de5fcef325aabb09485595e0d8 6958
systemd_255.1-2.dsc
f5dd2274d9d1aeff0f7338c18d07affaef4f58c6a769e5ab2d260afb0212f154 169788
systemd_255.1-2.debian.tar.xz
6b23525d951184314c387b2866df2fd7a7df766469c94f9f45180d0f29db9be1 11546
systemd_255.1-2_source.buildinfo
Files:
77552ecf7cd0fe9926c77bdd77f21eee 6958 admin optional systemd_255.1-2.dsc
2988d076267bcada1afbbfc74efd46df 169788 admin optional
systemd_255.1-2.debian.tar.xz
ccc4e33955e4b7f3b91d01bae2a75b31 11546 admin optional
systemd_255.1-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEECbOsLssWnJBDRcxUauHfDWCPItwFAmWHdnMACgkQauHfDWCP
ItzWhQ/9E104fkjOXFE9YOmg+wqYDK9KKw49ZHoady4Oj9iHv1QPH7Yc+plEhmae
Ee06DO64oUmUQy89aN5asxN9dhqhgQzkNvSW9hBGJYzWJU8mzBHapudc73IH79ph
SLaDA/NJTpxG3B7Bxuk02VzuxpZSSGtTTdzMGF5mDTL5iY40Whnd86Tqfxv+HxT0
5uMRyJgKOwpFuFqePfrtyjCqDCISiCHzzeyB0xy3ttl8W02LTkQqM/YSPV1THtWg
m5QzjiLE1WsPUJULtEpvKVkN5ioyjF6pN+PLsUZu9M8mrHzs8mHAbgIufsJsRtUF
pjW+0WVruII+IWbG1uNh1jSlPriq5dyMSK2WVNKdzBPcBN4Zif0GhlS8wPSaLHNl
w0M/cKm/OPlmTuOIKr19kFM9OfjfvKqlbBrrJQBxutfLBfwYUqJu36rlUZ/wbpB7
n5aa7YkKHT/JgxXw+MGCpjYJmaI4c5k6iaAPhpwTJ5nGWNTgZzziPF6D53O3DgA5
2g/MvEU3psUfxBgdcg5cO453S+0JKsV3ruGwVaJYWbeBeKINtocigN+AkHAzPD+O
JpbFjQdjaCSzilS0hSNYNqGnCy5xFM6Mc/tjIE/LZ3lLCO++2Bc9t+L3868GnKIm
FiEHwyqNYP50GXkIwd/de00HJlFplnWVB6F6rjBVWz4GaVl0TjQ=
=6vPL
-----END PGP SIGNATURE-----
--- End Message ---
