On Tue, May 02, 2023 at 02:09:32PM +0200, Helmut Grohne wrote: > This is problems we know about now, but it likely is not an exhaustive > list. This list was mostly guided by Guillem's intuition of what could > break at https://wiki.debian.org/Teams/Dpkg/MergedUsr and I have to say > that his intuition was quite precise thus far. Notably missing in the > investigation are statoverrides. However, we should also look for a more > generic approach that tries capturing unexpected breakage.
I mentioned statoverrides as missing. I think we can split statoverrides into the two classes "package changes" and "admin changes". Quite obviously, moving files, will break admin changes. I see little ways around this, we can partially mitigate this by detecting common statoverrides and migrating them automatically, but in the end, we'll probably have to explain issues with admin-initiated statoverrides in the release notes. For package changes, the good thing is that statoverrides usually change stats of files owned by the package initiating them. Thus a package moving files can also move statoverrides (though this again means that automatic moves e.g. by debhelper must be opt-in in order to avoid breaking stuff). For getting an idea of the scope, we can use https://binarycontrol.debian.net/?q=dpkg-statoverride.*+%2F%28bin%7Csbin%7Clib%7Clib32%7Clib64%7Clibo32%7Clibx32%29&path=%2Funstable%2F * fuse and fuse3 adapt to an admin initiated statoverride of /bin/fusermount. * nfs-common cleans an obsolete dpkg-statoverride of /sbin/mount.nfs * systemd-cron adds a statoverride for /lib/systemd-cron/crontab_setgid and needs to migrate it with its files. * yp-tools adds a statoverride for /sbin/unix_chkpwd and needs to migrate it with its files. I also tried installing all packages that contain dpkg-statoverride in any of their maintainer scripts and capturing the resulting statoverride file. That doesn't yield anything unexpected thus far, but it also hasn't completed yet. I'll reply to this message with findings if there are any beyond the ones above. So statoverides seem quite similar to the diversions induced by dash: Mostly harmless if handled correctly while moving the files, but we cannot just move the files in an opt-out fashion. Beyond that we need to augment release notes to ask admins to carefully update their local statoverrides (and local diversions). Helmut
