On Wed, 2022-09-28 at 16:40 -0400, Zack Weinberg wrote: > On 2022-09-28 3:45 PM, Ansgar wrote: > > On Wed, 2022-09-28 at 15:39 -0400, Zack Weinberg wrote: > > > On 2022-09-28 3:29 PM, Ansgar wrote: > > > > On Wed, 2022-09-28 at 15:22 -0400, Zack Weinberg wrote: > > > > > On 2022-09-28 3:06 PM, Ansgar wrote: > > > > > > Your requirement is that a system must *never* become > > > > > > unbootable in > > > > > > *all* of these states. > > > > > > > > > > Yes, and furthermore I think Debian has required this for many, > > > > > many > > > > > years. > > > > > > > > No, it never did. > > > > > > I told you why I think it does. Unless you can provide _evidence_ > > > that it doesn't, you're not going to change my mind. > > > > Policy makes a special guarantee about essential packages: > > > > +--- > > > Essential is defined as the minimal set of functionality that must > > > be available and usable on the system at all times, even when > > > packages are in the “Unpacked” state. > > +--- > > "Available and usable at all times" is orthogonal to "maintainer scripts > do not render the system unbootable". As I read things, *all* packages > bear the responsibility of not rendering the system unbootable.
No, it's a significantly weaker requirement than what you want to impose. If it is not available and usable at all time, it can clearly render the system unbootable (by not being available or usable at boot). > Naturally, most packages don't need to take particular care to avoid > rendering the system unbootable, since they don't do anything in their > maintainer scripts that would risk that. But some do -- like bash, like > libc6, and like usrmerge -- and so they do need to take extra care, and > have always been expected to do so. Maintainer scripts are only one part; not fully installed packages can make the system unbootable for other reasons as mentioned earlier. As you now only talk about maintainer scripts, are these no longer relevant? > > Please provide evidence that the even harder guarantees you demand are > > made somewhere for a much larger set of packages that are critical for > > boot. And are actually fulfilled in practice. > > I already told you the answer to that question: it's inherent in the > definition of a severity:critical bug. One of the several documented > justifications for that severity is "potentially renders the system > unbootable". I see nothing anywhere that limits the scope of that > justification to essential packages, or to any other subset of the archive. I tried searching for that justification and a major internet search provider just says 'Your search - "potentially renders the system unbootable" - did not match any documents.' Anyway, please send follow-ups not just to me, but the bug tracker and ideally the tech-ctte bug. Ansgar
