Scott Ellis <[EMAIL PROTECTED]> writes: > I HAVEN'T HEARD ANY REASONS WHY UTMP CORRUPTION IS SO EVIL THAT WE > NEED TO MAKE ANYONE WHO WANTS TO RUN A FEW LIBC6 PROGRAMS ON BO GO > THROUGH HELL.
Say you're an ISP running Debian (bo) on a bunch of machines (and these people do exist). Now say you take dpkg and add libc6 because you want the latest proftpd, and at the same time decide you want the latest rxvt (for whatever reason). Now, without any warning from dpkg (with your suggested approach), you have a broken system where it's no longer possible to tell who's currently logged in or even who was logged in in the past. That data is lost. This is not likely to make us any friends. The only possible approach I can see (other than what we're doing now) would be to force all the libc6 packages that touch utmp to carry the "wtmp compatible libc5" dependency. Then upgrading one of those would force you to upgrade libc5. But determining what belongs in that list without a source search may be non-trivial. > If you don't upgrade anything that deals with utmp to libc6, you > don't have any problems). The problem is that maybe *you* know what packages those are, but most users expect to be able to upgrade without major system services breaking if dpkg/dselect doesn't indicate that there's a problem. Your approach would cause silent failures. Imagine that (given the eariler example) the ISP upgrades the stuff, then a week later realizes that someone may be trying to hack their system. The go to "who" (and friends) to see what's going on, and they get an empty listing. This is going to cause someone to need heartburn medication. (Hope I've got my facts straight and I'm not overlooking something obvious.) -- Rob Browning <[EMAIL PROTECTED]> PGP fingerprint = E8 0E 0D 04 F5 21 A0 94 53 2B 97 F5 D6 4E 39 30 -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
