Hi,
Le 2024-12-30 21:38, Nikolaus Rath a écrit :
If a system crashed while dpkg was installing a package, then my
assumption has always been that it's possible that at least this
package
is corrupted.
The issue here is that without the fsync there is a risk that such
corruption occurs even if the system crashes _after_ dpkg has finished
(or finished installing a package).
What happens in that case is that the metadata (file/link creations,
renames, unlinks) can be written to the filesystem journal several
seconds before the data is written to its destination blocks. But for
security reasons the length of the created file is only updated after
the data is actually written. This is why instead of getting files with
random corrupted data you get truncated files if the crash or power loss
occurs between both writes.
There is no way to know which are the "not fully written" packages in
these cases, short of verifying all installed files of all
(re)installed/down/upgraded packages of recent runs of dpkg (which could
be a feature worth having on a recovery bootable image).
Cheers,
--
Julien Plissonneau Duquène
