Hi, On Sat, Jul 06, 2024 at 06:29:20PM +0200, Chris Hofstaedtler wrote: > every so often packages install different, unrelated programs into > different directories on the PATH. This often goes unnoticed for a > long time, thus changing it later becomes harder. > > I think policy already forbids this with the existing wording in > 10.1 - it says "filenames" and not "paths". I think this should be > made more explicit. > > Today this is *in Debian* often "only" a problem for the root user, > which has /sbin on the default PATH. But some of our downstreams > always have /sbin on the PATH, and it also seems adding /sbin is a > popular customization, etc.
I welcome this change having been bitten by this myself. The current behaviour is surprising in a bad way. > diff --git a/policy/ch-files.rst b/policy/ch-files.rst > index b34c183..40bfa42 100644 > --- a/policy/ch-files.rst > +++ b/policy/ch-files.rst > @@ -7,7 +7,9 @@ Binaries > -------- > > Two different packages must not install programs with different > -functionality but with the same filenames. (The case of two programs > +functionality but with the same filenames. This also applies when they > +are installed into different directories on the default (user or root) > +``PATH``. (The case of two programs > having the same functionality but different implementations is handled > via "alternatives" or the "Conflicts" mechanism. See > :ref:`s-maintscripts` and I second the change and the wording, but caution on the order and timing. I recommend filing all relevant problems as a MBF prior to changing policy. You may use dumat to gauge this problem: SELECT * FROM content AS c1 JOIN content AS c2 JOIN package AS p1 JOIN package AS p2 WHERE c1.filename LIKE 'bin/%' AND c2.filename LIKE 'sbin/%' AND 's' || c1.filename = c2.filename AND c1.pid = p1.id AND c2.pid = p2.id AND p1.name != p2.name; You may download a suitable DB from https://subdivi.de/~helmut/dumat.sql.zst.removethis (link intentionally broken to prevent crawlers) or generate one yourself using dumat. You shall see less than 700 occurrences with significant repetition, so I expect fewer than 50 bug reports. Once these bugs are filed and have their severity upgraded to at least important, I have no objections on including the change in policy. I do not intend to perform this work. Helmut
signature.asc
Description: PGP signature
