Bug#935728: stretch-pu: package safe-rm/0.12-2+deb9u1

Sun, 25 Aug 2019 10:15:26 -0700 

Package: release.debian.org
Severity: normal
Tags: stretch
User: release.debian....@packages.debian.org
Usertags: pu

safe-rm/stretch causes havoc if installed in a merged /usr environment
because of the way it handles /bin/rm (#759410) - this has significantly
improved in buster.
Merged /usr stretch environments should be quite rare - you need
debootstrap from buster to create one. But I use them for tests in
piuparts. So maybe other developers use them as well.
For safe-rm I'd like to add a preinst that prevents installation in such
an environment - instead of breaking it by killing /bin/rm.
Having it error out explicitly is much better than investigating the
spurious failures occuring in "random" places after its installation.
The maintainer has acknowledged this approach for stretch.


Andreas

diff -Nru safe-rm-0.12/debian/changelog safe-rm-0.12/debian/changelog
--- safe-rm-0.12/debian/changelog       2016-01-19 18:25:20.000000000 +0100
+++ safe-rm-0.12/debian/changelog       2019-08-25 17:24:42.000000000 +0200
@@ -1,3 +1,10 @@
+safe-rm (0.12-2+deb9u1) stretch; urgency=medium
+
+  * Prevent installation in (and thereby breaking of) merged /usr
+    environments.  (See: #759410)
+
+ -- Andreas Beckmann <a...@debian.org>  Sun, 25 Aug 2019 17:24:42 +0200
+
 safe-rm (0.12-2) unstable; urgency=medium
 
   * Add Brazilian debconf translation (closes: #811536)
diff -Nru safe-rm-0.12/debian/preinst safe-rm-0.12/debian/preinst
--- safe-rm-0.12/debian/preinst 2016-01-19 18:25:20.000000000 +0100
+++ safe-rm-0.12/debian/preinst 2019-08-25 17:24:03.000000000 +0200
@@ -17,6 +17,14 @@
 
 case "$1" in
     install|upgrade)
+       # Prevent installation of safe-rm in a merged /usr environment because
+       # that would break (permanently delete) the original (/usr)/bin/rm
+       # This is fixed in buster. (#759410)
+       if [ -h /bin ] && [ "$(readlink -f /bin)" = "$(readlink -f /usr/bin)" 
]; then
+               echo "safe-rm (stretch) cannot be installed in a merged /usr 
environment"
+               exit 1
+       fi
+
        # Checking for old versions of safe-rm and cancelling the upgrade
        if [ -e /bin/safe-rm ] ; then
                db_get safe-rm/abort_upgrade

Reply via email to