Re: non-essential adduser poses problems to purging packages

[Sebastian Ramacher <sramacher@debian.org>]

On 2023-05-07 13:52:50 +0200, Helmut Grohne wrote:
> > With such a change I would have expected upgrade/piuparts tests from
> > bullseye to bookworm that tried to remove adduser a various stages and
> > check for the fallout. Given that Andreas is only doing them now, that's
> > too late for changes to the pseudo-essential set.
> 
> I contend that:
> 
>  1. This change is in unstable since 2022-10-31, i.e. more than half a
>     year.

Tests are only performed now. That is one part of the "too late".

>  2. While having adduser drop from the essential+apt set is caused by
>     apt dropping it, this was an implementation detail and any package
>     using adduser without a dependency was (invisibly) buggy before.

I don't disagree with that. Yet, it's also too late in another sense. We
have at least one postrm script in bullseye that uses delgroup, so the
following fails:

# start from a minimal bullseye chroot
apt install znc
sed -i 's/bullseye/bookworm/' /etc/apt/sources.list
apt update
# install apt and base-passwd from bookworm, remove adduser
apt install apt base-passwd
apt remove adduser
# hey, i don't need znc anymore, let's remove it before doing the upgrade
apt --purge remove znc

Purging configuration files for znc (1.8.2-2+b1) ...
/var/lib/dpkg/info/znc.postrm: 7: delgroup: not found

We won't have another bullseye point release before the release of
bookworm. That's the second part of the "too late".

(Thankfull znc runs delgroup znc || true, but it still leaves cruft.)

This is the first example that I could find after browsing the RC bug
list. There may be others, I haven't checked. 

How many more of cases like the one above are in bullseye that we
wouldn't be able to fix before the release? How many are there, that
would actually fail and not just leave cruft behind?

Cheers
-- 
Sebastian Ramacher