Bug#568313: dpkg-statoverride

To: 568313@bugs.debian.org
Subject: Bug#568313: dpkg-statoverride
From: Brandon <winterknight@nerdshack.com>
Date: Wed, 3 Feb 2010 18:14:29 -0800
Message-id: <20100203181429.7b77925a@nerdshack.com>
Reply-to: Brandon <winterknight@nerdshack.com>, 568313@bugs.debian.org

> Russ: Policy basically already does that, doesn't it?  It's not
> normative (maybe it should be), but that's how I always read 10.9.1:

I didn't think it forbade it. If that was the intent, I think it should
be clearer.

> Russ: I'd personally be happy to strengthen that to say that you
> should only use dpkg-statoverride in maintainer scripts if you're
> handling dynamic UID/GID file ownership.  I don't see any immediate
> downside to doing so; other changes should be handled directly by the
> permissions set in the *.deb.

That would be great. Then you could close this bug.

> martin: I misunderstood the original intent and thought it was about
> static uids/gids only.

I brought up two things I thought were problems in this report. Then
Russ explained to me exactly why chown/chmod would cause problems in
the postinst script.

> Don: I think this is a holdover from when xcdroast asked a debconf
> question; it's probably a bug that that code is still there... file
> it!

I was going to, but when I re-read the debian policy, I realized that
it doesn't really say you can't use dpkg-statoverride for static
uid/gid, only you must for dynamic uid/gid, so I figured I would get the
policy changed first.

> Don: I don't know about an xsendmail package; sendmail itself doesn't
> do this. (Or at least, it doesn't any more.)

I checked again, and the file is xsendmail, but it is in the xmail
package.

> Don: The reason why I'm asking this question is because before policy
> is changed into a must requirement, someone should have found out
> which packages will be instantly RC buggy.

When I originally filed this bug, I didn't intend to make packages
which use dpkg-statoverride unncessarily to be RC buggy. I suppose,
though, that that is what would happen if this became a required
directive. I'm pretty sure there are a lot of packages that do this.
Dozens, maybe? There are the two I mentioned, and probably w3m-img,
which Russ mentioned above (video is static gid).

Also, I think that the debian policy manual should explain why
dpkg-statoverride is necessary when using dynamic uid/gids, and why it
is necessary when debconf changes permissions. It's probably obvious to
some, but it wasn't to me, and I am sure plenty of other people reading
it.

-Brandon

Attachment: signature.asc
Description: PGP signature

Reply to:

Prev by Date: Bug#568313: Suggestion: forbid the use of dpkg-statoverride in postinst scripts, except for --list
Next by Date: Bug#568374: debian-policy: section "8.4 Development files" not explicit enough regarding libraryname[soversion]-dev
Previous by thread: Bug#568313: Suggestion: forbid the use of dpkg-statoverride in postinst scripts, except for --list
Next by thread: Bug#568374: debian-policy: section "8.4 Development files" not explicit enough regarding libraryname[soversion]-dev
Index(es):
- Date
- Thread