[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Bug#766459: debootstrap: should not try to configure

I'm hoping this is not going to be too philosophical, so I'll enlist the facts
first (please let me know if I got any of them wrong):

debootstrap'ing a system fails, because

- chown root:root ... won't work when invoked from base-files' postinst
- version 7.7 of base-files is the first to actually have this call when invoked
  from within (c)debootstrap
- using root:root relies on /etc/passwd and /etc/group being in place and
- /etc/passwd and /etc/group are provided by base-passwd, which is essential

On Mon, Oct 27, 2014 at 11:08:55 +0100, Santiago Vila wrote:
> I'm going to reply to Julien first, then to Michael.
> On Mon, 27 Oct 2014, Julien Cristau wrote:
> > On Mon, Oct 27, 2014 at 08:35:14 +0000, Michael Tautschnig wrote:
> > I agree this should be fixed in base-files.
> Bugs should be fixed where they are. If base-files, or any other
> package, essential or not, can't make a simple chown root:root, then
> it is a bug in whatever package was responsible for making sure that
> the root user exist in a Debian system, base-passwd and debootstrap in
> this case.
> This has worked for ages, and it should continue to work, because
> base-passwd is essential.

So let's see what Debian Policy says in 3.8 Essential packages:

"[...] Since dpkg will not prevent upgrading of other packages while an
essential package is in an unconfigured state, all essential packages must
supply all of their core functionality even when unconfigured. If the package
cannot satisfy this requirement it must not be tagged as essential, and any
packages depending on this package must instead have explicit dependency fields
as appropriate. [...]"

While base-passwd is essential, the question seems to be whether providing
/etc/passwd and /etc/group are its "core functionality." The description of
base-passwd states: "These are the canonical master copies of the user database
files (/etc/passwd and /etc/group), containing the Debian-allocated user and
group IDs."

The package base-passwd, however, will only copy those files into place in its
postinst script. It may thus be argued (if provision of the files is considered
"core functionality") that base-passwd violates policy. Yet it may be impossible
for base-passwd to implement this bit of policy unless unconditionally
overwriting /etc/passwd and /etc/group were deemed acceptable (which it surely
isn't, unless we implement something like /etc/passwd.d/ and /etc/group.d/).

A collection of possible ways forward - feel free to add more:

- base-passwd should no longer be marked essential, but instead base-files
  should depend on it (making base-passwd implicitly essential), hence neither
  would base-passwd be violating policy nor would we any longer face the
  problems in base-files/(c)debootstrap. But maybe other issues arise, which I
  might not be aware of.

- base-files should explicitly depend on base-passwd, because it uses
  functionality that is not considered "core functionality" of base-passwd.

- We ignore the policy violation of base-passwd or consider the use of
  /etc/passwd in base-files use of non-core functionality and hence ignore the
  bug in base-files. Either ignorance will then require working around those
  bugs in (c)debootstrap.


Attachment: pgpln0DLpk_uY.pgp
Description: PGP signature

Reply to: