Bug#767999: base-files: fails to install with pre-jessie debootstrap
Control: retitle -1 base-files: fails to install with pre-jessie debootstrap
Control: reassign -1 base-files
Control: found -1 base-files/7.6
Control: tags -1 +patch
(TL;DR: there's a working patch attached)
On Tue, Nov 04, 2014 at 09:04:14AM +0100, Santiago Vila wrote:
> On Tue, Nov 04, 2014 at 01:05:11AM +0100, Adam Borowski wrote:
> > [...]
> > While #766459 fixed debootstrapping with jessie's debootstrap, I'm afraid
> > this doesn't solve most use cases that include upgrading, installation from
> > non-DI or installation in hosting scenarios.
> >
> > For a long time, most versions of debootstrap in use will come from wheezy,
> > Red Hat or some random live-cd. None of those can install jessie :(
> >
> > Thus, I'm afraid that fixing *new* copies of debootstrap is not enough,
> > and this bug needs to be solved in base-files or base-passwd.
>
> For the umpteenth time: This is a bug in debootstrap and that's where
> it should be fixed!!!
Even if it was, there's no way an updated version of debootstrap gets to
machines of a significant part of users. An upload to stable can apply only
to those running an up-to-date version of wheezy.
How do you propose changing debootstrap on already burned CDs? How do you
propose updating squeeze, current and past versions of Ubuntu, Knoppix,
GRML, etc (live CDs often get used to install Debian). Heck, even Red Hat
does include debootstrap packages -- how can you update that? And without
working debootstrap, forget about Debian containers, etc.
> (And you should really read the full logs for Bug#766459 to understand
> this instead of killing the messenger
The guilty party for this bug is either base-files or base-passwd. Neither
dpkg nor debootstrap are at fault: that this problem did not show up before
was an issue akin to relying on hash order.
Thus, it can be possibly fixed only in base-files or base-passwd. By a
literal reading of the policy it's more of a fault of the latter, however I
can't think of a fix there without some REALLY nasty side effects: that
package would need to ship /etc/passwd and /etc/group them somehow divert
them away so it's installed only the first time. On the other hand, it is
easy to work around in base-files' postinst.
> base-files does not do anything which is not allowed by policy).
Policy 3.8.:
# all `essential' packages must supply all of their core functionality even
# when unconfigured
That's the core functionality of base-passwd.
> People who do not understand the essential flag keep filing bugs
> against base-files.
Please point out how I misread policy 3.8.
But, I did manage to prepare a patch that seems to be working.
As it's impossible for an admin to renumber system groups in the middle of
a debootstrap run, it's enough to use numeric values of groups base-files
need (root, staff, mail and utmp). In the patch I'm proposing, these are
used if /etc/group is missing. That's a hack, but a good deal better than
alternatives I can think of.
Meow!
--
// If you believe in so-called "intellectual property", please immediately
// cease using counterfeit alphabets. Instead, contact the nearest temple
// of Amon, whose priests will provide you with scribal services for all
// your writing needs, for Reasonable and Non-Discriminatory prices.
diff -Nurd base-files-7.10/debian/postinst.in base-files-7.10.new/debian/postinst.in
--- base-files-7.10/debian/postinst.in 2014-10-27 13:36:30.000000000 +0100
+++ base-files-7.10.new/debian/postinst.in 2014-11-05 05:35:03.801097773 +0100
@@ -1,12 +1,25 @@
#!/bin/sh
set -e
+# During debootstrap /etc/passwd and /etc/group may not exist yet.
+if [ -f /etc/group ]
+ then
+ STAFF=staff
+ MAIL=mail
+ UTMP=utmp
+ else
+ STAFF=50
+ MAIL=8
+ UTMP=43
+fi
+ROOT=0
+
install_local_dir() {
if [ ! -d $1 ]; then
mkdir -p $1
fi
if [ -f /etc/staff-group-for-usr-local ]; then
- chown root:staff $1 2> /dev/null || true
+ chown $ROOT:$STAFF $1 2> /dev/null || true
chmod 2775 $1 2> /dev/null || true
fi
}
@@ -20,7 +33,7 @@
install_directory() {
if [ ! -d /$1 ]; then
mkdir /$1
- chown root:$3 /$1
+ chown $ROOT:$3 /$1
chmod $2 /$1
fi
}
@@ -58,17 +71,17 @@
install_from_default /usr/share/base-files/dot.bashrc /root/.bashrc
install_from_default /usr/share/base-files/profile /etc/profile
install_from_default /usr/share/base-files/motd /etc/motd
- install_directory mnt 755 root
- install_directory srv 755 root
- install_directory opt 755 root
- install_directory etc/opt 755 root
- install_directory var/opt 755 root
- install_directory media 755 root
- install_directory var/mail 2775 mail
+ install_directory mnt 755 $ROOT
+ install_directory srv 755 $ROOT
+ install_directory opt 755 $ROOT
+ install_directory etc/opt 755 $ROOT
+ install_directory var/opt 755 $ROOT
+ install_directory media 755 $ROOT
+ install_directory var/mail 2775 $MAIL
if [ ! -L /var/spool/mail ]; then
ln -s ../mail /var/spool/mail
fi
- install_directory run/lock 1777 root
+ install_directory run/lock 1777 $ROOT
migrate_directory /var/run /run
migrate_directory /var/lock /run/lock
@@ -93,13 +106,13 @@
if [ ! -f /var/log/lastlog ]; then
echo -n>/var/log/lastlog
fi
- chown root:utmp /var/log/wtmp /var/log/btmp /var/log/lastlog
+ chown $ROOT:$UTMP /var/log/wtmp /var/log/btmp /var/log/lastlog
chmod 664 /var/log/wtmp /var/log/lastlog
chmod 660 /var/log/btmp
if [ ! -f /var/run/utmp ]; then
echo -n>/var/run/utmp
fi
- chown root:utmp /var/run/utmp
+ chown $ROOT:$UTMP /var/run/utmp
chmod 664 /var/run/utmp
fi
@@ -120,7 +133,7 @@
update_to_current_default profile
update_to_current_default nsswitch.conf
if dpkg --compare-versions "$2" lt-nl "7.7"; then
- install_directory mnt 755 root
+ install_directory mnt 755 $ROOT
fi
fi
Reply to: