Bug#953849: debootstrap: broken runtime (at least in d-i)
Package: debootstrap
Version: 1.0.121
Severity: serious
Justification: RoM
[ Could have been filed against debootstrap-udeb instead, but this might
also break use cases with regular debootstrap too. ]
While reviewing the recent changes in debootstrap (#953759), I was
concerned with commit 7ecd8191c377bc062b5816195dab3e38ab45c17d, which
removes a safeguard without real rationale.
Today, Johannes 'josch' Schauer was working on some autopkgtest to be
added to debian-installer, and detected a failure to install. And this
confirms the fears I expressed on #debian-boot during my quick review:
the safeguard is needed! Without it, one can end up getting an empty
string in that variable, leading to unmounting the whole /target
directory, breaking the installation entirely.
I'll reinstate that safeguard.
Cheers,
--
Cyril Brulebois (kibi@debian.org) <https://debamax.com/>
D-I release manager -- Release team member -- Freelance Consultant
Reply to: