Re: new features in dpkg 1.7.1
Wichert Akkerman wrote:
> We need to have an upgrade path from suidmanager to statoverrides. At
> this moment we don't have that yet; I'm considering adding some magic to
> dpkg 1.7.2 to make it convert the settings from suidmanager into
> statoverides and ake dpkg conflict with suidmanager. Packages will need
> to be updates to use dpkg-statoverride instead in their maintainer
> scripts.
Once we have this upgrade path, dh_suidregister will be phased out. I'm
not quite sure how to do it though. consider this situation:
* package foo contains suid binary bar
* foo calls suidregister in its postinst to register bar and make it
suid
* local admin has used suidregister to override permissions so bar is
not suid
* a new foo is built, that does not use suidregister. So bar is shipped
suid in the package
* the admin upgrades to this package, without upgrading dpkg first. So
a new bar is installed, and suidregister is not called, so it is left
suid. Their local suid.conf changes are ignored.
Not good, and I can't see a good fix, except to make the new version of
foo also call suidregister in its postinst.
> dpkg-shlibdeps has been partially reimplemented and should work a lot
> better new, albeit more slowly. The new code uses objdump instead of ldd
> to generate dependencies which gives you a much more accurate
> representation of what is really needed, and also fixes probems with
> needing to set LD_LIBRARY_PATH or fakeroot interfering. This does mean
> that maintainers will need to use dpkg-shlibdeps for both libraries and
> executables now.
dh_shlibdeps has always called it on binaries. Hasn't dpkg-shlibdeps
always been meant to be used that way? I released a new debhelper
today that phases out the LD_LIBRARY_PATH hack (it depends on the new
dpkg-dev of course).
> This trick is no longer needed now: dpkg-deb reorders the files when
> it creates a package so the maintainer no longer needs to take care
> of this himself.
dh_movefiles no longer does such ordering in the debhelper I released
today.
--
see shy jo
Reply to: