Re: dpkg documentation and howto for the maintscript interface

[Ian Jackson <ian@davenant.greenend.org.uk>]

Justin Pryzby writes ("dpkg documentation and howto for the maintscript interface"):
> http://justinpryzby.com/debian/dpkg/

Thanks.  I took a look at that and skimread much of it and didn't spot
any howlers (although I wasn't doing a detailed technical review).  In
a couple of places you describe behaviours and speculate whether they
were deliberate, and I can confirm they generally are :-).

One thing you have glossed over (perhaps intentionally) is the way
that interrupted operations are handled.  Since it's generally
impossible to guarantee that a program won't be interrupted, it's not
sufficient for the system's integrity to rely on rollback techniques.
Instead, dpkg tries to ensure that the state (as visible and created
via the filesystem syscalls) is always properly recorded and
recoverable.  This also means that it doesn't have to install signal
handlers, saving a lot of complexity.

People packaging critical packages (particularly, Essential ones)
often fail to take this approach and this can lead to unrecoverable
systems if things are interrupted at an untoward moment.

Ian.