[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#988299: shim-signed: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE

Package: shim-signed
Version: 1.34~1+deb10u1+15.4-2~deb10u1
Severity: serious
User: debian-qa@lists.debian.org
Usertags: piuparts


an upgrade test with piuparts revealed that your package installs files
over existing symlinks and possibly overwrites files owned by other
packages. This usually means an old version of the package shipped a
symlink but that was later replaced by a real (and non-empty)
directory. This kind of overwriting another package's files cannot be
detected by dpkg.

This was observed on the following upgrade paths:

  buster -> buster-proposed-updates

For /usr/share/doc/PACKAGE this may not be problematic as long as both
packages are installed, ship byte-for-byte identical files and are
upgraded in lockstep. But once one of the involved packages gets
removed, the other one will lose its documentation files, too,
including the copyright file, which is a violation of Policy 12.5:

For other overwritten locations anything interesting may happen.

Note that dpkg intentionally does not replace directories with symlinks
and vice versa, you need the maintainer scripts to do this.
See in particular the end of point 4 in

It is recommended to use the dpkg-maintscript-helper commands
'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14)
to perform the conversion, ideally using d/$PACKAGE.maintscript.
See dpkg-maintscript-helper(1) and dh_installdeb(1) for details.

>From the attached log (scroll to the bottom...):

0m27.4s ERROR: FAIL: silently overwrites files via directory symlinks:
  /usr/share/doc/shim-signed/NEWS.Debian.gz (shim-signed:amd64) != /usr/share/doc/shim-signed-common/NEWS.Debian.gz (?)
    /usr/share/doc/shim-signed -> shim-signed-common
  /usr/share/doc/shim-signed/changelog.gz (shim-signed:amd64) != /usr/share/doc/shim-signed-common/changelog.gz (shim-signed-common)
    /usr/share/doc/shim-signed -> shim-signed-common
  /usr/share/doc/shim-signed/copyright (shim-signed:amd64) != /usr/share/doc/shim-signed-common/copyright (shim-signed-common)
    /usr/share/doc/shim-signed -> shim-signed-common



Attachment: shim-signed_1.34~1+deb10u1+15.4-2~deb10u1.log.gz
Description: application/gzip

Reply to: