Bug#1095202: nfs-common: file loss in upgrade due to /usr-move (DEP17 P1)

[Helmut Grohne <helmut@subdivi.de>]

Package: nfs-common
Version: 1:2.8.2-2~exp1
Severity: serious
Justification: file loss in upgrade scenario
Tags: patch
User: helmutg@debian.org
Usertags: dep17p1

Hi Salvatore,

thanks for raising nfs-common ahead of upload and going via
experimental. Indeed, dumat flags
/usr/lib/systemd/system/nfs-blkmap.service as a file possibly lost in an
upgrade. To experience this loss, you should install nfs-kernel-server
from bookworm and then unpack nfs-common from experimental before
upgrading nfs-kernel-server.

I am proposing a composite mitigation. Upgrading Breaks+Replaces to
Conflicts mostly prevents concurrent unpacks except in rare
circumstances. Indeed, my testing reveals that this causes apt to
upgrade nfs-kernel-server before nfs-common in one of the relevant
scenarios. Rarely, dpkg may unpack nfs-common before nfs-kernel-server
despite the declared conflict. In this situation, a protective diversion
will prevent the file loss.

I am attaching a patch and my test cases for your convenience. If you
replace the package version with the one from the archive, you should
see it fail.

Helmut

diff --minimal -Nru nfs-utils-2.8.2/debian/changelog nfs-utils-2.8.2/debian/changelog
--- nfs-utils-2.8.2/debian/changelog	2025-02-03 18:47:52.000000000 +0100
+++ nfs-utils-2.8.2/debian/changelog	2025-02-04 21:19:43.000000000 +0100
@@ -1,3 +1,11 @@
+nfs-utils (1:2.8.2-2~exp1.1) UNRELEASED; urgency=medium
+
+  * Non-maintainer upload.
+  * Mitigate file loss in concurrent canonicalization and move between
+    packages. (DEP17 P1 M8, Closes: #-1)
+
+ -- Helmut Grohne <helmut@subdivi.de>  Tue, 04 Feb 2025 21:19:43 +0100
+
 nfs-utils (1:2.8.2-2~exp1) experimental; urgency=medium
 
   * Move nfs-blkmap.service to nfs-common package.
diff --minimal -Nru nfs-utils-2.8.2/debian/control nfs-utils-2.8.2/debian/control
--- nfs-utils-2.8.2/debian/control	2025-02-03 18:47:52.000000000 +0100
+++ nfs-utils-2.8.2/debian/control	2025-02-04 21:19:38.000000000 +0100
@@ -37,9 +37,8 @@
 Recommends: python3
 Suggests: open-iscsi, watchdog
 Provides: nfs-client
-Conflicts: nfs-client
-Replaces: nfs-client, nfs-kernel-server (<< 1:2.8.2-2~exp1~)
-Breaks: nfs-kernel-server (<< 1:2.8.2-2~exp1~)
+Conflicts: nfs-client, nfs-kernel-server (<< 1:2.8.2-2~exp1~)
+Replaces: nfs-client
 Description: NFS support files common to client and server
  Use this package on any machine that uses NFS, either as client or
  server.  Programs included: lockd, statd, showmount, nfsstat, gssd,
diff --minimal -Nru nfs-utils-2.8.2/debian/nfs-common.lintian-overrides nfs-utils-2.8.2/debian/nfs-common.lintian-overrides
--- nfs-utils-2.8.2/debian/nfs-common.lintian-overrides	2025-02-03 18:47:52.000000000 +0100
+++ nfs-utils-2.8.2/debian/nfs-common.lintian-overrides	2025-02-04 21:19:43.000000000 +0100
@@ -3,3 +3,8 @@
 # lintian doesn't notice that
 nfs-common: no-manual-page [usr/sbin/mount.nfs4]
 nfs-common: no-manual-page [usr/sbin/umount.nfs4]
+# begin-remove-after: released:trixie
+# DEP17 P1 M8: Protective diversion for moved file
+nfs-common: diversion-for-unknown-file lib/systemd/system/nfs-blkmap.service [preinst:*]
+nfs-common: systemd-diversion lib/systemd/system/nfs-blkmap.service [preinst:*]
+# end-remove-after: released:trixie
diff --minimal -Nru nfs-utils-2.8.2/debian/nfs-common.postinst nfs-utils-2.8.2/debian/nfs-common.postinst
--- nfs-utils-2.8.2/debian/nfs-common.postinst	2025-02-03 18:47:52.000000000 +0100
+++ nfs-utils-2.8.2/debian/nfs-common.postinst	2025-02-04 21:19:43.000000000 +0100
@@ -4,6 +4,13 @@
 
 case "$1" in
     configure)
+        # begin-remove-after: released:trixie
+        # DEP17 P1 M8: Protective diversion for moved file
+        if dpkg --compare-versions "$2" lt 1:2.8.2-2~exp1~; then
+            dpkg-divert --remove --no-rename --divert /lib/systemd/system/nfs-blkmap.service.usr-is-merged /lib/systemd/system/nfs-blkmap.service
+        fi
+
+        # end-remove-after: released:trixie
         ucf --three-way /usr/share/nfs-common/conffiles/idmapd.conf /etc/idmapd.conf
         ucf --three-way /usr/share/nfs-common/conffiles/nfs-common.default /etc/default/nfs-common
         ucf --three-way /usr/share/nfs-common/conffiles/nfs.conf /etc/nfs.conf
diff --minimal -Nru nfs-utils-2.8.2/debian/nfs-common.postrm nfs-utils-2.8.2/debian/nfs-common.postrm
--- nfs-utils-2.8.2/debian/nfs-common.postrm	2025-02-03 18:47:52.000000000 +0100
+++ nfs-utils-2.8.2/debian/nfs-common.postrm	2025-02-04 21:19:43.000000000 +0100
@@ -24,4 +24,12 @@
 	    
 	dpkg-statoverride --remove /sbin/mount.nfs || true
 	;;
+    # begin-remove-after: released:trixie
+    abort-upgrade)
+        # DEP17 P1 M8: Protective diversion for moved file
+        if dpkg --compare-versions "$2" lt 1:2.8.2-2~exp1~; then
+            dpkg-divert --remove --no-rename --divert /lib/systemd/system/nfs-blkmap.service.usr-is-merged /lib/systemd/system/nfs-blkmap.service
+        fi
+	;;
+    # end-remove-after: released:trixie
 esac
diff --minimal -Nru nfs-utils-2.8.2/debian/nfs-common.preinst nfs-utils-2.8.2/debian/nfs-common.preinst
--- nfs-utils-2.8.2/debian/nfs-common.preinst	2025-02-03 18:47:52.000000000 +0100
+++ nfs-utils-2.8.2/debian/nfs-common.preinst	2025-02-04 21:19:43.000000000 +0100
@@ -12,4 +12,11 @@
     fi
 fi
 
+# begin-remove-after: released:trixie
+# DEP17 P1 M8: Protective diversion for moved file
+if [ "$1" = install ] || { [ "$1" = upgrade ] && dpkg --compare-versions "$2" lt 1:2.8.2-2~exp1~; }; then
+    dpkg-divert --add --no-rename --divert /lib/systemd/system/nfs-blkmap.service.usr-is-merged /lib/systemd/system/nfs-blkmap.service
+fi
+# end-remove-after: released:trixie
+
 #DEBHELPER#

Attachment: test.sh
Description: Bourne shell script