Bug#203650: Poor recommendation in dpkg-statoverride section

To: submit@bugs.debian.org
Subject: Bug#203650: Poor recommendation in dpkg-statoverride section
From: Andrew Suffield <asuffield@debian.org>
Date: Thu, 31 Jul 2003 18:24:18 +0100
Message-id: <[🔎] 20030731172418.GB4256@doc.ic.ac.uk>
Reply-to: Andrew Suffield <asuffield@debian.org>, 203650@bugs.debian.org

Package: debian-policy

Here's the current text of the latter part of section 10.9.1:

============
Given the above, dpkg-statoverride is essentially a tool for system
administrators and would not normally be needed in the maintainer
scripts. There is one type of situation, though, where calls to
dpkg-statoverride would be needed in the maintainer scripts, and that
involves packages which use dynamically allocated user or group
ids. In such a situation, something like the following idiom can be
very helpful in the package's postinst, where sysuser is a dynamically
allocated id:

     for i in /usr/bin/foo /usr/sbin/bar
     do
       if ! dpkg-statoverride --list $i >/dev/null
       then
         dpkg-statoverride --update --add sysuser root 4755 $i
       fi
     done

The corresponding dpkg-statoverride --remove calls can then be made
unconditionally when the package is purged.
============

This means that the files are unpacked with whatever permissions were
in the package, and are then modified during postinst. In addition, if
the sysadmin removes the statoverride entry, the postinst will blindly
add it back again later.

So, let's break down what happens a bit:

 - dpkg unpacks the files, with their original permissions
 - postinst creates a user
 - postinst adds a statoverride to change the permissions

The "problem" is that the user doesn't exist until after you unpack
the files. Adding a statoverride here is a somewhat strange approach
in its own right, ignoring such matters as the period between unpack
and configure when permissions/owners are wrong.

I suggest that this sequence would make more sense:

 - preinst creates a user
 - dpkg unpacks the files

It's easier to understand and doesn't tread on the admin's toes as
much. Note that dpkg stores users by name, not by uid.

I propose replacing the above text entirely with this:

============
Given the above, dpkg-statoverride is a tool for system
administrators and is not needed in the maintainer scripts.
============

And appending this text to section 10.9:

============
If you want files in a package to be owned by a dynamically allocated
user or group, then you should create the user or group in preinst, so
that it is present when the package is unpacked.
============

-- 
  .''`.  ** Debian GNU/Linux ** | Andrew Suffield
 : :' :  http://www.debian.org/ |
 `. `'                          |
   `-             -><-          |

Attachment: pgpjQzMRqqZMh.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Bug#203650: Poor recommendation in dpkg-statoverride section
  - From: Colin Watson <cjwatson@debian.org>
- Bug#203650: Poor recommendation in dpkg-statoverride section
  - From: Adam Heath <doogie@debian.org>

Prev by Date: Bug#203559: debian-policy: remove "(from old Packaging Manual)" notations
Next by Date: New virtual package: myspell-dictionary?
Previous by thread: Bug#203559: marked as done (debian-policy: remove "(from old Packaging Manual)" notations)
Next by thread: Bug#203650: Poor recommendation in dpkg-statoverride section
Index(es):
- Date
- Thread