Re: What is the best way to manage 3rd party debs?

To: debian-user@lists.debian.org
Subject: Re: What is the best way to manage 3rd party debs?
From: Aniruddha <mailing_list@orange.nl>
Date: Tue, 12 Aug 2008 19:28:25 +0200
Message-id: <[🔎] 1218562105.3825.17.camel@Desktop>
In-reply-to: <[🔎] 20080812165207.GC20200@dmiyu.org>
References: <[🔎] 1218559611.3825.11.camel@Desktop> <[🔎] 20080812165207.GC20200@dmiyu.org>

On Tue, 2008-08-12 at 12:52 -0400, Steve C. Lamb wrote:
> On Tue, Aug 12, 2008 at 06:46:51PM +0200, Aniruddha wrote:
> > They can overwrite existing (core) system files and possibly cause other
> > harm.
> 
>     No, they can't.  Not without your expressed consent...
> 
> {grey@igbuntu:~} dpkg --force-help
> dpkg forcing options - control behaviour when problems found:
>   warn but continue:  --force-<thing>,<thing>,...
>   stop with error:    --refuse-<thing>,<thing>,... | --no-force-<thing>,...
>  Forcing things:
>   all [!]                Set all force options
>   downgrade [*]          Replace a package with a lower version
>   configure-any          Configure any package which may help this one
>   hold                   Process incidental packages even when on hold
>   bad-path               PATH is missing important programs, problems likely
>   not-root               Try to (de)install things even when not root
>   overwrite              Overwrite a file from one package with another
> ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
> 
>     ...if they could there would be no reason for dpkg to have
> --force-overwrite.
> 

Well, that's another discussion altogether. To give you an idea why I am
asking this here's an excerpt from "Debian system concepts and
techniques" from Martin Krafft:


> checkinstall is limited in what it can do. To be precise, the packages it creates
> can only install files, and checkinstall does not care where it installs them. You
> can overwrite files in home directories with checkinstall, among other things. The
> generated packages cannot modify files. If the installation routine modifies existing
> files, they will be part of the generated package in their entirety. A horror scenario
> occurs when an installation routine adds a user by modification of /etc/passwd,
> which is subsequently included in the package. Installation of the package causes
> /etc/passwd to be completely replaced, and the deinstallation of the package re-
> moves the file, breaking the system in half.

Therefor I can imagine that debs not created by Debian devs can contain possible disastrous changes.
 

-- 
Regards,


Aniruddha

Reply to:

References:
- What is the best way to manage 3rd party debs?
  - From: Aniruddha <mailing_list@orange.nl>
- Re: What is the best way to manage 3rd party debs?
  - From: "Steve C. Lamb" <grey@dmiyu.org>

Prev by Date: Re: Using Logitech Quickcam on Debian 4.0
Next by Date: Re: No sound problems on Intel board
Previous by thread: Re: What is the best way to manage 3rd party debs?
Next by thread: Re: What is the best way to manage 3rd party debs?
Index(es):
- Date
- Thread