[pkg-netfilter-team] Bug#933798: libnetfilter-conntrack-dev: unhandled symlink to directory conversion: /usr/share/doc/PACKAGE
Andreas Beckmann
anbe at debian.org
Sat Aug 3 16:27:42 BST 2019
Package: libnetfilter-conntrack-dev
Version: 1.0.7-2
Severity: serious
User: debian-qa at lists.debian.org
Usertags: piuparts
Hi,
an upgrade test with piuparts revealed that your package installs files
over existing symlinks and possibly overwrites files owned by other
packages. This usually means an old version of the package shipped a
symlink but that was later replaced by a real (and non-empty)
directory. This kind of overwriting another package's files cannot be
detected by dpkg.
This was observed on the following upgrade paths:
stable -> testing -> sid
For /usr/share/doc/PACKAGE this may not be problematic as long as both
packages are installed, ship byte-for-byte identical files and are
upgraded in lockstep. But once one of the involved packages gets
removed, the other one will lose its documentation files, too,
including the copyright file, which is a violation of Policy 12.5:
https://www.debian.org/doc/debian-policy/ch-docs.html#copyright-information
For other overwritten locations anything interesting may happen.
Note that dpkg intentionally does not replace directories with symlinks
and vice versa, you need the maintainer scripts to do this.
See in particular the end of point 4 in
https://www.debian.org/doc/debian-policy/ch-maintainerscripts.html#details-of-unpack-phase-of-installation-or-upgrade
It is recommended to use the dpkg-maintscript-helper commands
'dir_to_symlink' and 'symlink_to_dir' (available since dpkg 1.17.14)
to perform the conversion, ideally using d/$PACKAGE.maintscript.
See dpkg-maintscript-helper(1) and dh_installdeb(1) for details.
>From the attached log (scroll to the bottom...):
0m55.4s ERROR: FAIL: silently overwrites files via directory symlinks:
/usr/share/doc/libnetfilter-conntrack-dev/changelog.Debian.gz (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/changelog.Debian.gz (libnetfilter-conntrack3:amd64)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/copyright (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/copyright (libnetfilter-conntrack3:amd64)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-create.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-create.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-del.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-del.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-dump-labels.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-dump-labels.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-dump.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-dump.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-event.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-event.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-flush.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-flush.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-get.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-get.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfct-mnl-set-label.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfct-mnl-set-label.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfexp-mnl-dump.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfexp-mnl-dump.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
/usr/share/doc/libnetfilter-conntrack-dev/examples/nfexp-mnl-event.c (libnetfilter-conntrack-dev:amd64) != /usr/share/doc/libnetfilter-conntrack3/examples/nfexp-mnl-event.c (?)
/usr/share/doc/libnetfilter-conntrack-dev -> libnetfilter-conntrack3
cheers,
Andreas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: libnetfilter-conntrack-dev_1.0.7-2.log.gz
Type: application/gzip
Size: 20763 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20190803/4c668e10/attachment-0001.gz>
More information about the pkg-netfilter-team
mailing list