[pkg-netfilter-team] Bug#1031943: ebtables: symlink removal removal code in the postinst does not seem to be working
Jeremy Sowden
jeremy at azazel.net
Sun Feb 26 20:39:25 GMT 2023
On 2023-02-25, at 20:17:34 +0200, Adrian Bunk wrote:
> Package: ebtables
> Version: 2.0.11-5
> Severity: serious
>
> ...
> Setting up ebtables (2.0.11-5) ...
> update-alternatives: using /usr/sbin/ebtables-legacy to provide /usr/sbin/ebtables (ebtables) in auto mode
> update-alternatives: error: cannot stat file '/usr/sbin/ebtables': Too many levels of symbolic links
> dpkg: error processing package ebtables (--configure):
> ...
>
>
> This is due to (with merged /usr):
> lrwxrwxrwx 1 root root 18 Apr 6 2022 /sbin/ebtables -> /usr/sbin/ebtables
> lrwxrwxrwx 1 root root 26 Apr 6 2022 /sbin/ebtables-restore -> /usr/sbin/ebtables-restore
> lrwxrwxrwx 1 root root 23 Apr 6 2022 /sbin/ebtables-save -> /usr/sbin/ebtables-save
>
>
> Adding "set -x" in /var/lib/dpkg/info/ebtables.postinst shows:
> ...
> + LIST=ebtables ebtables-save ebtables-restore
> + [ -e /sbin/ebtables ]
> + [ -e /sbin/ebtables-save ]
> + [ -e /sbin/ebtables-restore ]
> + [ configure = configure ]
> ...
>
> Using -h instead of -e works:
> ...
> + LIST=ebtables ebtables-save ebtables-restore
> + [ -h /sbin/ebtables ]
> + readlink /sbin/ebtables
> + [ /usr/sbin/ebtables = /usr/sbin/ebtables ]
> + rm /sbin/ebtables
> + [ -h /sbin/ebtables-save ]
> + readlink /sbin/ebtables-save
> + [ /usr/sbin/ebtables-save = /usr/sbin/ebtables-save ]
> + rm /sbin/ebtables-save
> + [ -h /sbin/ebtables-restore ]
> + readlink /sbin/ebtables-restore
> + [ /usr/sbin/ebtables-restore = /usr/sbin/ebtables-restore ]
> + rm /sbin/ebtables-restore
> + [ configure = configure ]
> ...
Thanks for the report. I've no objection to changing the `-e` test to
`-h`, but I should like to understand what is going wrong, and I haven't
been able to reproduce it. I believe that the postinst `-e` tests ought
only to fail if the sym-links are broken. In conjunction with the fact
that update-alternatives was complaining about not being able to stat
/usr/sbin/ebtables, this suggests to me that the failing tests are
symptomatic of another underlying problem.
Given that the postinst script was trying and failing to remove existing
sym-links, I take it that you already had ebtables installed and were
upgrading to 2.0.11-5.
Here's what I see in after initially installing ebtables (2.0.11-4+b1)
in a Bullseye chroot without merged /usr:
$ ls -l /etc/alternatives/ebtables* /sbin/ebtables* /usr/sbin/ebtables*
lrwxrwxrwx 1 root root 25 Feb 26 09:14 /etc/alternatives/ebtables -> /usr/sbin/ebtables-legacy*
lrwxrwxrwx 1 root root 33 Feb 26 09:14 /etc/alternatives/ebtables-restore -> /usr/sbin/ebtables-legacy-restore*
lrwxrwxrwx 1 root root 30 Feb 26 09:14 /etc/alternatives/ebtables-save -> /usr/sbin/ebtables-legacy-save*
lrwxrwxrwx 1 root root 18 Feb 26 09:14 /sbin/ebtables -> /usr/sbin/ebtables*
lrwxrwxrwx 1 root root 26 Feb 26 09:14 /sbin/ebtables-restore -> /usr/sbin/ebtables-restore*
lrwxrwxrwx 1 root root 23 Feb 26 09:14 /sbin/ebtables-save -> /usr/sbin/ebtables-save*
lrwxrwxrwx 1 root root 26 Feb 26 09:14 /usr/sbin/ebtables -> /etc/alternatives/ebtables*
-rwxr-xr-x 1 root root 14600 Jun 6 2020 /usr/sbin/ebtables-legacy*
-rwxr-xr-x 1 root root 14784 Jun 6 2020 /usr/sbin/ebtables-legacy-restore*
-rwxr-xr-x 1 root root 1677 Jun 6 2020 /usr/sbin/ebtables-legacy-save*
lrwxrwxrwx 1 root root 34 Feb 26 09:14 /usr/sbin/ebtables-restore -> /etc/alternatives/ebtables-restore*
lrwxrwxrwx 1 root root 31 Feb 26 09:14 /usr/sbin/ebtables-save -> /etc/alternatives/ebtables-save*
-rwxr-xr-x 1 root root 14800 Jun 6 2020 /usr/sbin/ebtablesd*
-rwxr-xr-x 1 root root 14672 Jun 6 2020 /usr/sbin/ebtablesu*
This includes the three sym-links from /sbin to /usr/sbin you list
above and they resolve correctly. For example:
* /sbin/ebtables -> /usr/sbin/ebtables
* /usr/sbin/ebtables -> /etc/alternatives/ebtables
* /etc/alternatives/ebtables -> /usr/sbin/ebtables-legacy
With merged /usr (whether by creating the chroot with `debootstrap
--merged-usr`, installing the usrmerge package before installing
ebtables, or installing usrmerge after ebtables), I see the following:
$ ls -l /etc/alternatives/ebtables* /sbin /sbin/ebtables* /usr/sbin/ebtables*
lrwxrwxrwx 1 root root 25 Feb 26 09:14 /etc/alternatives/ebtables -> /usr/sbin/ebtables-legacy*
lrwxrwxrwx 1 root root 33 Feb 26 09:14 /etc/alternatives/ebtables-restore -> /usr/sbin/ebtables-legacy-restore*
lrwxrwxrwx 1 root root 30 Feb 26 09:14 /etc/alternatives/ebtables-save -> /usr/sbin/ebtables-legacy-save*
lrwxrwxrwx 1 root root 8 Feb 26 09:17 /sbin -> usr/sbin/
lrwxrwxrwx 1 root root 26 Feb 26 09:14 /sbin/ebtables -> /etc/alternatives/ebtables*
-rwxr-xr-x 1 root root 14600 Jun 6 2020 /sbin/ebtables-legacy*
-rwxr-xr-x 1 root root 14784 Jun 6 2020 /sbin/ebtables-legacy-restore*
-rwxr-xr-x 1 root root 1677 Jun 6 2020 /sbin/ebtables-legacy-save*
lrwxrwxrwx 1 root root 34 Feb 26 09:14 /sbin/ebtables-restore -> /etc/alternatives/ebtables-restore*
lrwxrwxrwx 1 root root 31 Feb 26 09:14 /sbin/ebtables-save -> /etc/alternatives/ebtables-save*
-rwxr-xr-x 1 root root 14800 Jun 6 2020 /sbin/ebtablesd*
-rwxr-xr-x 1 root root 14672 Jun 6 2020 /sbin/ebtablesu*
lrwxrwxrwx 1 root root 26 Feb 26 09:14 /usr/sbin/ebtables -> /etc/alternatives/ebtables*
-rwxr-xr-x 1 root root 14600 Jun 6 2020 /usr/sbin/ebtables-legacy*
-rwxr-xr-x 1 root root 14784 Jun 6 2020 /usr/sbin/ebtables-legacy-restore*
-rwxr-xr-x 1 root root 1677 Jun 6 2020 /usr/sbin/ebtables-legacy-save*
lrwxrwxrwx 1 root root 34 Feb 26 09:14 /usr/sbin/ebtables-restore -> /etc/alternatives/ebtables-restore*
lrwxrwxrwx 1 root root 31 Feb 26 09:14 /usr/sbin/ebtables-save -> /etc/alternatives/ebtables-save*
-rwxr-xr-x 1 root root 14800 Jun 6 2020 /usr/sbin/ebtablesd*
-rwxr-xr-x 1 root root 14672 Jun 6 2020 /usr/sbin/ebtablesu*
The three sym-links no longer exist, of course, because /sbin is itself
a symlink, so instead we have:
* /sbin/ebtables -> /etc/alternatives/ebtables
* /etc/alternatives/ebtables -> /usr/sbin/ebtables-legacy
and:
* /usr/sbin/ebtables -> /etc/alternatives/ebtables
* /etc/alternatives/ebtables -> /usr/sbin/ebtables-legacy
which again resolve correctly.
When I upgrade to Bookworm, everything is still correct:
$ ls -l /etc/alternatives/ebtables* /sbin /sbin/ebtables* /usr/sbin/ebtables*
lrwxrwxrwx 1 root root 25 Feb 26 09:52 /etc/alternatives/ebtables -> /usr/sbin/ebtables-legacy*
lrwxrwxrwx 1 root root 33 Feb 26 09:52 /etc/alternatives/ebtables-restore -> /usr/sbin/ebtables-legacy-restore*
lrwxrwxrwx 1 root root 30 Feb 26 09:52 /etc/alternatives/ebtables-save -> /usr/sbin/ebtables-legacy-save*
lrwxrwxrwx 1 root root 8 Feb 26 09:54 /sbin -> usr/sbin/
lrwxrwxrwx 1 root root 26 Feb 26 09:52 /sbin/ebtables -> /etc/alternatives/ebtables*
-rwxr-xr-x 1 root root 14680 Apr 6 2022 /sbin/ebtables-legacy*
-rwxr-xr-x 1 root root 14872 Apr 6 2022 /sbin/ebtables-legacy-restore*
-rwxr-xr-x 1 root root 1677 Apr 6 2022 /sbin/ebtables-legacy-save*
lrwxrwxrwx 1 root root 34 Feb 26 09:52 /sbin/ebtables-restore -> /etc/alternatives/ebtables-restore*
lrwxrwxrwx 1 root root 31 Feb 26 09:52 /sbin/ebtables-save -> /etc/alternatives/ebtables-save*
-rwxr-xr-x 1 root root 14880 Apr 6 2022 /sbin/ebtablesd*
-rwxr-xr-x 1 root root 14752 Apr 6 2022 /sbin/ebtablesu*
lrwxrwxrwx 1 root root 26 Feb 26 09:52 /usr/sbin/ebtables -> /etc/alternatives/ebtables*
-rwxr-xr-x 1 root root 14680 Apr 6 2022 /usr/sbin/ebtables-legacy*
-rwxr-xr-x 1 root root 14872 Apr 6 2022 /usr/sbin/ebtables-legacy-restore*
-rwxr-xr-x 1 root root 1677 Apr 6 2022 /usr/sbin/ebtables-legacy-save*
lrwxrwxrwx 1 root root 34 Feb 26 09:52 /usr/sbin/ebtables-restore -> /etc/alternatives/ebtables-restore*
lrwxrwxrwx 1 root root 31 Feb 26 09:52 /usr/sbin/ebtables-save -> /etc/alternatives/ebtables-save*
-rwxr-xr-x 1 root root 14880 Apr 6 2022 /usr/sbin/ebtablesd*
-rwxr-xr-x 1 root root 14752 Apr 6 2022 /usr/sbin/ebtablesu*
I've also tried a number of other permutations (upgrading from Bullseye
to Bookworm without merged /usr, starting from Buster), and they all
worked too.
J.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-netfilter-team/attachments/20230226/b6f25433/attachment.sig>
More information about the pkg-netfilter-team
mailing list