Bug#1101965: systemd-resolved declares ineffective Replaces for systemd due to the /usr-move potentially loosing /usr/lib/systemd/resolv.conf (DEP17 P1)

[Helmut Grohne]

Package: systemd-resolved
Version: 257.4-9
Severity: serious
User: helmutg at debian.org
Usertags: dep17p1
Control: affects -1 + systemd

Dear systemd maintainers,

thanks for reintroducing systemd-resolved. I'm not sure why this pops up
now, but I now see a /usr-move regression. systemd-resolved now installs
/usr/lib/systemd/resolv.conf and in bookworm systemd contained
/lib/systemd/resolv.conf. Consequently, systemd-resolved declares
Replaces, but due to /usr-move such Replaces are not effective.

In principle, I consider this file important to the operation of a
Debian installation as its loss may render DNS unusable. Therefore I'd
recommend a stronger mitigation involving dpkg-divert in principle.
However, in the past Luca was reluctant to add such stronger mitigations
and opted for simply upgrading the Replaces to Conflicts (DEP17 M7)
despite the known problems (DEP17 P12) with that approach.

Does that preference carry over to this instance? If yes, would you
upgrade the versioned Replaces declared with systemd to Conflicts
yourself?

If not, I am happy to supply maintainer scripts implementing the
stronger mitigation (DEP17 M8).

Please let me know about your preference for this instance and whether
you want to carry out the work yourself or prefer me providing/uploading
it.

Thanks

Helmut