[DSE-Dev] libselinux1 version 3.3-1+b1 not enforcing libc6 >= 2.30 during install

Laurent Bigonville bigon at debian.org
Tue Dec 14 15:01:52 GMT 2021 

Hello,

Yes I see, that's a known bug in apt or dpkg

But on the other hand, debian doesn't support skipping releases

2.8 is in buster and you updated straight to bookworm/sid, you should 
have updated to (or installed) Bullseye first

Yeah, not sure what to do here then

Kind regards,

Laurent Bigonville

On 14/12/21 15:51, Mihaly Bak wrote:
> Hello Laurent.
>
> This is my environment:
>
> mihaly at nuci5:~$ dpkg -l | grep libselinux1
> ii  libselinux1:amd64                 2.8-1+b1                     
> amd64        SELinux runtime shared libraries
> mihaly at nuci5:~$ dpkg -l | grep libc6
> ii  libc6:amd64                       2.28-10                     
>  amd64        GNU C Library: Shared libraries
> ii  libc6-dev:amd64                   2.28-10                     
>  amd64        GNU C Library: Development Libraries
>
> Into this I was able to dpkg -i the package and have everything break. 
> I agree that It should not have been possible. I am not sure how to 
> open a bug report.
>
> Regards Mihaly Bak.
> Den tisdag 14 december 2021 13:27:55 CET, Laurent Bigonville 
> <bigon at debian.org> skrev:
>
>
> On 11/12/21 10:26, Mihaly Bak wrote:
> Hello.
> Hello,
>>
>> First of all, thank you very much for your efforts with the debian 
>> project!
>>
>> The installation package for libselinux1 version 3.3-1+b1 amd64 does 
>> not enforce libc6 >= 2.30, during install. So you are able to "dpkg 
>> -i" install it on lower versions of libc6 and totally wipe out your 
>> system. Post the install everything break because of this and you get
>> "/lib/x86_64-linux-gnu/libc.so.6: version `GLIBC_2.30' not found" for 
>> almost all commands, including dpkg, cp, halt and all other utilities 
>> that could resolve the situation.
>
> For what I can see, the version of libselinux1 in unstable has the 
> following:
>
> Depends: libc6 (>= 2.30), libpcre2-8-0 (>= 10.22)
>
> Can you please tell me more from which version to which version you 
> were updating?
>
> I'm quite skeptical here, but could you please open a bug report for this?
>
> Kind regards,
>
> Laurent Bigonville
>
>>
>> Regards Mihaly
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/selinux-devel/attachments/20211214/a25bc137/attachment-0001.htm>

More information about the SELinux-devel mailing list