diff options
| author | Guillem Jover <guillem@debian.org> | 2018-12-02 03:35:49 +0100 |
|---|---|---|
| committer | Guillem Jover <guillem@debian.org> | 2019-02-23 16:22:33 +0100 |
| commit | dd406dc36649bacf646c51735214b9b21a82b5ae (patch) | |
| tree | fd1b85cee04c5c89c07586af6916f66a32a16b4d | |
| parent | 13cad525ffbcbfba47863ea41024415ac25f7974 (diff) | |
| download | dpkg-dd406dc36649bacf646c51735214b9b21a82b5ae.tar.gz | |
Dpkg::Vendor::Debian: Add support for merged-usr-via-symlinks tainted tag
This will detect whether the system we are building on contains the
problematic /usr merged via symlinks deployment method.
Suggested-by: Alexander E. Patrakov <patrakov@gmail.com>
| -rw-r--r-- | debian/changelog | 3 | ||||
| -rw-r--r-- | man/deb-buildinfo.man | 11 | ||||
| -rw-r--r-- | scripts/Dpkg/Vendor/Debian.pm | 10 |
3 files changed, 24 insertions, 0 deletions
diff --git a/debian/changelog b/debian/changelog index 58a306652..a57bd3438 100644 --- a/debian/changelog +++ b/debian/changelog @@ -25,6 +25,9 @@ dpkg (1.19.5) UNRELEASED; urgency=medium -maxdepth 1. Thanks to Ralf Treinen <treinen@free.fr>. Closes: #922799 * dpkg-genbuildinfo: Add support for a new Build-Tainted-By field in .buildinfo files. Suggested by Alexander E. Patrakov <patrakov@gmail.com>. + * Perl modules: + - Dpkg::Vendor::Debian: Add support for merged-usr-via-symlinks tainted + tag. Suggested by Alexander E. Patrakov <patrakov@gmail.com>. * Documentation: - start-stop-daemon(1): Document behavior of --pidfile security checks. Closes: #921557 diff --git a/man/deb-buildinfo.man b/man/deb-buildinfo.man index 1a1ddc7d1..fe276bef2 100644 --- a/man/deb-buildinfo.man +++ b/man/deb-buildinfo.man @@ -158,6 +158,17 @@ current build has been tainted (since dpkg 1.19.5). .IP On Debian and derivatives the following reason tags can be emitted: .RS +.TP +.B merged\-usr\-via\-symlinks +The system has a merged \fI/usr\fP via symlinks. +This will confuse \fBdpkg\-query\fP, \fBdpkg\-statoverride\fP, +\fBdpkg\-trigger\fP, \fBupdate\-alternatives\fP and any other tool using +pathnames as keys into their databases, as it creates filesystem aliasing +problems, and messes with the understanding of the filesystem that +\fBdpkg\fP has recorded in its database. +For build systems that hardcode pathnames to specific binaries or libraries +on the resulting artifacts, it can also produce packages that will be +incompatible with non-/usr-merged filesystems. .RE .TP .BR Installed\-Build\-Depends: " (required)" diff --git a/scripts/Dpkg/Vendor/Debian.pm b/scripts/Dpkg/Vendor/Debian.pm index 7b5244042..6948bdc16 100644 --- a/scripts/Dpkg/Vendor/Debian.pm +++ b/scripts/Dpkg/Vendor/Debian.pm @@ -445,6 +445,16 @@ sub _build_tainted_by { my $self = shift; my %tainted; + foreach my $pathname (qw(/bin /sbin /lib /lib32 /libo32 /libx32 /lib64)) { + next unless -l $pathname; + + my $linkname = readlink $pathname; + if ($linkname eq "usr$pathname") { + $tainted{'merged-usr-via-symlinks'} = 1; + last; + } + } + my @tainted = sort keys %tainted; return @tainted; } |