Hi! On Thu, 2020-08-27 at 09:19:52 +0200, Sven Mueller wrote: > Package: dpkg > Version: 1.19.7 > Tags: patch
> When a package contains a symlink that reaches into a filesystem that can't > be accessed by root (due to missing key, errno=ENOKEY), installation works, > removal works, but upgrade or reinstallation of the package doesn't work > and fails because dpkg fails to stat the link target. OOC, why is a pathname that is reference by a .deb, within a filesystem that currently has a missing key? > Patch attached, which fixes this issue, though I suspect other locations > should possibly use a similar logic. > > As far as I understand (also mentioned in the header of the patch), this is > to avoid unpacking a link into a directory the link originally pointed to. > If that is the case, the patch should be fine, but I wonder if this > shouldn't be handled differently. But I would need to dig into the code > much more than I am comfortable with, given that this is C and I don't > usually use C. _If_ dpkg unpacks the package into some temporary directory > first and then moves the files into place, then there should be other > options to avoid the behavior mentioned. I'm not sure this is correct for the general case though, as that makes the check inert, which seems wrong? Thanks, Guillem