On 2023-02-22 21:45 +0100, Lucas Nussbaum wrote:
> Source: socklog
> Version: 2.1.0+repack-4
> Severity: serious
>
> dpkg-source: info: extracting socklog in socklog-2.1.0+repack
> dpkg-source: info: unpacking socklog_2.1.0+repack.orig.tar.gz
> dpkg-source: info: unpacking socklog_2.1.0+repack-4.debian.tar.xz
> dpkg-source: info: using patch list from debian/patches/series
> dpkg-source: info: applying 0001-socklog-conf-update-service.patch
> dpkg-source: info: applying 0002-tryto-c.patch
> dpkg-source: info: applying 0003-patches-fix-build-warnings.patch
> dpkg-source: error: pathname
> 'socklog-2.1.0+repack/debian/service/socklog-unix/log/supervise' points
> outside source root (to '/run/runit/supervise/socklog-unix.log')
>
> That's on a system with a mix of testing and unstable. I'm not sure of
> which package introduced that additional check. Let me know if you
> cannot reproduce.
I can reproduce this, but only if the target directory
(/run/runit/supervise) actually exists. Otherwise dpkg-source does not
complain.
Lintian reports the absolute symlink as a warning, but maybe turning it
into an error would be more appropriate.
Cheers,
Sven
