On Fri, Nov 20, 2020 at 09:35:42AM +0100, Ansgar wrote: > I would like to propose to plan to move to support merged-usr-only over > the following releases. The motivation is bugs like [1] where upstream > developers just use `/usr/bin/rm` (or other binaries, or user scripts > using /usr/bin/bash, or ...) unconditionally; this was already a > motivation to adopt merged-/usr as a default for me. > > As far as I know nothing broke catastrophically over the last releases > with merged-/usr.
Unless you look at dpkg or attempts at speeding up bootstrap. See https://salsa.debian.org/glibc-team/glibc/-/commit/49d137c4392cb1144f2313f78f31466aaa169b75 for an example. As far as I know, dpkg maintainers consider usrmerge to be unsupported, and trying to make my own NIH deb installer I see why. Some more information: https://wiki.debian.org/Teams/Dpkg/MergedUsr A script to recover from usrmerge: https://www.hadrons.org/~guillem/tmp/unmessusr.pl > So a possible idea would be to: > > - For Debian 12 (bookworm): make it mandatory to migrate old systems to > merged-/usr on upgrade. Possibly by allowing the existing usrmerge > program to run from the initramfs. Counterproposal: replace debootstrap with mmdebstrap, which is many times faster -- and doesn't support usrmerge at all, or at least disable usrmerge in debootstrap in default. (My zdebootstrap is mostly vapourware yet, alas.) > - For Debian 13 (trixie): packages should no longer install to /bin, > /sbin, /lib, but to the respective locations under /usr. Moving stuff with no mandated path is a good idea, yes. Alas, it's been massively complicated by usrmerge being a thing, and thus you can't just ship the file in a new location as you risk a path conflict. My implementation uses libarchive which flat-out refuses to unpack over a symlink, for multiple reasons that this conflict is just one of. [2] So let's make it so a canonical path to a file never includes a directory symlink; if you insist on /usr/bin/rm then /bin/rm should be /bin/{rm->/usr/bin/rm} not /{bin->usr/bin}/rm > [1]: https://bugs.debian.org/973853 That's a piece of software for which upstream is Red Hat. The number of people developing on RPM distros is rapidly falling, so this is less and less of an issue. Meow! [2]. Some of the issues are mentioned in https://www.gnu.org/software/tar/manual/html_node/Live-untrusted-data.html -- generally, until a very recent kernel there's no mechanism to unpack over a symlink securely even if you try hard, GNU tar and possibly dpkg don't try at all. -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ Imagine there are bandits in your house, your kid is bleeding out, ⢿⡄⠘⠷⠚⠋⠀ the house is on fire, and seven giant trumpets are playing in the ⠈⠳⣄⠀⠀⠀⠀ sky. Your cat demands food. The priority should be obvious...