Your message dated Fri, 24 Nov 2023 15:19:30 +0000
with message-id <[email protected]>
and subject line Bug#1055921: fixed in libsepol 3.5-2
has caused the Debian Bug report #1055921,
regarding libsepol2: move libsepol.so.2 to /usr
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
1055921: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1055921
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: libsepol
Version: 3.5-1
Severity: normal
Tags: patch
User: [email protected]
Usertags: dep17m2
X-Debbugs-Cc: [email protected]
We want to finalize the /usr-merge transition via DEP17[1]. For
libsepol, this means moving all remaining files from aliased directories
in / to /usr. There only is libsepol.so.2 in package libsepol2. Until
recently, such a move was prohibited by the file move moratorium. This
has now been delegated to https://wiki.debian.org/UsrMerge. We still
must be careful, because libsepol is part of the debootstrap
--variant=minbase set.
DEP17 gives us a template of problems to watch out for. P1 is not
relevant now, but may become relevant via the 2038 transition. In the
process, libsepol2 may be renamed to libsepol2t64 keeping the soname. In
an upgrade from bookworm to trixie, libsepol.so.2 would thus move from /
to /usr and from libsepol2 to libsepol2t64 triggering the file loss
scenario that the moratorium meant to prevent. Therefore, please upload
the time64 change to experimental first and let it wait for at least
three days. We might get away with upgrading Breaks to Conflicts (DEP17
M7), but we probably should use protective diversions (DEP17 M8) instead
to avoid making the upgrade too hard for apt. Problem classes P2, P3,
P4, P5, P6 do not apply. P7 does not apply, because libsepol.so.2 is
installed to an architecture-dependent path. I locally verified that
this change does not impact debootstrap (P8). P9 will be handled
elsewhere and P10 is not a problem, because /usr/lib/$multiarch is on
the default library search path even on unmerged systems.
Therefore I think we're good to go ahead.
I'm attaching a patch that enables dh_movetousr. This is not a long-term
solution. Eventually, you want to adjust the path in the packaging, but
we must not do so in bookworm-backports. dh_movetousr will take care of
becoming a noop in bookworm-backports. If you think backporting is not
relevant to libsepol, consider changing paths directly instead.
Helmut
[1] https://subdivi.de/~helmut/dep17.html
diff --minimal -Nru libsepol-3.5/debian/changelog libsepol-3.5/debian/changelog
--- libsepol-3.5/debian/changelog 2023-07-08 22:44:16.000000000 +0200
+++ libsepol-3.5/debian/changelog 2023-11-14 10:23:22.000000000 +0100
@@ -1,3 +1,10 @@
+libsepol (3.5-1.1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * Move libsepol.so.2 to /usr. (Closes: #-1)
+
+ -- Helmut Grohne <[email protected]> Tue, 14 Nov 2023 10:23:22 +0100
+
libsepol (3.5-1) unstable; urgency=medium
* New upstream release
diff --minimal -Nru libsepol-3.5/debian/control libsepol-3.5/debian/control
--- libsepol-3.5/debian/control 2023-07-08 22:44:16.000000000 +0200
+++ libsepol-3.5/debian/control 2023-11-14 10:23:22.000000000 +0100
@@ -6,7 +6,7 @@
Maintainer: Debian SELinux maintainers <[email protected]>
Uploaders: Laurent Bigonville <[email protected]>, Russell Coker
<[email protected]>
Standards-Version: 4.6.2
-Build-Depends: debhelper-compat (= 13), file, flex
+Build-Depends: debhelper-compat (= 13), dh-sequence-movetousr, file, flex
Homepage: https://selinuxproject.org
Rules-Requires-Root: no
--- End Message ---
--- Begin Message ---
Source: libsepol
Source-Version: 3.5-2
Done: Laurent Bigonville <[email protected]>
We believe that the bug you reported is fixed in the latest version of
libsepol, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laurent Bigonville <[email protected]> (supplier of updated libsepol package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 24 Nov 2023 15:46:38 +0100
Source: libsepol
Architecture: source
Version: 3.5-2
Distribution: unstable
Urgency: medium
Maintainer: Debian SELinux maintainers <[email protected]>
Changed-By: Laurent Bigonville <[email protected]>
Closes: 1055921
Changes:
libsepol (3.5-2) unstable; urgency=medium
.
* Move libsepol.so.2 to /usr.
The move is done directly (without using dh_movetousr) as I don't think
we'll have to backport this package. (Closes: #1055921)
Checksums-Sha1:
1b04e40c79244ba0b4759ce423d9306302d332b8 2005 libsepol_3.5-2.dsc
3c39dce4f62481c912e86f6ab853ca47607fd821 27596 libsepol_3.5-2.debian.tar.xz
ab34fb24e5f57aacc464969b435cd44019af7a3b 5369 libsepol_3.5-2_source.buildinfo
Checksums-Sha256:
0f7b4750fbb8f34841c31784e8fbc1a94949a83adbcb7103f0ae061198bc55e7 2005
libsepol_3.5-2.dsc
05de2029893ec20cde7687178003fc5161d606259dad218ad46e7332db922695 27596
libsepol_3.5-2.debian.tar.xz
d938848b25d37af9b9a1646b1025eccc13716a1ea4ca32b6df20ed343658b8a8 5369
libsepol_3.5-2_source.buildinfo
Files:
a8cfc342cf86585d2b9edf005e4977fe 2005 libs optional libsepol_3.5-2.dsc
861a3f83c1a860ee4691765cf4953e5a 27596 libs optional
libsepol_3.5-2.debian.tar.xz
76c4447a22109ee8f750aff766dae479 5369 libs optional
libsepol_3.5-2_source.buildinfo
-----BEGIN PGP SIGNATURE-----
iQFFBAEBCAAvFiEEmRrdqQAhuF2x31DwH8WJHrqwQ9UFAmVguUwRHGJpZ29uQGRl
Ymlhbi5vcmcACgkQH8WJHrqwQ9VSggf+MFCh+V0UZ7tuUzNLR3gGJxlI+DyJlQOB
91CJtqI+77ngQIiKN828w2jdN5BmzQZctZ5rAVSi1moS0LC1gde3Og5r2vWfulQz
L3LcDzqG0tQ5D5mgF5Ynzb6nZzbZrMNBOnToeHS918zvmX7zfhEyCVypi8mZ6C8e
RggrrOMqX78xEqAn2uYAUyKU/v/Zmhe1+Rhs49MU8iuR2OosODTPip6ZBzLOOWe+
1Z7sTp2cuFnji2UOvGmz8ec5Ktmlwz0YSg5yKYS9Ehf+jjwvW3l/516hgLxKxKfg
2rTn2qtnjdeGlRodgFdfgvGNQjtaO2I1OS8pPKPE9r3gI+1ACFr+Gg==
=3oMd
-----END PGP SIGNATURE-----
--- End Message ---
