hi Holger, On Tue Jun 2, 2026 at 11:07 AM CEST, Holger Levsen wrote: > On Mon, Jun 01, 2026 at 10:47:13PM +0200, Serafeim (Serafi) Zanikolas wrote: >> please find a lightly edited version attached as a patch. > > thanks for the updated patch. What I still miss is the information first, > that postinst scripts normally must not fail. Or is it there and just missing > from the patch/context?
nope, you're right. please find attached a revised patch. thanks, serafi
From 4b83d5935cf71a9414dfa9e5d1561585c83dbd5f Mon Sep 17 00:00:00 2001 From: "Serafeim (Serafi) Zanikolas" <[email protected]> Date: Mon, 1 Jun 2026 22:39:43 +0200 Subject: [PATCH] best-pkging-practices: when failing postinst might be appropriate. Closes #801065. --- source/best-pkging-practices.rst | 31 +++++++++++++++++++++++++++++++ 1 file changed, 31 insertions(+) diff --git a/source/best-pkging-practices.rst b/source/best-pkging-practices.rst index 3dea1c4..58138ee 100644 --- a/source/best-pkging-practices.rst +++ b/source/best-pkging-practices.rst @@ -574,6 +574,9 @@ that isn't handled merely by the creation or removal of files and directories. The following instructions supplement the `Debian Policy <https://www.debian.org/doc/debian-policy/>`__. +Generic guidelines +-------------------------------------------------------------------------------------------------------------------------------- + Maintainer scripts must be idempotent. That means that you need to make sure nothing bad will happen if the script is called twice where it would usually be called once. @@ -612,6 +615,34 @@ shell-builtin for many shells and is defined in POSIX. Using ``which`` is an acceptable alternative, since it is from the required ``debianutils`` package. +Expected behavior of complex postinst scripts +-------------------------------------------------------------------------------------------------------------------------------- + +``postinst`` scripts must normally not fail, except for very specific cases when +a package is clearly broken: + +- A service failing to start upon a fresh install if: + + - the service configuration is straightforward and can be reasonably + expected to work as-is in typical Debian setups + + - the service has no external dependencies (e.g. a database which may not + yet be configured, or unreachable at install time) + +- A service failing to restart upon an upgrade if: + + - ``postinst`` can verify with high confidence (which may not always be + feasible) that the service was running prior to the restart + + - the service has no external dependencies or ``postinst`` can verify that + they are functional + + - the service configuration has not changed in backwards incompatible ways + between the old and new package versions + +The above guidance is necessarily vague because it is not possible to provide +exhaustive guidance for all the possible nuances and edge cases. + .. _bpp-config-mgmt: Configuration management with ``debconf`` -- 2.47.3
signature.asc
Description: PGP signature

