Thanks for the feedback. Given the replies, I consider that most people expect upgrades to be performed with apt (or some apt-using tool). Upgrades using dpkg (directly) are at least partially unsupported. In more detail:
On Thu, Dec 21, 2023 at 10:41:57AM +0100, Helmut Grohne wrote: > ## Options (combinations possible) > > When mitigating P3, we can avoid the mutual conflicts. For molly-guard > that has been more involved, but it seems manageable. For other > packages (that do not need to access diverted files), it becomes > simpler. We'll be doing this. It is implemented in molly-guard and submitted for gzip #1059533 / zutils #1059534. Hence, upgrades with apt-dependent tools will not experience the failure mode. > We can restore lost files in a postinst. For this to work, we must > duplicate (e.g. hard link) affected files in the data.tar. > Example: #1057220 (systemd-sysv upgrade file loss) > Note that this approach is not policy compliant for essential packages > as they must work when unpacked and this is relevant for gzip being > diverted by zutils for instance. We'll be doing this anyway. It is implemented in systemd-sysv.postinst and proposed in the gzip patch above. Yes, we are technically violating policy for gzip then, but I don't really see a technical way not to violate policy. I expect that we do not consider fixing this (unfixable) policy violation release-critical. > We can introduce "barrier" packages (one or more) and have them enforce > conflicting packages removed before the conflictor being unpacked > (thanks Julian). We'll keep this as an option for later, but avoid implementing it now. > We can - and this is the crux of the matter - argue that upgrading with > bare dpkg is unsupported and you get to keep the pieces if you do so > anyway. release-notes already recommend upgrading with apt. In addition we'll: * Extend release-notes to do advise something like `dpkg --verify` post upgrade. * Mitigate file loss in postinst (such that it becomes temporary). If you have any objections to these choices, please tell. Helmut
