1. Forum
  2. Usenet
  3. LINUX.DEBIAN.BUGS.DIST

  • Bug#1107638: checkinstall can result in an inoperable system

    From Adrian Bunk@21:1/5 to [email protected] on Wed Jul 9 21:10:01 2025
    On Tue, Jun 10, 2025 at 11:55:40PM +0000, [email protected] wrote:
    Package: checkinstall
    Version: 1.6.2+git20170426.d24a630-3+b1

    There are reports in Ubuntu of checkinstall "bricking" the system:

    https://bugs.launchpad.net/ubuntu/+source/checkinstall/+bug/1847582 https://www.reddit.com/r/Ubuntu/comments/x08ex6/psa_checkinstall_can_brick_your_ubuntu_2204_system/

    Debian has a variety of patches, but there is not a patch that I can see
    for this issue.
    ...

    From 2012 until November 2023 Ubuntu shipped a checkinstall that
    disabled file system translation by default: https://launchpad.net/ubuntu/+source/checkinstall/+publishinghistory

    These reports seem to be related to that Ubuntu-only change?

    cu
    Adrian

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From [email protected]@21:1/5 to All on Wed Jul 9 21:30:01 2025
    T24gNy85LzI1IDE1OjAwLCBBZHJpYW4gQnVuayB3cm90ZToKCj4gRnJvbSAyMDEyIHVudGlsIE5v dmVtYmVyIDIwMjMgVWJ1bnR1IHNoaXBwZWQgYSBjaGVja2luc3RhbGwgdGhhdAo+IGRpc2FibGVk IGZpbGUgc3lzdGVtIHRyYW5zbGF0aW9uIGJ5IGRlZmF1bHQ6Cj4gaHR0cHM6Ly9sYXVuY2hwYWQu bmV0L3VidW50dS8rc291cmNlL2NoZWNraW5zdGFsbC8rcHVibGlzaGluZ2hpc3RvcnkKPiBUaGVz ZSByZXBvcnRzIHNlZW0gdG8gYmUgcmVsYXRlZCB0byB0aGF0IFVidW50dS1vbmx5IGNoYW5nZT8K Pgo+IGN1Cj4gQWRyaWFuCgpJIHRoaW5rIHRoZXJlIGFyZSB0d28gdHJ1ZSBidWdzIHJlbGF0ZWQg dG8gdGhvc2UgcmVwb3J0cywgbmVpdGhlciBvZiB0aGVtIGJlaW5nIHRoZSBVYnVudHUgZGVmYXVs dC4KClRoZSBmaXJzdCBpcyB0aGF0IHZhcmlvdXMgdGhpbmdzIGNhbm5vdCBidWlsZCB3aXRob3V0 IC0tZnN0cmFucz1ubyAoYmVjYXVzZSB0aGUgdHJhbnNsYXRpb24gZG9lcyBub3Qgc2VlbSB0byB3 b3JrIGZvciB3aGF0IHNlZW0gdG8gYmUgc29tZSBwcmV0dHkgc2ltcGxlIHNoZWxsIHNjcmlwdHMp LgoKVGhlIHNlY29uZCBpcyB0aGF0IC0tZnN0cmFucz1ubyBpcyBEQU5HRVJPVVMgaW4gaXRzIGN1 cnJlbnQgaW1wbGVtZW50YXRpb24uIEV2ZW4gaWYgeW91J3JlIHVzaW5nIC0tZnN0cmFucz1ubyBJ IHRoaW5rIHVzZXJzIHNob3VsZCBiZSBhYmxlIHRvIGFzc3VtZSB0aGF0IGFuIGludGVycnVwdCBz aG91bGQgZmluaXNoIHRoZSByZXN0b3JlIHRvIHRoZSBwcmlvciBmaWxlIHN5c3RlbSBzdGF0ZS4g VGhpcyBpcyBub3QgcGVvcGxlIGJlaW5nIGJpdCBieSBhIGJ1aWxkIHRoYXQgZG9lcyBzb21ldGhp bmcgbmFzdHksIHRoaXMgaXMgdGhlIHRvb2wgYnJlYWtpbmcgdGhlaXIgc3lzdGVtIGJlY2F1c2Ug dGhleSBzZW50IGEgU0lHSU5UIHRvIGl0LgoKV2UncmUgbm90IHRhbGtpbmcgYWJvdXQgU0lHS0lM TCBoZXJlLCBjaGVja2luc3RhbGwgc2hvdWxkIGNsZWFuIHVwIGFmdGVyIGl0c2VsZiBncmFjZWZ1 bGx5LgoKLSBXeWF0dA== PCFET0NUWVBFIGh0bWw+DQo8aHRtbD4NCiAgPGhlYWQ+DQogICAgPG1ldGEgaHR0cC1lcXVpdj0i Q29udGVudC1UeXBlIiBjb250ZW50PSJ0ZXh0L2h0bWw7IGNoYXJzZXQ9VVRGLTgiPg0KICA8L2hl YWQ+DQogIDxib2R5Pg0KICAgIDxkaXYgY2xhc3M9Im1vei1jaXRlLXByZWZpeCI+T24gNy85LzI1 IDE1OjAwLCBBZHJpYW4gQnVuayB3cm90ZTo8YnI+DQogICAgPC9kaXY+DQogICAgPGJsb2NrcXVv dGUgdHlwZT0iY2l0ZSIgY2l0ZT0ibWlkOmFHNjhOVFRBb0NYWEVDWHZAbG9jYWxob3N0Ij4NCiAg ICAgIDxwcmUgd3JhcD0iIiBjbGFzcz0ibW96LXF1b3RlLXByZSI+RnJvbSAyMDEyIHVudGlsIE5v dmVtYmVyIDIwMjMgVWJ1bnR1IHNoaXBwZWQgYSBjaGVja2luc3RhbGwgdGhhdCANCmRpc2FibGVk IGZpbGUgc3lzdGVtIHRyYW5zbGF0aW9uIGJ5IGRlZmF1bHQ6DQo8YSBjbGFzcz0ibW96LXR4dC1s aW5rLWZyZWV0ZXh0IiBocmVmPSJodHRwczovL2xhdW5jaHBhZC5uZXQvdWJ1bnR1Lytzb3VyY2Uv Y2hlY2tpbnN0YWxsLytwdWJsaXNoaW5naGlzdG9yeSI+aHR0cHM6Ly9sYXVuY2hwYWQubmV0L3Vi dW50dS8rc291cmNlL2NoZWNraW5zdGFsbC8rcHVibGlzaGluZ2hpc3Rvcnk8L2E+DQoNClRoZXNl IHJlcG9ydHMgc2VlbSB0byBiZSByZWxhdGVkIHRvIHRoYXQgVWJ1bnR1LW9ubHkgY2hhbmdlPw0K DQpjdQ0KQWRyaWFuDQo8L3ByZT4NCiAgICA8L2Jsb2NrcXVvdGU+DQogICAgSSB0aGluayB0aGVy ZSBhcmUgdHdvIHRydWUgYnVncyByZWxhdGVkIHRvIHRob3NlIHJlcG9ydHMsIG5laXRoZXIgb2YN CiAgICB0aGVtIGJlaW5nIHRoZSBVYnVudHUgZGVmYXVsdC48YnI+DQogICAgPGJyPg0KICAgIFRo ZSBmaXJzdCBpcyB0aGF0IHZhcmlvdXMgdGhpbmdzIGNhbm5vdCBidWlsZCB3aXRob3V0IC0tZnN0 cmFucz1ubw0KICAgIChiZWNhdXNlIHRoZSB0cmFuc2xhdGlvbiBkb2VzIG5vdCBzZWVtIHRvIHdv cmsgZm9yIHdoYXQgc2VlbSB0byBiZQ0KICAgIHNvbWUgcHJldHR5IHNpbXBsZSBzaGVsbCBzY3Jp cHRzKS48YnI+DQogICAgPGJyPg0KICAgIFRoZSBzZWNvbmQgaXMgdGhhdCAtLWZzdHJhbnM9bm8g aXMgPGk+REFOR0VST1VTPC9pPiBpbiBpdHMgY3VycmVudA0KICAgIGltcGxlbWVudGF0aW9uLiBF dmVuIGlmIHlvdSdyZSB1c2luZyAtLWZzdHJhbnM9bm8gSSB0aGluayB1c2Vycw0KICAgIHNob3Vs ZCBiZSBhYmxlIHRvIGFzc3VtZSB0aGF0IGFuIGludGVycnVwdCBzaG91bGQgZmluaXNoIHRoZSBy ZXN0b3JlDQogICAgdG8gdGhlIHByaW9yIGZpbGUgc3lzdGVtIHN0YXRlLiBUaGlzIGlzIG5vdCBw ZW9wbGUgYmVpbmcgYml0IGJ5IGENCiAgICBidWlsZCB0aGF0IGRvZXMgc29tZXRoaW5nIG5hc3R5 LCB0aGlzIGlzIHRoZSB0b29sIGJyZWFraW5nIHRoZWlyDQogICAgc3lzdGVtIGJlY2F1c2UgdGhl eSBzZW50IGEgU0lHSU5UIHRvIGl0Ljxicj4NCiAgICA8YnI+DQogICAgV2UncmUgbm90IHRhbGtp bmcgYWJvdXQgU0lHS0lMTCBoZXJlLCBjaGVja2luc3RhbGwgc2hvdWxkIGNsZWFuIHVwDQogICAg YWZ0ZXIgaXRzZWxmIGdyYWNlZnVsbHkuPGJyPg0KICAgIDxicj4NCiAgICAtIFd5YXR0PGJyPg0K ICAgIDxicj4NCiAgICA8YnI+DQogIDwvYm9keT4NCjwvaHRtbD4NCg==

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)
  • From Martin Hostettler@21:1/5 to [email protected] on Thu Jul 24 01:30:01 2025
    On Wed, 09 Jul 2025 19:13:08 +0000 [email protected] wrote:
    On 7/9/25 15:00, Adrian Bunk wrote:

    From 2012 until November 2023 Ubuntu shipped a checkinstall that
    disabled file system translation by default: https://launchpad.net/ubuntu/+source/checkinstall/+publishinghistory
    These reports seem to be related to that Ubuntu-only change?

    cu
    Adrian

    I think there are two true bugs related to those reports, neither of them being the Ubuntu default.

    The first is that various things cannot build without --fstrans=no (because the translation does not seem to work for what seem to be some pretty simple shell scripts).

    The second is that --fstrans=no is DANGEROUS in its current implementation. Even if you're using --fstrans=no I think users should be able to assume that an interrupt should finish the restore to the prior file system state. This is not people being
    bit by a build that does something nasty, this is the tool breaking their system because they sent a SIGINT to it.

    We're not talking about SIGKILL here, checkinstall should clean up after itself gracefully.

    - Wyatt

    From what i can see the defaults in debian do not break the system and i
    think just using --fstrans=no itself doesn't either (with a very simple
    test script for installation, maybe if the backup code triggers it might be worse).

    Do we have a concrete example of an invocation that breaks the system with
    the version in trixie?

    Of course checkinstall is from a time where doing all this safely was much harder than it would be today with namespaces and overlay fs.
    But do the current limitations make it useless?

    - Martin

    --- SoupGate-Win32 v1.05
    * Origin: fsxNet Usenet Gateway (21:1/5)