Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yes, I meant dpkg.

Not sure about dpkg, but rpm does not allow two packages to own the same file. If you try to install package, that contains file owned by another, already installed package, the installation will fail (you can try that with installing an amd64 package that owns something in /usr/share, and then try to install the i386 version). Yes, post-install scripts are dangerous and rpm folks are doing small steps to phase them out: https://www.youtube.com/watch?v=kE-8ZRISFqA



dpkg will throw a fit in the same way.


it will throw an error message, which the user is probably going to ignore and install anyway.

This will ultimately cause errors down the line. Maybe not right now, but eventually problems will occur.

showing a warning is great, but not needing that warning would be preferable.

but most distributions are already working on solutions to that. ubuntu is working on SnapOn's [0] for example, and i remember hearing about something else from redhad as well.

[0] https://snapcraft.io/


No, it will not install the package at all:

    $ mkdir root/bin/
    $ (echo '#!/bin/sh'; echo 'echo "hi"') > root/bin/ls
    $ chmod +x root/bin/ls
    $ fpm -s dir -t deb -n bad-ls -v 1.0 -C `pwd`/root .
    Created package {:path=>"bad-ls_1.0_amd64.deb"}
    $ dpkg-deb -c bad-ls_1.0_amd64.deb
    drwxrwxr-x 0/0               0 2018-02-22 10:44 ./
    drwxr-xr-x 0/0               0 2018-02-22 10:44 ./usr/
    drwxr-xr-x 0/0               0 2018-02-22 10:44 ./usr/share/
    drwxr-xr-x 0/0               0 2018-02-22 10:44 ./usr/share/doc/
    drwxr-xr-x 0/0               0 2018-02-22 10:44 ./usr/share/doc/bad-ls/
    -rw-r--r-- 0/0             142 2018-02-22 10:44 ./usr/share/doc/bad-ls/changelog.gz
    drwxrwxr-x 0/0               0 2018-02-22 10:44 ./bin/
    -rwxrwxr-x 0/0              20 2018-02-22 10:42 ./bin/ls
    $ sudo dpkg -i bad-ls_1.0_amd64.deb
    Selecting previously unselected package bad-ls.
    (Reading database ... 837129 files and directories currently installed.)
    Preparing to unpack bad-ls_1.0_amd64.deb ...
    Unpacking bad-ls (1.0) ...
    dpkg: error processing archive bad-ls_1.0_amd64.deb (--install):
     trying to overwrite '/bin/ls', which is also in package coreutils 8.28-1
    Errors were encountered while processing:
     bad-ls_1.0_amd64.deb
    $ ls -l /bin/ls
    -rwxr-xr-x 1 root root 134792 Oct  2 10:51 /bin/ls*
It doesn't just warn and leave things in a bad state.


this is strange. I encountered a conflict at work recently with an /etc/ file conflict.

the stdout of the dpkg errormsg gave me the required tag i could use to do it anyway. it was basically just

  !! double click -> middle click


Actually, it will throw an error - on which the higher-level (libapt) tools above dpkg will abort, and going directly to dpkg with a --force-whatever is not quite as easy as clicking "yeah, just do it already". Not to mention that I have needed that twice in a decade, in rather obscure cases.

But yeah, containerizing the apps is probably a way forward, which sidesteps whole classes of issues.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: