[tor-bugs] #34115 [Internal Services/Tor Sysadmin Team]: review the impact of usrmerge
Tor Bug Tracker & Wiki
blackhole at torproject.org
Mon May 4 19:38:44 UTC 2020
#34115: review the impact of usrmerge
-------------------------------------------------+-------------------------
Reporter: anarcat | Owner: anarcat
Type: defect | Status:
| assigned
Priority: High | Milestone:
Component: Internal Services/Tor Sysadmin Team | Version:
Severity: Major | Resolution:
Keywords: | Actual Points:
Parent ID: | Points:
Reviewer: | Sponsor:
-------------------------------------------------+-------------------------
Old description:
> Debian buster shipped with a "merged `/usr`", which means that `/bin`,
> `/lib` and `/sbin` are now symlinks to their counterparts in `/usr`.
> There are concerns that this behavior is buggy and triggers problems in
> all sorts of places. In particular, the `dpkg` maintainers are quite
> unhappy about the change and do not support it as a configuration:
>
> https://wiki.debian.org/Teams/Dpkg/MergedUsr
>
> ... which is disturbing, considering the `dpkg` is such a core component
> of a Debian system.
>
> That wiki page provides a hackish script to "migrate away" from usrmerge
> but no one, as far as I know, has done that in production. It definitely
> looks nasty.
>
> We should consider whether:
>
> 1. this is a real problem
> 2. which machines have usrmerge
> 3. whether new machines should have it
> 4. whether we need to fix old machines
New description:
Debian buster shipped with a "merged `/usr`", which means that `/bin`,
`/lib` and `/sbin` are now symlinks to their counterparts in `/usr`. There
are concerns that this behavior is buggy and triggers problems in all
sorts of places. In particular, the `dpkg` maintainers are quite unhappy
about the change and do not support it as a configuration:
https://wiki.debian.org/Teams/Dpkg/MergedUsr
... which is disturbing, considering the `dpkg` is such a core component
of a Debian system.
That wiki page provides a hackish script to "migrate away" from usrmerge
but no one, as far as I know, has done that in production. It definitely
looks nasty.
We should consider whether:
1. [ ] this is a real problem
2. [x] which machines have usrmerge
3. [ ] whether new machines should have it
4. [ ] whether we need to fix old machines
--
Comment (by anarcat):
inventory of servers with a merged-usr, done by running `readlink /bin` on
all machines with cumin:
{{{
27.0% (20/74) success ratio (>= 0.0% threshold) for command: 'readlink
/bin'.: bacula-director-01.torproject.org,build-
arm-10.torproject.org,cache01.torproject.org,cache-02.torproject.org,check-01.torproject.org,chives.torproject.org
,fsn-
node-[03-05].torproject.org,gettor-01.torproject.org,gitlab-02.torproject.org,loghost01.torproject.org,onionbalance-01.torproject.org
,onionoo-backend-01.torproject.org,onionoo-frontend-01.torproject.org
,static-master-fsn.torproject.org,submit-01.torproject.org,tbb-nightlies-
master.torproject.org,web-fsn-[01-02].torproject.org
}}}
those machines do *not* have a usrmerged:
{{{
73.0% (54/74) of nodes failed to execute command 'readlink /bin':
alberti.torproject.org,archive-01.torproject.org,build-x86-[05-06,08-09].torproject.org,bungei.torproject.org,carinatum.torproject.org
,cdn-backend-
sunet-01.torproject.org,colchicifolium.torproject.org,corsicum.torproject.org
,crm-ext-01.torproject.org,crm-
int-01.torproject.org,cupani.torproject.org,eugeni.torproject.org,fallax.torproject.org,forrestii.torproject.org
,fsn-node-[01-02].torproject.org,gayi.torproject.org,henryi.torproject.org
,hetzner-hel1-[01-03].torproject.org,hetzner-
nbg1-[01-02].torproject.org,kvm[4-5].torproject.org,listera.torproject.org,majus.torproject.org,mandos-01.torproject.org,materculae.torproject.org,meronense.torproject.org,moly.torproject.org,neriniflorum.torproject.org,nevii.torproject.org,nutans.torproject.org,omeiense.torproject.org
,oo-
hetzner-03.torproject.org,orestis.torproject.org,palmeri.torproject.org,pauli.torproject.org,peninsulare.torproject.org,perdulce.torproject.org,polyanthum.torproject.org,rouyi.torproject.org,rude.torproject.org
,scw-arm-
par-01.torproject.org,staticiforme.torproject.org,subnotabile.torproject.org,troodi.torproject.org,vineale.torproject.org
,web-cymru-01.torproject.org,web-hetzner-01.torproject.org
}}}
--
Ticket URL: <https://trac.torproject.org/projects/tor/ticket/34115#comment:1>
Tor Bug Tracker & Wiki <https://trac.torproject.org/>
The Tor Project: anonymity online
More information about the tor-bugs
mailing list