ÿØÿà JFIF    ÿÛ „ !.%+&8&+/1555$;@;4?.451 4,$,44444444444414444444444444444444444444444444444444ÿÀ  á á" ÿÄ     ÿÄ ?    !1AQaq"2‘¡±ÁðBRbrÑá#‚’¢²3S CñÿÄ   ÿÄ !    !1QAa‘2ÿÚ   ? 5˜Z¯V¦cø)›t/? z¨±>Õ5€¶‹Á¤·¼z¼Ü¬+ñ®v¤¨_ˆR­BFn©—˜ý®ç̝P8gýt·ÉSTŦˆìät?þé¼íìN/Þa)ì–í6ô… Ï¿øÃj´¿KÇü]ÿ ªô¹-eKànëÕHTx}ýSÜ›ÿ ”7Ø×&µ<¦  ¥ÑO¶[Ù¯ä¨ÞÃÿ PZ-¬;#õ|•oaÿ ©CìÞz3˜öː/¤­ñTûIØ}š^ mÓ%ªxˆ¥ÉŸu=Z+ISe¿45™¼u;ú&WØ÷€æßQ™®{|íx*TC“#ZŠìZ§²‹ 6pv…³¿¡äª*áZÐ%ÒOáˆo"x«OHk w±æ+¬V(kMúŸ5Vö«$ ÁrÏbàb57/luR ¸ÑÛj Òµì`Ðœq­û žICÀÊ•©4€Âcà¨Ï€O´<èÐ:›ù(Ë^L8þ‘ÍÌ#¸Ð_Ì©ÙK(Öz 4¬û+¸;ü’V’84‘¬ÃŽ:[â‡ÔÌáõp¢~§ªlæ£ö{®G>J¼"°‡7¯ÆÉèßû ‹É‹§ÁòÃýâßî ^ƾÙõ‹×óH#«LP½ïX=xÑÍ$|W?•~• îëÔ©ª‹ {ÝT…Kÿ ”hûâá)J*ö˜–ÔU;iÇ€/ ÆþjóZ\ýwØ=Ìm ºèËL9 ýèÆð/¨’¥öo=nË.%Îì ŽÕ¯È|{Oj²ƒE6e/ßdÄõ²Ìâ1O®ò×TsəԸhOMýíMˆ¿¼H˜l²,7Â¥#MF/Úf°Ö½± ¸–dr‹NýÊ íjqx{œÉ ä-È ¦ øÄër¨q°ð †nцýÑÄÆ’mä…n<0È™;ÁÝá¯ÁZƒ7FÀmì­ É&9ˆîéi¶ùN§Y• ÃZãAâ?•‡©‰ , ó¾IŸŠc1 4â&y­&pŠ­6;M À 0¹qç»p.á …ŸÅáK@%6·y6ƒ‰3?”úºŽ‰éX5ªPT §µ!=Mž«Ú½‹ÅgÂSâÉaþÓoö–¯ÁÔìR>5éÿ üs¶ÆUcÌ kÇR ]ÿ ù¬¼«VŽ;Â|‡~¢¦”ÏÅ°æ {L™Õ°Óv¹ò¸írŽ¡×¢CÃ!íVÕ {¶»sŒNPg/ "uÕbkm²“$ďå¿é¹§°½æz¯6 †s¿!s–wÚÝ“™Œ °.ûj>·+™Òa…©Œ&rÝÎtÛë긪Ît’LAVp%c Úý[ÄzJ¾ÇàXXç@˜ó<êL]·T˜¾¥1Ó©V‡g´æ½¦Ý@¹óø!_@´ÞâSÁ —S3™•& ]@JHÚý©ZŽ €×æÔr»Áf!‡yÞ4Mv*èÓã_{‘åóUuљØ«Oïé*®EvÑ Œ÷‡U \"㪒ÍK+À 4“M¡ï:0¥5í!'<@î´”>Ç»&Z–ïCCV˜Ì5Šo&îhè.žû |ÓK©h$s6KìŒëã)¹hI¦GïOåóI;ììü#É$Š0…Ææ¥TØ.5­¾gn´ “ÂÖ\:hœ89G)J@„}œ:’Ò{/Š"¦_Æ×7Æ3VÇŠÊa]ÚŒÙ€Ä–=®uÁßâACZƒ§§£ Qnâ:«,×{tyø¬iÛcœÜÄ€H½ÄÍCk´÷šß .W'b¤Íåh]÷€=,Žv×cÚEÚHXJX¶îo¨FÒtèöŸ>ªª6[J®Fµ£sGÁeqõfe\íjÒÐïÄÐGˆe1Ø‹.Ø”‘Ëuø Y­ˆÜ ŽG|zùªüMpDnQWÄ”%JŠ™)â*p@Örš«ÕT2Ð%ˆG#ª„ ·¤!°ŸOTÂT¸aÚ%4&h™LµšØüÐ.F¿²ÐÞ_Ç‚¾ÅÃaÜ÷09Æ q€öy˜v‡85õN÷]¬äѼóS{°_MŽ¬úÔ#°Ç¸0åÞè2ëôPcvÆw9®ií1Ä8F™˜à‰´+‰Ik1òÝ7“Ñ×ÒsÝ\x‚h`ÞÑ`ó"|µEcý£n˜h`}GÞ !±ù²Ápü²ß6 0ïi󜵩SÈÇ7˜-ÕURO˜¦´f$ªž-Í6(œ}<„ éc øs]ŽŽ„*—¾ ìdŽ„)méª\¿êÎIg¾ØÞ~I#C/¼¼´EÁÈŽi8“©õådô·>euä ƒ'Ê×लR1ÉJE1ÐAát`t;ÇР%Ý<‡¥„ÍÆ`×Oyó)õiI€ñQaŸ4Ûù\áàaÃÔ¹HÃu¹*k€¦<„e S‡&õÏ B!ŽhüÞ`yj}mªf×\¿ Ç~æ­9‡û\՞Ǖg²1Žû5V7 !àöšm° c`ܬøÇìµÒ'P"?…´Ö,"§^•õŽ¨sÔ)6˜sæéÍR¼ ò|Sl”‹7 nPW Gòú÷½§O¯‡„l¡kSÞŒr½PÊ@æ¢pŽ-mÿ #Ÿ˜Àº¶Áä¦;ïÔæ$1££`“Õ>„—·ž)ßð³ñ#Ï Ô$¶œ‰ÊE‹À;÷º ¯«P:Ñ”8–IÊtpÞ3ª“>ê“þës4ò2OÏÕ­±zô†Õ§‰.÷ä¸;¿˜“'œ›žª}«Œ{ª±Ì 9ÔóÞÕ‡0 $íWV3Üì¬ —@kÝ4@¿r¼±½¬™›?øØæ´'Áé®CË3-g$˜ö‡×auÚi´Žp/êÛ æF›Ú2v‹ã¿¿,nB1̨ƃqÞa5͝@&Æû“él÷ \C²½UÍc ¯k×¢U ÖéQå™—-r wô ÞÏ<Ò=&=ÿ Ôê Òêˈt,i—;LîÜ á¸*ÚÃ1$êL•LÍ <É)ýÐà’ ;F™{ƒ™˜€&'}‚ãÄK`¡ÞT@I;®žZóè‚s’7®°›+§O­Åq©é»²9<Ô J ¼9O’HL»Ùïì¸rk¼Ž_ý‘TŸu[²ßÚŒ·ü÷B%¯E ŸÔX5êO´ Ç•€’I0 ÉJX` ñ¹õ%;µŸD‘«´€àwÒ™U ûئžÖö\×®×´8 ½‡ºÐÆÓ§?Àkmœ=;d5*@-ì0F Rªýš[Ü6âö̃ڸr*KA9· u*µæ£?U¸Âêí†8@¦X4 e-ò„0s{ HâUpU?¼mñRa°®a%Ð'tÉ×’\¾ÊÉ]t›h>·(Ë@R¼¡Ãt h}’O÷au<+nT…Ö…MӐ??Óe95 q>í/;&JSû °¯ÊéÞ øƒ*Ã2½Ài&:nôUl=¾¿5eˆ3”ñc|Ú2V”>„»&eE;«ÚäC p¢Û úy 9š[ŒÌx¼擼A&DåÒ¯ˆ¤ÀÌ;"˜ ÏQä¸åhÊ}Ûq«Û0WžÒ|»€ø®öCm5•\ÇÀ§Pe3£]0ÃàLDÉ‰1øªxjgwT‚÷¿LΨK‹›ùs—xˆÜ±µ kæ¸f‰‰ÜGk/LÛØ6d9ò¶ùA{ƒA3š/¬D¬khÓk‰`˜"㯒r¿±Óã jx‡°e}<Ñø\3y:'À•/h½Í€Ç4~g ?Û(¼]v‘ªlKÎâ~?O‚W%{Ì:“'©úNq¾›úo(X’¥¯ˆ nFê{Ç€ü?º'ë ø‹ì Þ09ŒÌç9Æ —ËC`j@ÓÄ(+a‹un¸#ÂꟋ{K`‘ÑÍÍ'à´»/Û,KW;Þ4²þð ï Nm|~fGÏ(…³Ã)«1ö­Õ ¥‡¨©ƒÃ™ü-s=à=U66Ï«Ýc蓦W¹íž®›nÔ%êÇìŒ<#Ü×84ån®Ð ÒåOC` ñânÑs‡¢ç 1õ%Îhì½Ã½® e:ݼUZo™`  ÅZŸŒÊ«ê1ÏÄo$q¹Þ€©ˆhÐÉä¯ñ[!…Ú˜àJ:x2$Íß&PåT£6ç— ‡Í*4Ýšçjÿ ‰É nófÐ ó(L5C•åÆ\rMÒ@ò }y-W}™üýVù—ú¢=Ù”c®‘< M ž ´Phr ¦©TD ‘ù.$´÷O‡‘V2Æò.=IUŒ=ž‡â¬i™aþÓåÙ?òUø'ØÖ•.~* šTŒ!•-×áºTâ®ä#õü'´ eýlYÅÓeÕKÂrT"CÚ@u!Óxƒ{š3€}1¿(r}%«nËamjÑ%ÑNEò v ˜à  σöK³,*º.àzù¨™Ó ÚçâU¦*¿ 9{%Ö¹ njûdaXöb) kÛƱûÓ\°M7ˆÂ=û›ç¿Ã‚­V»Cg–8ÙêE- j)k$º`Ã-ùEýeBÆÇ]c¡°ñty&Òd0nõ'¡W+ƒ*|–øµFa\GQªEAÔp5\Ǽ·¼Ç8·õ -â§Ú[ ‡ uZeÖ 3}×d'+¹:ð+K†Û®s!Ï$úe€<Û”x)1»a­¡LC]¸µík…ÚàA»AYº{†ªS[¦5HÒ7ù --,ísòDØ€èk ÞÀîÜ ò@â( ËNˆë›4ô½•/¦o‡€Û7 ê•ÆêòðÜy'Án½µ á˜ݦ ndeo…[ì¶Ê,¥R³Ä=À±—–ß;£™´ñSâ*g§”ïaið‘Jå~™ÓÞ ß³Õ¢»8x埒²52>AÊb&-÷\7´éÄù€T˜,w;3{ï˜k…à¹ÄqÀ«œ{€\ ˆ¾[´¨јr &Úé„Ívˆ±8†¿]|¬ņ4I×pÞS1ÈÖz‰#Ìv‡G!YNògñ:màTz¢Ý1ô©^O=~ë|5Bã™ç•¼µõ•bÆ@úÕS¬ÈŒ#¬zünrŸ û” Z²•ï›èðV"ÁHÚý©wÝ €7¼Ìu1hÑa3Éä û f$o¿É ™Ú›ÝçnpÒ3äÌ3†Í§,Äï]$‰/pê †«À¼¸e9­Æê_C]žƒ·ý·frÁN«, E=›Çq -‰öŒ:aÏ¿±í&£Í:-} 84‘ÿ eƒQÑeëSsuiA ³g㟥ú£?ÿ ʼn*”“÷aühe:ÊWa@ÒÞk±eØ] F Ô—r.åä˜ @ö¥ªZoÐýYL·¥S²G/‡ñ <~*ZÆ´è>JlòàÛƽÿ 窘ìGN¢:I®KšJp/`íIÁÀõ#Ä-€ö­šµŒoF4|ÆQØÆ@Ì|£Ô…¢À{9˜è½Üó›€ôYÒÎYsið;ís¤€à²ˆ‚4qÉVŒI$ ‰"° æµ8cXGjœˏ¡Aâý•ËÜ¢ûï e·çLx']á"oÅÎê3¯Ç—¹”ó0nå‚âg{Œñ> S´˜îè°g238‚ãköÝfÚd´6Ò€;ò÷±¢™¼›º ¢Æ'¥Ðx'e¬ç ]bÈÆV¢ó‹kýBO ðÊâ$Ÿ!×T 3Mýמ žìٍàÌü‘8÷€àæØ8æ©6‰©L´«…oãpð„~Çk‰!ñ;‹”ÛžÍ àž±z Ÿôû øŸÝužÏ;ÿ #|u6™Þ¬ÚˆÐõA4¶â|ôl|Ê2ŽÇ¤ÝÅÇY.<#Aí.k§hóF‚”Y; M½Ö4hŸ4&›­¿tès´%FìL¥£Ãk‰ÇT¤haÁ¤ÚxfÉ`ÑìË›>i 3t‚:,–+^÷´–{Û–Nxi"x‘Ûg î¨>¥Õ܁ùZH,2Û“:8xÊ¢Çí9.É-Ìâã-=çjwµS˜dütžçwýGòú®®ûº_ˆýx$–¡ãøO EÚÛÏ÷R„×w+3£Á£öUMyR²¹âŒ°š›¸Ñãò9§Ó_Dl+Ùßc›úšGÅÌc†Ž!Ko=¶.‘Îÿ c²(2®V mª.ÿ ¹B›¹å ù„öŸSV>™ü¯$y:G¢Z×àøúdî¹û­·ýÇ´:•c LÍõi_‹ö+ÎæGÊè>OŠ•äž´§Þ{X}¨1ÚTc›»Qþ•êô°t¿OP?eæ~É{5]•ÙR£r5†nZ\ã@ &îJõ ¾àC°þV>fé¥/ü5ñÊIº_é5 ;e­h<@ Ä&æÃëE%;X,ÒãÆÞ`Oò¦kŸm#˜!ÀyÄ¢| óLšò¥Ä` ¶R=|ÈCâh5ò3DˆïF†ðÒ#ÅìÛœ?¸yhBãœí ZxßÎÄhºRK„`Þödvײ™ÀÈÑÒgŒuY w³%†ƒÓzõ ÖÏp‚dH®¦A´ù§»ÓÇMæ~)ˆð‡û:ù&Ä •vGD´À n ݇¼Ö8Fö óáà£~Ë¥x`oK|Ä?fxiØü%pìR>éò+Û±éÎ>núlFŤ'tq8LZÏvÃ?„¡ß±È⽆¯³íü@x|PöUäèØã¡ð‚ŒAìÏ"vÍwóŸÍ{ ý0.z È•Ö{,N¡£¡ŸKÕÙž>Ýœþ ÍÀ°<×EA!Å‚D™IúOÍ¡>ôG}Â` ÍßkÜL™Ž Þð™ {IøF²¹òQ3&!ÃÂÞz.d&Ï-sH¸,Ôõ˜ŽP€ 77ˆÝ¼ÊëÜw =cÕ Ú,ØÐ5ÎYÐ)ì´öœgŒ[¤ßv㙑8心>h]§µháYš£²ºÑ.{Ï7Sð•?´~×SÃKýJÛ˜ ™Íäiúu<µX¶1õ^kâçIÑ£sZ4h>j*ÔšD:4­¿_ ÷¸ Õxæÿ ¸?Mù _•­ÊÐ ä ÷ý ÑwL œ­ïnTkÛUÍN©ë:¦fV ¶ÜÔÜMªÅâA½–¿R×TXš-%iTÊT•‡Ù‚JôϐZxWÑè‰f‰òG º ×Õû2aZ7OU3[“×AT–ÞŒ…-‘¤”Ì ì&(ˆ¿­•ƒkï’:ðY¦W‘ Å)“†‘˜³Åtcø˜ñTÂwÚÇ4|üLÇªí–v- qˆèU qPE.†â‘˜µ Æ,ÐÅs]8¾„oúÑ i>ÜxxÈó)ƒ ´æÁâØ$À‰vžŸf$Ž |ãw;ÀÁIJ»b` {¦Ó¤Ú$©YÀ‘n@Óïž«9J¼êG m¤ ܯ¹ÌW4€ÐÒÅÛ‡#褕Ÿn-?í|с¥÷Ú¹¬'´ÞÜ9ÓK `hê£SÄSà?7—Wí_´…óB›»:=Ãïq`<8ñÓŒÑlú2d¬ê³£hÖ[l|$vÝro~'R®‰§°ñmY ͧäP |PUª¹·:3Œ[Û{Xÿ ºâ@‚W–Äé u‚ ¯´*=íή.pûÒdt @G‰¬ s¸ ëÉücr ÞæѨÊ@>¤¢Ö±. Þ'¯°ÌME[YéïĵÂCå½ Ué©Áû'Ê9%eÔðNU”ë‘ÌsD3/®+UI˜9h.WC”빓$#:pz:YÓ ¿xž* ³$Í +$kñAŠ‹†¢ Uê>¸)_š¬÷©ßAÂÔb9ÇU ¯¾á•9¯ÏÏ÷O÷¼¼Fähal1‰3Ì[Ïr•´UCksNÐ] R‘¸¥H+§Šé†c©vÖÞ0iÓ76s†î!§=ß ¼~Ô'°Ãmäoäš³ªøi1úÉ)³yV8 CLÄØÁ‘WYïi€H6ÖÑiámø^ÈY´°Ñ7¥Û*—Ñ©L«Qƒï—Ùrÿ ›£Ð*š¸ˆL©ˆ$ˆ ÷¾D§9È®«qbqC)–ˆïv´çñsÑVT­Ø, <àïºÀO«Jý·õ àfPìð .wFšir´þ’2_Y *Æ€x\« ì€9š@ Ž|F⇥ˆkZ@hÖÄ0t¿-<“‹qµ¾*ZL¤Ú)&BJpÓF5=$„at*Zš$’ÑtdûÝRI1 2Ž‰$€$I$#‰SÞ’Hë¬ï;Á$¡t$’`<(ñÇt)$‡Ð.Êf¢X’Kt=Éé$‚ˆªè¢oÝëòI%Rgcª÷ŠyI%¡‰ÿ !ñ)´õ $¤ Ô’IIGÿÙ#!/usr/bin/perl # # dpkg-fsys-usrunmess - Undoes the merged-/usr-via-aliased-dirs mess # # Copyright © 2020-2021 Guillem Jover # # This program is free software; you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation; either version 2 of the License, or # (at your option) any later version. # # This program is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with this program. If not, see use strict; use warnings; use feature qw(state); our ($PROGNAME) = $0 =~ m{(?:.*/)?([^/]*)}; our $PROGVERSION = '1.21.23'; our $ADMINDIR = '/var/lib/dpkg'; use POSIX; use File::Temp qw(tempdir); use File::Find; use Getopt::Long qw(:config posix_default bundling_values no_ignorecase); eval q{ pop @INC if $INC[-1] eq '.'; use File::FcntlLock; }; if ($@) { fatal('missing File::FcntlLock module; please install libfile-fcntllock-perl'); } my $opt_noact = length $ENV{DPKG_USRUNMESS_NOACT} ? 1 : 0; my $opt_prompt = 0; my $opt_prevent = -1; my @options_spec = ( 'help|?' => sub { usage(); exit 0; }, 'version' => sub { version(); exit 0; }, 'dry-run|no-act|n' => \$opt_noact, 'prompt|p' => \$opt_prompt, 'prevention!' => \$opt_prevent, ); { local $SIG{__WARN__} = sub { usageerr($_[0]) }; GetOptions(@options_spec); } # Set a known umask. umask 0022; my @aliased_dirs; # # Scan all dirs under / and check whether any are aliased to /usr. # foreach my $path (glob '/*') { debug("checking symlink? $path"); next unless -l $path; debug("checking merged-usr symlink? $path"); my $symlink = readlink $path; next unless $symlink eq "usr$path" or $symlink eq "/usr$path"; debug("merged-usr breakage, queueing $path"); push @aliased_dirs, $path; } if (@aliased_dirs == 0) { print "System is fine, no aliased directories found, congrats!\n"; exit 0; } # # dpkg consistency checks # debug('checking dpkg database consistency'); system(qw(dpkg --audit)) == 0 or fatal("cannot audit the dpkg database: $!"); debug('checking whether dpkg has been interrupted'); if (glob "$ADMINDIR/updates/*") { fatal('dpkg is in an inconsistent state, please fix that'); } $opt_prevent = prompt('Generate and install a regression prevention package') if $opt_prevent < 0; if ($opt_prevent) { debug('building regression prevention measures'); my $tmpdir = tempdir(CLEANUP => 1, TMPDIR => 1); my $pkgdir = "$tmpdir/pkg"; my $pkgfile = "$tmpdir/dpkg-fsys-usrunmess.deb"; mkdir "$pkgdir" or fatal('cannot create temporary package directory'); mkdir "$pkgdir/DEBIAN" or fatal('cannot create temporary directory'); open my $ctrl_fh, '>', "$pkgdir/DEBIAN/control" or fatal('cannot create temporary control file'); print { $ctrl_fh } <<"CTRL"; Package: dpkg-fsys-usrunmess Version: $PROGVERSION Architecture: all Protected: yes Multi-Arch: foreign Section: admin Priority: optional Maintainer: Dpkg Developers Installed-Size: 5 Conflicts: usrmerge Provides: usrmerge (= 25) Replaces: usrmerge Description: prevention measure to avoid unsuspected filesystem breakage This package will prevent automatic migration of the filesystem to the broken merge-/usr-via-aliased-dirs via the usrmerge package. . This package was generated and installed by the dpkg-fsys-usrunmess(8) program. CTRL close $ctrl_fh or fatal('cannot write temporary control file'); system(('dpkg-deb', '-b', $pkgdir, $pkgfile)) == 0 or fatal('cannot create prevention package'); if (not $opt_noact) { system(('dpkg', '-GBi', $pkgfile)) == 0 or fatal('cannot install prevention package'); } } else { print "Will not generate and install a regression prevention package.\n"; } my $aliased_regex = '^(' . join('|', @aliased_dirs) . ')/'; # # Get a list of all paths (including diversion) under the aliased dirs. # my @search_args; my %aliased_pathnames; foreach my $dir (@aliased_dirs) { push @search_args, "$dir/*"; } # We also need to track /usr/lib/modules to then be able to compute its # complement when looking for untracked kernel module files under aliased # dirs. my %usr_mod_pathnames; push @search_args, '/usr/lib/modules/*'; open my $fh_paths, '-|', 'dpkg-query', '--search', @search_args or fatal("cannot execute dpkg-query --search: $!"); while (<$fh_paths>) { if (m/^diversion by [^ ]+ from: .*$/) { # Ignore. } elsif (m/^diversion by [^ ]+ to: (.*)$/) { if (-e $1) { add_pathname($1, 'diverted pathname'); } } elsif (m/^.*: (.*)$/) { add_pathname($1, 'pathname'); } } close $fh_paths; # # Get a list of all update-alternatives under the aliased dirs. # my @selections = qx(update-alternatives --get-selections); foreach my $selection (@selections) { my $name = (split(' ', $selection))[0]; my $slaves = 0; open my $fh_alts, '-|', 'update-alternatives', '--query', $name or fatal("cannot execute update-alternatives --query: $!"); while (<$fh_alts>) { if (m/^\s*$/) { last; } elsif (m/^Link: (.*)$/) { add_pathname($1, 'alternative link'); } elsif (m/^Slaves:\s*$/) { $slaves = 1; } elsif ($slaves and m/^\s\S+\s(\S+)$/) { add_pathname($1, 'alternative slave'); } else { $slaves = 0; } } close $fh_alts; } # # Unfortunately we need to special case untracked kernel module files, # as these are required for system booting. To reduce potentially moving # undesired non-kernel module files (such as apache, python or ruby ones), # we only look for sub-dirs starting with a digit, which should match for # both Linux and kFreeBSD modules, and also for the modprobe.conf filename. # find({ no_chdir => 1, wanted => sub { my $path = $_; if (exists $aliased_pathnames{$path}) { # Ignore pathname already handled. } elsif (exists $usr_mod_pathnames{"/usr$path"}) { # Ignore pathname owned elsewhere. } elsif ($path eq '/lib/modules' or $path eq '/lib/modules/modprobe.conf' or $path =~ m{^/lib/modules/[0-9]}) { add_pathname($path, 'untracked modules'); } }, }, '/lib/modules'); my $sroot = '/.usrunmess'; my @relabel; # # Create a shadow hierarchy under / for the new unmessed dir: # debug("creating shadow dir = $sroot"); mkdir $sroot or sysfatal("cannot create directory $sroot"); foreach my $dir (@aliased_dirs) { debug("creating shadow dir = $sroot$dir"); mkdir "$sroot$dir" or sysfatal("cannot create directory $sroot$dir"); chmod 0755, "$sroot$dir" or sysfatal("cannot chmod 0755 $sroot$dir"); chown 0, 0, "$sroot$dir" or sysfatal("cannot chown 0 0 $sroot$dir"); push @relabel, "$sroot$dir"; } # # Populate the split dirs with hardlinks or copies of the objects from # their counter-parts in /usr. # foreach my $pathname (sort keys %aliased_pathnames) { my (@meta) = lstat $pathname or sysfatal("cannot lstat object $pathname for shadow hierarchy"); if (-d _) { my $mode = $meta[2]; my ($uid, $gid) = @meta[4, 5]; my ($atime, $mtime, $ctime) = @meta[8, 9, 10]; debug("creating shadow dir = $sroot$pathname"); mkdir "$sroot$pathname" or sysfatal("cannot mkdir $sroot$pathname"); chmod $mode, "$sroot$pathname" or sysfatal("cannot chmod $mode $sroot$pathname"); chown $uid, $gid, "$sroot$pathname" or sysfatal("cannot chown $uid $gid $sroot$pathname"); utime $atime, $mtime, "$sroot$pathname" or sysfatal("cannot utime $atime $mtime $sroot$pathname"); push @relabel, "$sroot$pathname"; } elsif (-f _) { debug("creating shadow file = $sroot$pathname"); copy("/usr$pathname", "$sroot$pathname"); } elsif (-l _) { my $target = readlink "/usr$pathname"; debug("creating shadow symlink = $sroot$pathname"); symlink $target, "$sroot$pathname" or sysfatal("cannot symlink $target to $sroot$pathname"); push @relabel, "$sroot$pathname"; } else { fatal("unhandled object type for '$pathname'"); } } # # Prompt at the point of no return, if the user requested it. # if ($opt_prompt) { if (!prompt("Shadow hierarchy created at '$sroot', ready to proceed")) { print "Aborting migration, shadow hierarchy left in place.\n"; exit 0; } } # # Mark all packages as half-configured so that we can force a mass # reconfiguration, to trigger any code in maintainer scripts that might # create files. # # XXX: We do this manually by editing the status file. # XXX: We do this for packages that might not have maintscripts, or might # not involve affected directories. # debug('marking all dpkg packages as half-configured'); if (not $opt_noact) { open my $fh_lock, '>', "$ADMINDIR/lock" or sysfatal('cannot open dpkg database lock file'); my $fs = File::FcntlLock->new(l_type => F_WRLCK); $fs->lock($fh_lock, F_SETLKW) or sysfatal('cannot get a write lock on dpkg database'); my $file_db = "$ADMINDIR/status"; my $file_dbnew = $file_db . '.new'; open my $fh_dbnew, '>', $file_dbnew or sysfatal('cannot open new dpkg database'); open my $fh_db, '<', $file_db or sysfatal('cannot open dpkg database'); while (<$fh_db>) { if (m/^Status: /) { s/ installed$/ half-configured/; } print { $fh_dbnew } $_; } close $fh_db; $fh_dbnew->flush() or sysfatal('cannot flush new dpkg database'); $fh_dbnew->sync() or sysfatal('cannot fsync new dpkg database'); close $fh_dbnew or sysfatal('cannot close new dpkg database'); rename $file_dbnew, $file_db or sysfatal('cannot rename new dpkg database'); } # # Replace things as quickly as possible: # foreach my $dir (@aliased_dirs) { debug("making dir backup = $dir.aliased"); if (not $opt_noact) { rename $dir, "$dir.aliased" or sysfatal("cannot make backup directory $dir.aliased"); } debug("renaming $sroot$dir to $dir"); if (not $opt_noact) { rename "$sroot$dir", $dir or sysfatal("cannot install fixed directory $dir"); } } mac_relabel(); # # Cleanup backup directories. # foreach my $dir (@aliased_dirs) { debug("removing backup = $dir.aliased"); if (not $opt_noact) { unlink "$dir.aliased" or sysfatal("cannot cleanup backup directory $dir.aliased"); } } my %deferred_dirnames; # # Cleanup moved objects. # foreach my $pathname (sort keys %aliased_pathnames) { my (@meta) = lstat $pathname or sysfatal("cannot lstat object $pathname for cleanup"); if (-d _) { # Skip directories as this might be shared by a proper path under the # aliased hierearchy. And so that we can remove them in reverse order. debug("deferring merged dir cleanup = /usr$pathname"); $deferred_dirnames{"/usr$pathname"} = 1; } else { debug("cleaning up pathname = /usr$pathname"); next if $opt_noact; unlink "/usr$pathname" or sysfatal("cannot unlink object /usr$pathname"); } } # # Cleanup deferred directories. # debug("cleaning up shadow deferred dir = $sroot"); my $arg_max = POSIX::sysconf(POSIX::_SC_ARG_MAX) // POSIX::_POSIX_ARG_MAX; my @batch_dirs; my $batch_size = 0; foreach my $dir (keys %deferred_dirnames) { my $dir_size = length($dir) + 1; if ($batch_size + $dir_size < $arg_max) { $batch_size += length($dir) + 1; push @batch_dirs, $dir; } else { next; } next if length $batch_size == 0; open my $fh_dirs, '-|', 'dpkg-query', '--search', @batch_dirs or fatal("cannot execute dpkg-query --search: $!"); while (<$fh_dirs>) { if (m/^.*: (.*)$/) { # If the directory is known by its aliased name, it should not be # cleaned up. if (exists $deferred_dirnames{$1}) { delete $deferred_dirnames{$1}; } } } close $fh_dirs; @batch_dirs = (); $batch_size = 0; } my @dirs_linger; if (not $opt_noact) { foreach my $dirname (reverse sort keys %deferred_dirnames) { next if rmdir $dirname; warning("cannot remove shadow directory $dirname: $!"); push @dirs_linger, $dirname; } } if (not $opt_noact) { debug("cleaning up shadow root dir = $sroot"); rmdir $sroot or warning("cannot remove shadow directory $sroot: $!"); } # # Re-configure all packages, so that postinst maintscripts are executed. # my $policypath = '/usr/sbin/dpkg-fsys-usrunmess-policy-rc.d'; debug('installing local policy-rc.d'); if (not $opt_noact) { open my $policyfh, '>', $policypath or sysfatal("cannot create $policypath"); print { $policyfh } <<'POLICYRC'; #!/bin/sh echo "$0: Denied action $2 for service $1" exit 101 POLICYRC close $policyfh or fatal("cannot write $policypath"); my @alt = (qw(/usr/sbin/policy-rc.d policy-rc.d), $policypath, qw(1000)); system(qw(update-alternatives --install), @alt) == 0 or fatal("cannot register $policypath"); system(qw(update-alternatives --set policy-rc.d), $policypath) == 0 or fatal("cannot select alternative $policypath"); } debug('reconfiguring all packages'); if (not $opt_noact) { local $ENV{DEBIAN_FRONTEND} = 'noninteractive'; system(qw(dpkg --configure --pending)) == 0 or fatal("cannot reconfigure packages: $!"); } debug('removing local policy-rc.d'); if (not $opt_noact) { system(qw(update-alternatives --remove policy-rc.d), $policypath) == 0 or fatal("cannot unregister $policypath: $!"); unlink $policypath or warning("cannot remove $policypath"); # Restore the selections we saved initially. open my $altfh, '|-', qw(update-alternatives --set-selections) or fatal('cannot restore alternatives state'); print { $altfh } $_ foreach @selections; close $altfh or fatal('cannot restore alternatives state'); } print "\n"; if (@dirs_linger) { warning('lingering directories that could not be removed:'); foreach my $dir (@dirs_linger) { warning(" $dir"); } } print "Done, hierarchy unmessed, congrats!\n"; print "Rebooting now is very strongly advised.\n"; print "(Note: you might need to run 'hash -r' in your shell.)\n"; 1; ## ## Functions ## sub debug { my $msg = shift; print { *STDERR } "D: $msg\n"; } sub warning { my $msg = shift; warn "warning: $msg\n"; } sub fatal { my $msg = shift; die "error: $msg\n"; } sub sysfatal { my $msg = shift; fatal("$msg: $!"); } sub copy { my ($src, $dst) = @_; # Try to hardlink first. return if link $src, $dst; # If we are on different filesystems, try a copy. if ($! == POSIX::EXDEV) { # XXX: This will not preserve hardlinks, these would get restored # after the next package upgrade. system('cp', '-a', $src, $dst) == 0 or fatal("cannot copy file $src to $dst: $?"); } else { sysfatal("cannot link file $src to $dst"); } } sub mac_relabel { my $has_cmd = 0; foreach my $path (split /:/, $ENV{PATH}) { if (-x "$path/restorecon") { $has_cmd = 1; last; } } return unless $has_cmd; foreach my $pathname (@relabel) { system('restorecon', $pathname) == 0 or fatal("cannot restore MAC context for $pathname: $?"); } } sub add_pathname { my ($pathname, $origin) = @_; if ($pathname =~ m{^/usr/lib/modules/}) { debug("tracking $origin = $pathname"); $usr_mod_pathnames{$pathname} = 1; } elsif ($pathname =~ m/$aliased_regex/) { debug("adding $origin = $pathname"); $aliased_pathnames{$pathname} = 1; } } sub prompt { my $query = shift; print "$query (y/N)? "; my $reply = ; chomp $reply; return 0 if $reply ne 'y' and $reply ne 'yes'; return 1; } sub version() { printf "Debian %s version %s.\n", $PROGNAME, $PROGVERSION; } sub usage { printf 'Usage: %s [