Sigh.

I knew about this issue in one iteration of the patch, I even installed the buggy binary here locally as a test and *hit* the issue; but I thought that
the patch and NMU to experimental had the fixed version of the patch.
Somehow in the shuffle the wrong one got uploaded.

Sorry about that. Fixing now.

On Sat, Feb 03, 2024 at 11:46:23AM +0100, Helmut Grohne wrote:

Package: libtirpc3t64
Version: 1.3.4+ds-1.1~exp1
Severity: serious
Tags: patch
Control: affects -1 + libtirpc3
User: helmutg@debian.org
Usertags: dep17p1
X-Debbugs-Cc: vorlon@debian.org

Hi Steve,

thanks for having tried to handle /usr-move upfront for tirpc.
Unfortunately, you got it wrong. I don't want to interefere here. Hence,
I am attching a patch that corrects the issues. Tested with piuparts.

Helmut

diff --minimal -Nru libtirpc-1.3.4+ds/debian/changelog libtirpc-1.3.4+ds/debian/changelog
--- libtirpc-1.3.4+ds/debian/changelog 2024-02-02 19:28:08.000000000 +0100
+++ libtirpc-1.3.4+ds/debian/changelog 2024-02-03 11:35:46.000000000 +0100
@@ -1,3 +1,10 @@
+libtirpc (1.3.4+ds-1.1~exp1.1) UNRELEASED; urgency=medium
+
+ * Non-maintainer upload.
+ * Fix /usr-move mitigation. (Closes: #-1)
+
+ -- Helmut Grohne <helmut@subdivi.de> Sat, 03 Feb 2024 11:35:46 +0100
+
libtirpc (1.3.4+ds-1.1~exp1) experimental; urgency=medium

* Non-maintainer upload.
diff --minimal -Nru libtirpc-1.3.4+ds/debian/clean libtirpc-1.3.4+ds/debian/clean
--- libtirpc-1.3.4+ds/debian/clean 2024-02-02 19:28:07.000000000 +0100
+++ libtirpc-1.3.4+ds/debian/clean 2024-02-03 11:35:46.000000000 +0100
@@ -1,2 +1,3 @@
src/config.h
debian/libtirpc3t64.preinst
+debian/libtirpc3t64.postrm
diff --minimal -Nru libtirpc-1.3.4+ds/debian/libtirpc3t64.postrm.in libtirpc-1.3.4+ds/debian/libtirpc3t64.postrm.in
--- libtirpc-1.3.4+ds/debian/libtirpc3t64.postrm.in 1970-01-01 01:00:00.000000000 +0100
+++ libtirpc-1.3.4+ds/debian/libtirpc3t64.postrm.in 2024-02-03 11:35:46.000000000 +0100
@@ -0,0 +1,18 @@
+#!/bin/sh
+
+set -e
+
+# per Helmut, these can't be safely removed again (in package postinst)
+# until forky
+case $1 in
+ remove)
+ for file in libtirpc.so.3 libtirpc.so.3.0.0; do
+ dpkg-divert --package libtirpc3t64 --no-rename \
+ --remove --divert \
+ /lib/#DEB_HOST_MULTIARCH#/$file.usr-is-merged \ + /lib/#DEB_HOST_MULTIARCH#/$file
+ done
+ ;;
+esac
+
+#DEBHELPER#
diff --minimal -Nru libtirpc-1.3.4+ds/debian/rules libtirpc-1.3.4+ds/debian/rules
--- libtirpc-1.3.4+ds/debian/rules 2024-02-02 19:28:07.000000000 +0100
+++ libtirpc-1.3.4+ds/debian/rules 2024-02-03 11:35:46.000000000 +0100
@@ -30,6 +30,8 @@
rm -rf build-deb build-udeb
rm -rf debian/tmp-udeb

-override_dh_installdeb:
+execute_before_dh_installdeb:
sed -e"s/#DEB_HOST_MULTIARCH#/$(DEB_HOST_MULTIARCH)/" \
debian/libtirpc3t64.preinst.in > debian/libtirpc3t64.preinst
+ sed -e"s/#DEB_HOST_MULTIARCH#/$(DEB_HOST_MULTIARCH)/" \
+ debian/libtirpc3t64.postrm.in > debian/libtirpc3t64.postrm

--
Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer https://www.debian.org/ slangasek@ubuntu.com vorlon@debian.org

-----BEGIN PGP SIGNATURE-----

iQIzBAABCgAdFiEErEg/aN5yj0PyIC/KVo0w8yGyEz0FAmW+rWMACgkQVo0w8yGy Ez0fERAAg5j8jDcgOrISuNk0586IvPbXN1dHy/Rfsc1rj0V0hhAJg8UozaEkNX4j eN2ImgD5lYWNJjubGFvC8/3bxeDI6abARzG4w7qQNdpuWZObP/cCvoRRRUtt23wB 6AToiQY9Metd9+CrZpAVLmdz4rYOBjoNv8INk9v/izVnkeOihQ773w+MXazGEyi0 1FlSEms2ewfiNKK0FZCBy+p/+scSbGyU0MwTZHwrbwyvVnZqQIQ2ZCBAMAOAER7W K4t8jiP7TINwsfMEzSWRqtA7sgbTaJvX8BQ8iIPsiv8YNIwzct7OWgK81Aw/r/c3 cjIzLtHRFAjxiEZfQ/cc8gAnDBo0sBHbt9RKAiXpUIbSFdOqbqnWKzPQEdSo+6xo wLcb64ZnCtJiWSBqOxCEx4wPHLZa0fJkmcDT61UOMJ8idAz8lWExTwhJ/CZ9+218 oj5g3siChPq5xo04SpdKVx4FsUzdDld7v/NX+lUsZEjtqV81SzOncGo237gTCj8j 4MtN+rfF4Sqiu8CHTHHf6VrD08S6rs6g6IiKPur1Tj/MJ95IBAtkwgvF3XTINr23 alkkuZ4qLzjoUt3ULC+n