Bug#535037: [hardening-wrapper] diversion conflict between hardening-wrapper and binutils-gold packages
Petr Gajdůšek
Version: 1.13
Severity: normal
--- Please enter the report below this line. ---
$ LC_ALL=POSIX sudo apt-get install hardening-wrapper
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
hardening-wrapper
0 upgraded, 1 newly installed, 0 to remove and 27 not upgraded.
Need to get 0B/10.2kB of archives.
After this operation, 77.8kB of additional disk space will be used.
Reading package fields... Done
Reading package status... Done
Retrieving bug reports... Done
Parsing Found/Fixed information... Done
Selecting previously deselected package hardening-wrapper.
(Reading database ... 758899 files and directories currently installed.)
Unpacking hardening-wrapper (from .../hardening-wrapper_1.13_i386.deb) ...
Adding `diversion of /usr/bin/gcc-4.1 to /usr/bin/gcc-4.1.real by hardening-wrapper'
Adding `diversion of /usr/bin/g++-4.1 to /usr/bin/g++-4.1.real by hardening-wrapper'
Adding `diversion of /usr/bin/gcc-4.2 to /usr/bin/gcc-4.2.real by hardening-wrapper'
Adding `diversion of /usr/bin/g++-4.2 to /usr/bin/g++-4.2.real by hardening-wrapper'
Adding `diversion of /usr/bin/gcc-4.3 to /usr/bin/gcc-4.3.real by hardening-wrapper'
Adding `diversion of /usr/bin/g++-4.3 to /usr/bin/g++-4.3.real by hardening-wrapper'
Adding `diversion of /usr/bin/gcc-4.4 to /usr/bin/gcc-4.4.real by hardening-wrapper'
Adding `diversion of /usr/bin/g++-4.4 to /usr/bin/g++-4.4.real by hardening-wrapper'
dpkg-divert: `diversion of /usr/bin/ld to /usr/bin/ld.real by hardening-wrapper' clashes with `diversion of /usr/bin/ld to /usr/bin/ld.single by binutils-gold'
dpkg: error processing /var/cache/apt/archives/hardening-wrapper_1.13_i386.deb (--unpack):
subprocess new pre-installation script returned error exit status 2
Errors were encountered while processing:
/var/cache/apt/archives/hardening-wrapper_1.13_i386.deb
Updating Debian Packages of System Configurations (dpsyco).
E: Sub-process /usr/bin/dpkg returned an error code (1)
--- System information. ---
Architecture: i386
Kernel: Linux 2.6.29-2-686
Debian Release: squeeze/sid
500 unstable www.debian-multimedia.org
500 unstable uqm.debian.net
500 unstable ftp.debian-unofficial.org
500 unstable ftp.cz.debian.org
500 unstable deb.opera.com
--- Package information. ---
Depends (Version) | Installed
======================-+-===========
gcc | 4:4.3.3-9
OR g++ | 4:4.3.3-9
perl | 5.10.0-23
Package's Recommends field is empty.
Package's Suggests field is empty.
--
To UNSUBSCRIBE, email to debian-bugs-...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listm...@lists.debian.org
Kees Cook
On Mon, Jun 29, 2009 at 09:18:52AM +0200, Petr Gajdůšek wrote:
> dpkg-divert: `diversion of /usr/bin/ld to /usr/bin/ld.real by hardening-wrapper' clashes with `diversion of /usr/bin/ld to /usr/bin/ld.single by binutils-gold'
The only solution I can think of for this architectural limitation is to
create a single package that provides the compiler diversions, and enables
a series of plug-ins that other compiler-changing tools can link to.
Unfortunately, not every diversion-user just wants to change the
commandline arguments -- as in this case, it wants to genuinely run a
totally different program.
I am open to suggestions on the best way to solve this problem.
--
Kees Cook @debian.org
Matthias Klose
thanks
the conflict is definitely wrong.
hardening-wrapper must not divert ld, it should divert both ld.bfd and ld.gold.
This way the hardening options are enforced independently of the ld diversion.
another option could be the implementation of an option --ld=<linker> in the gcc
driver, which is modified by the hardening wrapper. the gcc driver is already
diverted.