sysctl errors from bad /etc/sysctl.d conf files making packages uninstallable
scott at open-vote.org
Sun Nov 1 21:28:20 GMT 2009
A lot of users are running across the Wine package failing to install
and causing a whole system mess:
At first I thought the issue was an old maintainer script that called
/etc/init.d/procps start manually. However, transitioning this script
to upstart with start procps, as well as reverting it to invoking sysctl
directly causes the same issue.
The root cause is this: sysctl is throwing an error when it encounters
an /etc/sysctl.d/foo.conf file that contains keys it doesn't use. How
these keys got onto the system is somewhat mysterious -- most likely
cause is they're conf files from an older version of some other package
(Wine's .conf file is a single line and works fine).
This error propagates through upstart and causes dpkg --configure to
panic, making the package uninstallable. This is obviously bad.
So it seems like we have 3 options:
1) Quiet down sysctl so it doesn't throw these errors on unknown
commands. As far as I can tell, it's undocumented if sysctl gives a
different exit status for unknown commands and genuine errors, so
there's no good way to tell them apart.
2) Change procps upstart job to not care about sysctl errors. I believe
debian does something similar.
3) Change every package with a sysctl.d conffile to ignore start procps
errors (eg start procps || true).
At the moment, installing a package like Wine is the only way a user
will notice this error - upstart won't let a failing procps job prevent
system bootup. I could hack around this by using option 3 for the Wine
package, but the problem will likely crop up elsewhere later.
It's also not clear how sysctl is dealing with the error at the moment -
quite possibly, sysctl is giving up the first time it sees a bad key,
meaning later keys are never loaded (possible security implications).
Either way, I believe some coordination here will be important to
getting this handled well, so I've cced the Debian procps maintainer as
well. Thanks for your time :)
More information about the ubuntu-devel