Hi,

in [1] Russ asked us to submit a policy bug about DPKG_ROOT so here it
goes. :)

[1] https://lists.debian.org/874jx3yq8s.fsf@hope.eyrie.org

Here is one description of DPKG_ROOT from the dpkg man page:

    DPKG_ROOT
        Defined by dpkg on the maintainer script environment to indicate
        which installation to act on (since dpkg 1.18.5).  The value is
        intended to be prepended to any path maintainer scripts operate on.
        During normal operation, this variable is empty.  When installing
        packages into a different instdir, dpkg normally invokes maintainer
        scripts using chroot(2) and leaves this variable empty, but if
        --force-script-chrootless is specified then the chroot(2) call is
        skipped and instdir is non-empty.

In practice this means that if (and only if) dpkg is called with
--root=X --force-script-chrootless then all maintainer scripts will be
called with the DPKG_ROOT variable set to X.

Why is this useful? In the very early days of a new architecture,
emulation support is either not available at all or too buggy to be
useful for any practical purposes.  After having cross-built the initial
package set, these packages need to be installed to create a chroot that
can then be used to continue building packages natively on the new
architecture, completing the early bootstrap process. But creating that
chroot requires package maintainer scripts to be run but we cannot
emulate the new architecture to run any of its binaries.

By installing packages with --force-script-chrootless, maintainer
scripts are called without being inside the chroot and thus they will
call the native binaries from the outside. To be able to know the chroot
directory they are supposed to operate on, the DPKG_ROOT variable is set
to the chroot directory. In practice, this means that if a maintainer
script ran this before:

    chmod root:root "/path/to/file"

Then it now has to run

    chmod root:root "$DPKG_ROOT/path/to/file"

More information about DPKG_ROOT can be found here:

 * https://wiki.debian.org/Teams/Dpkg/Spec/InstallBootstrap#Proposal:_chrootless_maintscripts
 * https://debconf22.debconf.org/talks/23-what-is-dpkg_root-and-what-is-it-not/
 * https://lists.debian.org/166289720850.2390.3729551131862514967@localhost

I think there is no problem with letting policy describe what the
DPKG_ROOT variable being set to a non-empty string means for a
maintainer script. There is also no problem in documenting what the
whole point of this exercise is.

But there are also a lot of open questions for which I do not have any
answers yet:

 * where to document this? Other variables set for maintainer scripts
   like DPKG_MAINTSCRIPT_PACKAGE or DPKG_MAINTSCRIPT_ARCH do not seem to be
   documented either even though (according to codesearch.d.n) they are used in
   hundreds of places
 * what about scope? The Essential:yes and build-essential package set are
   certainly a *must*. We need these to start building natively on a new
   architecture. But do we need more than those? Having apt would be handy
   but not strictly necessary (dpkg -i can always be used instead). Having an
   init system would be handy but not strictly necessary (can always boot with
   init=/bin/bash).
 * what can maintainer scripts supporting DPKG_ROOT expect from the system on
   the outside? Are its package versions the same as the system inside the
   chroot? Is it even Debian? Right now we do all our tests such that the
   system on the outside is identical to the one we want to create the
   chroot for except that it is of the native architecture. But should such a
   restriction be placed in policy?
 * what about upgrades? We only want to create a chroot and some of our patches
   are made much simpler because we ignore upgrades. If newer package versions
   are required, the bootstrapper can just create a new chroot without
   upgrading anything.

Thank you for your consideration!

cheers, josch

Johannes Schauer Marin Rodrigues <josch@debian.org> writes:

In general, Policy doesn't need to be a copy of dpkg's documentation, so I
don't think we need to list everything that dpkg makes available.

The important thing that Policy is adding isn't to catalog the facilities
available.  It's to tell you *when* to use those facilities.  In the case
of some of those variables, that's the obvious "whenever it's convenient
to get that information from an environment variable for whatever you're
trying to do," and Policy doesn't need to say anything about it.  But
here, some packages *have* to use this environment variable or they will
be buggy.  That's the sort of thing Policy should describe.

I would tend to add a section on bootstrapping support (since that's what
this is for) to chapter 6 at the end.  It could just talk about DPKG_ROOT
for now and we can add any other maintainer script considerations that
come up there in the future.

I think this is up to you to define, but we need to be able to describe
it.  Starting with essential and build-essential packages sounds great,
and Policy already defines both of those terms, so that's easy.  If you
need to add more packages, we will need to figure out how to describe them
without special-case listings of package names.

It sounds like you're not imposing any restrictions on the *package* here,
so there's no need to say anything unless at some point you need to do so.

The point of putting this in Policy is to provide guidance to the
packagers, not to the bootstrappers.  Presumably you already have other
documentation that you maintain about how to bootstrap Debian that spells
out what to do in what order; that's outside of Policy's remit.  What
Policy is trying to do is to define for packagers what interface they have
to implement, and DPKG_ROOT is now part of that interface.

So in other words, you can just say something like:

    Maintainer scripts in essential or build-essential packages must
    preface all paths they act on in maintainer scripts with an expansion
    of the DPKG_ROOT environment variable.  This will normally be empty
    (and thus normally will not change anything), but in some situations
    it may be set to a bootstrapping path to tell packages to act under
    that path instead of on the root file system.

That wording probably isn't quite right, but I think that's the general
idea.

If maintainers don't have to worry about this for upgrades, you can just
say so.  I think it's up to you whether you think that is important or
not.  I would be inclined to say that it's *safe* to add DPKG_ROOT to
paths even on upgrade actions, but you only *must* do so for maintainer
script actions that run during initial installation.

Thank you very much for starting this discussion!