Abstract
The Debian distribution includes more than 28 thousand maintainer scripts, almost all of them are written in Posix shell. These scripts are executed with root privileges at installation, update, and removal of a package, which make them critical for system maintenance. While Debian policy provides guidance for package maintainers producing the scripts, few tools exist to check the compliance of a script to it. We report on the application of a formal verification approach based on symbolic execution to find violations of some non-trivial properties required by Debian policy in maintainer scripts. We present our methodology and give an overview of our toolchain. We obtained promising results: our toolchain is effective in analysing a large set of Debian maintainer scripts and it pointed out over 150 policy violations that lead to reports (more than half already fixed) on the Debian Bug Tracking system.
This work has been partially supported by the ANR project CoLiS, contract number ANR-15-CE25-0001.
Chapter PDF
Similar content being viewed by others
Keywords
References
Lintian. https://lintian.debian.org
Piuparts. https://piuparts.debian.org/
Aït-Kaci, H., Podelski, A., Smolka, G.: A feature-based constraint system for logic programming with entailment. Theor. Comput. Sci. 122(1–2), 263–283 (1994)
Allbery, R., Whitton, S.: Debian policy manual (Oct 2019), https://www.debian.org/doc/debian-policy/
Becker, B., Marché, C.: Ghost Code in Action: Automated Verification of a Symbolic Interpreter. In: Chakraborty, S., A.Navas, J. (eds.) Verified Software: Tools, Techniques and Experiments. Lecture Notes in Computer Science (2019), https://hal.inria.fr/hal-02276257
Becker, B., Marché, C., Jeannerod, N., Treinen, R.: Revision 2 of CoLiS language: formal syntax, semantics, concrete and symbolic interpreters. Technical report, HAL Archives Ouvertes (Oct 2019), https://hal.inria.fr/hal-02321743
Bobot, F., Filliâtre, J.C., Marché, C., Paskevich, A.: Let’s verify this with Why3. International Journal on Software Tools for Technology Transfer (STTT) 17(6), 709–727 (2015). https://doi.org/10.1007/s10009-014-0314-5, http://hal.inria.fr/hal-00967132/en, see also http://toccata.lri.fr/gallery/fm2012comp.en.html
Debian Bug Tracker: dibbler-server: postinst contains invalid command. Debian Bug Reports 841934 (Oct 2016), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=841934
Debian Bug Tracker: authbind: maintainer script(s) not using strict mode. Debian Bug Report 866249 (Jun 2017), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=866249
Debian Bug Tracker: dict-freedict-all: postinst script has a wrong redirection. Debian Bug Report 908189 (Sep 2018), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=908189
Debian Bug Tracker: python3-neutron-fwaas-dashboard: incorrect test in postrm. Debian Bug Report 900493 (May 2018), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=900493
Debian Bug Tracker: [dpkg-maintscript-helper] bug in finish\(\_\)dir\(\_\)to\(\_\)symlink. Debian Bug Report 922799 (Feb 2019), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=922799
Debian Bug Tracker: ndiswrapper: when "postrm purge" fails it may have deleted some config files. Debian Bug Report 942392 (Oct 2019), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942392
Debian Bug Tracker: oz: non-idempotent postrm script. Debian Bug Report 942395 (Oct 2019), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942395
Debian Bug Tracker: preinst script not posix compliant. Debian Bug Report 925006 (Mar 2019), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=925006
Debian Bug Tracker: rancid-cgi: preinst may fail and not rollback a change. Debian Bug Report 942388 (Oct 2019), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=942388
Debian Bug Tracker: sgml-base: preinst may fail *silently*. Debian Bug Report 929706 (May 2019), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=929706
Developer’s Reference Team: Debian developers reference (Oct 2019), https://www.debian.org/doc/manuals/developers-reference/
Di Cosmo, R., Di Ruscio, D., Pelliccione, P., Pierantonio, A., Zacchiroli, S.: Supporting software evolution in component-based FOSS systems. Science of Computer Programming 76(12), 1144–1160 (2011). https://doi.org/10.1016/j.scico.2010.11.001
Gardner, P., Ntzik, G., Wright, A.: Local reasoning for the POSIX file system. In: European Symposium On Programming. Lecture Notes in Computer Science, vol. 8410, pp. 169–188. Springer (2014). https://doi.org/10.1007/978-3-642-54833-8_10
Greenberg, M., Blatt, A.J.: Executable formal semantics for the POSIX shell. CoRR abs/1907.05308 (2019), http://arxiv.org/abs/1907.05308
IEEE, The Open Group: The open group base specifications issue 7. http://pubs.opengroup.org/onlinepubs/9699919799/ (2018)
Jeannerod, N., Marché, C., Treinen, R.: A Formally Verified Interpreter for a Shell-Like Programming Language. In: 9th Working Conference on Verified Software: Theories, Tools, and Experiments. Lecture Notes in Computer Science, vol. 10712 (2017), https://hal.archives-ouvertes.fr/hal-01534747
Jeannerod, N., Régis-Gianas, Y., Marché, C., Sighireanu, M., Treinen, R.: Specification of UNIX utilities. Technical report, HAL Archives Ouvertes (Oct 2019), https://hal.inria.fr/hal-02321691
Jeannerod, N., Régis-Gianas, Y., Treinen, R.: Having fun with 31.521 shell scripts. Tech. rep., HAL Archives Ouvertes (2017), https://hal.archives-ouvertes.fr/hal-01513750
Jeannerod, N., Treinen, R.: Deciding the First-Order Theory of an Algebra of Feature Trees with Updates. In: Galmiche, D., Schulz, S., Sebastiani, R. (eds.) 9th International Joint Conference on Automated Reasoning. Lecture Notes in Computer Science, vol. 10900, pp. 439–454. Springer, Oxford, UK (Jul 2018), https://hal.archives-ouvertes.fr/hal-01807474
Mazurak, K., Zdancewic, S.: ABASH: finding bugs in bash scripts. In: Workshop on Programming Languages and Analysis for Security. pp. 105–114 (2007)
Ntzik, G., Gardner, P.: Reasoning about the POSIX file system: local update and global pathnames. In: Object-Oriented Programming, Systems, Languages and Applications. pp. 201–220. ACM (2015). https://doi.org/10.1145/2814270.2814306
Ntzik, G., da Rocha Pinto, P., Sutherland, J., Gardner, P.: A concurrent specification of POSIX file systems. In: European Conference on Object-Oriented Programming. LIPIcs, vol. 109, pp. 4:1–4:28. Schloss Dagstuhl - Leibniz-Zentrum fuer Informatik (2018). https://doi.org/10.4230/LIPIcs.ECOOP.2018.4
Régis-Gianas, Y., Jeannerod, N., Treinen, R.: Morbig: A static parser for POSIX shell. In: Pearce, D., Mayerhofer, T., Steimann, F. (eds.) ACM SIGPLAN International Conference on Software Language Engineering. pp. 29–41. Boston, MA, USA (Nov 2018). https://doi.org/10.1145/3276604.3276615, https://hal.archives-ouvertes.fr/hal-01890044
Rosenfeld, R.: Package rancid-cgi: looking glass cgi based on rancid tools (2019), https://packages.debian.org/en/sid/rancid-cgi
Smolka, G.: Feature constraint logics for unification grammars. Journal of Logic Programming 12, 51–87 (1992)
Smolka, G., Treinen, R.: Records for logic programming. Journal of Logic Programming 18(3), 229–258 (1994)
The CoLiS project: The CoLiS bench. http://ginette.informatique.univ-paris-diderot.fr/~niols/colis-batch/
The CoLiS project: The CoLiS toolchain. https://github.com/colis-anr
The CoLiS project: Artifact for Analysing installation scenarios of Debian Packages. Zenodo Repository (Feb 2020). https://doi.org/10.5281/zenodo.3678390
The Debian Project: Bugs tagged colis, https://bugs.debian.org/cgi-bin/pkgreport.cgi?tag=colis-shparser;users=treinen@debian.org
The Linux Foundation: Filesystem hierarchy standard, version 3.0 (Mar 2015), https://refspecs.linuxfoundation.org
Ucko, A.M.: cmigrep: broken emacsen-install script. Debian Bug Report 431131 (Jun 2007), https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=431131
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Open Access This chapter is licensed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license and indicate if changes were made.
The images or other third party material in this chapter are included in the chapter's Creative Commons license, unless indicated otherwise in a credit line to the material. If material is not included in the chapter's Creative Commons license and your intended use is not permitted by statutory regulation or exceeds the permitted use, you will need to obtain permission directly from the copyright holder.
Copyright information
© 2020 The Author(s)
About this paper
Cite this paper
Becker, B., Jeannerod, N., Marché, C., Régis-Gianas, Y., Sighireanu, M., Treinen, R. (2020). Analysing installation scenarios of Debian packages. In: Biere, A., Parker, D. (eds) Tools and Algorithms for the Construction and Analysis of Systems. TACAS 2020. Lecture Notes in Computer Science(), vol 12079. Springer, Cham. https://doi.org/10.1007/978-3-030-45237-7_14
Download citation
DOI: https://doi.org/10.1007/978-3-030-45237-7_14
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-030-45236-0
Online ISBN: 978-3-030-45237-7
eBook Packages: Computer ScienceComputer Science (R0)