Analysing installation scenarios of Debian packages

Abstract : The Debian distribution includes 28 814 maintainer scripts, almost all of which are written in Posix shell. These scripts are executed with root privileges at installation, update, and removal of a package, which make them critical for system maintenance. While Debian policy provides guidance for package maintainers producing the scripts, few tools exist to check the compliance of a script to it. We report on the application of a formal verification approach based on symbolic execution to find violations of some non-trivial properties required by Debian policy in maintainer scripts. We present our methodology and give an overview of our toolchain. We obtained promising results: our toolchain is effective in analysing a large set of Debian maintainer scripts and it pointed out over 150 policy violations that lead to reports on the Debian Bug Tracking system.
Complete list of metadatas
Contributor : Nicolas Jeannerod <>
Submitted on : Friday, November 8, 2019 - 12:46:01 PM
Last modification on : Sunday, November 10, 2019 - 1:30:13 AM


  • HAL Id : hal-02355602, version 1


Benedikt Becker, Nicolas Jeannerod, Claude Marché, Yann Regis-Gianas, Sighireanu Mihaela, et al.. Analysing installation scenarios of Debian packages. 2019. ⟨hal-02355602⟩



Record views