Just found this, because I also noticed the debsums error. A quick look in the changelog finds this:
> procps (2:3.3.16-1ubuntu1) focal; urgency=low
> [...]
> * Dropped changes, no longer needed:
> ...
> - 10-link-restrictions.conf: this is redundant with link-protect.conf
> from Debian.
> * debian/procps.maintscript: handle migration of link-protect.conf from
> /etc to /usr.
>
> -- Steve Langasek <email address hidden> Thu, 13 Feb 2020 22:53:02 -0800
But apparently that file never arrived downstream? Neither find /usr ... nor apt-file search can find it. Having had a look at the contents of said file by opening the .deb archive has me a bit worried:
> # These settings eliminate an entire class of security vulnerability:
> # time-of-check-time-of-use cross-privilege attacks using guessable
> # filenames (generally seen as "/tmp file race" vulnerabilities).
This could very well warrant a bump in severity, given there are security implications.
A simple workaround is to just copy that file manually into /etc/sysctl.d under a different name, so postinst can't find it, should it try to murder it again. :P Of course it won't solve the debsums error but it solves the bigger problem of the file missing entirely.
Just found this, because I also noticed the debsums error. A quick look in the changelog finds this: restrictions. conf: this is redundant with link-protect.conf procps. maintscript: handle migration of link-protect.conf from
> procps (2:3.3.16-1ubuntu1) focal; urgency=low
> [...]
> * Dropped changes, no longer needed:
> ...
> - 10-link-
> from Debian.
> * debian/
> /etc to /usr.
>
> -- Steve Langasek <email address hidden> Thu, 13 Feb 2020 22:53:02 -0800
But apparently that file never arrived downstream? Neither find /usr ... nor apt-file search can find it. Having had a look at the contents of said file by opening the .deb archive has me a bit worried:
> # These settings eliminate an entire class of security vulnerability: check-time- of-use cross-privilege attacks using guessable
> # time-of-
> # filenames (generally seen as "/tmp file race" vulnerabilities).
This could very well warrant a bump in severity, given there are security implications.
A simple workaround is to just copy that file manually into /etc/sysctl.d under a different name, so postinst can't find it, should it try to murder it again. :P Of course it won't solve the debsums error but it solves the bigger problem of the file missing entirely.