For Debian (and typically, derivatives), this is described in the Debian Policy chapter on maintainer scripts and the corresponding flowcharts. Errors are handled in combination by dpkg
(the tool which handles package extraction etc.) and maintainer scripts.
When upgrading a package:
- the existing package’s pre-removal script is called
- the new package’s pre-installation script is called
- the new package’s files are unpacked
- the existing package’s post-removal script is called
- the existing package’s files are removed
- the new package’s post-installation script is called
At any point, errors are handled, and various maintainer scripts are invoked with “undo” parameters to revert the changes made in previous steps. Ultimately, the package can end up in one of the following states:
- fully installed in the new version (when everything goes well)
- fully installed in the existing version (when something fails but all the changes could be backed out)
- unpacked, needing configuration
- failed, needing re-installation
For many packages, the default handling is sufficient, and no help from maintainer scripts is required. Other packages are much more complex, e.g. those with databases and schema changes between versions (see the slapd
maintainer scripts for example); in some cases they won’t actually handle aborted upgrades themselves, and will instead leave a backup of the existing state and ask the administrator to sort the situation out.