Modify

Ticket #1112 (accepted defect)

Opened 7 years ago

Last modified 6 years ago

Packages Doesn't Handle Dependencies for Multiple Repositories Correctly

Reported by: https://www.google.com/accounts/o8/id?id=AItOawmPND9hLM-9OK1G8nL1xVVEEDXIbudo2IE Owned by: https://www.google.com/accounts/o8/id?id=AItOawnSjgovXZr-_V3vGkvMSR0pc5LDykRc1Nc
Priority: minor Milestone: Bcfg2 1.4.0 Release
Component: bcfg2-server Version: 1.0
Keywords: Cc:

Description

If you backport a package into a custom repository that changes dependencies of release software the dependencies are not handled properly. It's a total edge case, but I'm going to try and give a reasonable example.

In lucid unixodbc depends on odbcinst1debian1. In precise unixodbc depends on odbcinst1debian2 which breaks odbcinst1debian1. If you have 2 repositories setup for Packages:

deb http://us.archive.ubuntu.org/ubuntu lucid deb http://apt.myco.com/ubuntu lucid

and apt.myco.com has a backported unixodbc bcfg2 will think unixodbc depends on both odbcinst1debian1 and odbcinst1debian2 and apt will always fail miserably. This blocks other packages from being installed by bcfg2.

Attachments

Change History

comment:1 Changed 7 years ago by https://www.google.com/accounts/o8/id?id=AItOawnSjgovXZr-_V3vGkvMSR0pc5LDykRc1Nc

  • Owner changed from desai to https://www.google.com/accounts/o8/id?id=AItOawnSjgovXZr-_V3vGkvMSR0pc5LDykRc1Nc
  • Status changed from new to accepted

To elaborate:

This issue is not specific to the Apt driver, but is built in to Packages itself. Packages only resolves dependencies by package name, not by version, so if you specify a particular version of a package in your bundle, Packages only ever sees the name, and will potentially resolve dependencies incorrectly.

There is a related issue, as well, which is that Packages only produces a list of package names that it has resolved, not versions, so it might potentially produce an incorrect list of dependencies. For instance, if the package "foo" required bar-1.1, but bar-1.2 was available, Bcfg2 would complain because the latest available package was not installed.

In summary: Packages needs to understand package versions, not just names. This is a monstrous change, but still needs to be done.

comment:2 Changed 7 years ago by https://www.google.com/accounts/o8/id?id=AItOawnSjgovXZr-_V3vGkvMSR0pc5LDykRc1Nc

Fixed for yum in https://github.com/Bcfg2/bcfg2/commit/b2e860717ed5747b8d66187824a747d4794ed472

I lack the expertise to fix this for Apt or Pacman, so someone else will have to take that on.

comment:3 Changed 6 years ago by solj

  • Milestone changed from Bcfg2 1.3.0 Release to Bcfg2 1.4.0 Release

WARNING! You need to establish a session before you can create or edit tickets. Otherwise the ticket will get treated as spam.

View

Add a comment

Modify Ticket

Change Properties
<Author field>
Action
as accepted
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.