Packages plugin alternates packages with "conflicts"/"replaces" relations

[Jeff Strunk <[email protected]…>]

Sol> <quote who="Jeff Strunk" address="[email protected]…"> Sol> > I am using bcfg2 1.0 pre5 on Ubuntu Jaunty. I am using the Sol> > Packages plugin. Sol> > Sol> > I noticed that every time I run bcfg2 on a client about 30 Sol> > packages get installed. The next time I run it a different set Sol> > get installed. It alternates between those two sets. The Sol> > packages in one set get uninstalled and replaced by the other Sol> > set. Sol> >

Sol> Are these all dependencies that are getting installed each time? You Sol> should be able to check using bcfg2-info. There is information on how to Sol> do this on the Packages page in trac:

Sol> http://trac.mcs.anl.gov/projects/bcfg2/wiki/Plugins/Packages

Sol> If they are dependencies and it's alternating between two Provides Sol> options, you can specify the one you wish in your configuration Sol> explicitly. I have only been using Packages for a short period of time, Sol> so Narayan may have some better advice.

OK. The first thing to do is to upgrade to the version of >Packages.py from trunk. You can grab that from ​https://svn.mcs.anl.gov/repos/bcfg/trunk/bcfg2/src/lib/Server/Plugins/Packages.py You can upgrade by replacing the existing Packages.py on the server and restarting it.

Once you do this, make sure that you're getting stable results for your configuration. (run bcfg2 -c /tmp/cfg1 -n ; bcfg2 -n -c /tmp/cfg2), and then diff them. (there is a bcfg2-admin mode for further comparing them if they aren't identical)

This will point us in the right direction.

Does your config include sudo-ldap explicitly?

-nld

I upgraded the Packages plugin. The clients receive consistent configurations. The same packages are still alternating on the clients.

My config does include sudo-ldap explicitly and never mentions the sudo package.

The config the clients receive has the following lines:

<Bundle name="sudo">
<Package name="sudo-ldap" version="auto" type="deb"/>

</Bundle>
...
<Package origin="Packages" version="auto" type="deb" name="sudo"/>

Is the dependency resolver not taking the Provides relationship into account?

[desai]

It is taking the provides relationship into consideration, but not the conflicts. Can you provide a debug trace of the dep calculation process (steps for this are on the Plugins/Packages? page); that should help us to figure things out.

[Jeff Strunk <…>]

It doesn't appear to get the Provides: line.

>>> loop.plugins['Packages'].complete(m, ['sudo-ldap'], debug=True)
Package sudo-ldap: adding new deps ['libc6', 'libldap-2.4-2', 'libpam0g', 'libpa
m-modules']
Package libldap-2.4-2: adding new deps ['libgcrypt11', 'libgnutls26', 'libsasl2-
2', 'libtasn1-3', 'zlib1g']
Package libsasl2-2: adding new deps ['libdb4.6', 'libsasl2-modules']
Package libsasl2-modules: adding new deps ['libssl0.9.8']
Package libssl0.9.8: adding new deps ['debconf']
Package debconf: adding new deps ['debconf-i18n']
Package debconf-i18n: adding new deps ['liblocale-gettext-perl', 'libtext-iconv-
perl', 'libtext-wrapi18n-perl', 'libtext-charwidth-perl']
Package libtext-charwidth-perl: adding new deps ['perl-base', 'perlapi-5.10.0']
Package(s) ['perl-base'] provide(s) perlapi-5.10.0
Package libc6: adding new deps ['libgcc1', 'findutils']
Package libgcc1: adding new deps ['gcc-4.3-base']
Package libtext-iconv-perl: adding new deps ['perlapi-5.10.0']
Package libgcrypt11: adding new deps ['libgpg-error0']
Package libpam0g: adding new deps ['libpam-runtime']
(set(['debconf', 'libgcc1', 'libpam-modules', 'libtasn1-3', 'libtext-wrapi18n-perl', 'libtext-iconv-perl', 'findutils', 'libc6', 'libgpg-error0', 'libgcrypt11', 'libpam0g', 'libpam-runtime', 'libsasl2-2', 'gcc-4.3-base', 'libldap-2.4-2', 'debconf-i18n', 'libtext-charwidth-perl', 'zlib1g', 'perl-base', 'libsasl2-modules', 'libgnutls26', 'liblocale-gettext-perl', 'sudo-ldap', 'libdb4.6', 'libssl0.9.8']), set([]), 'deb')

# apt-cache show sudo-ldap
Package: sudo-ldap
Priority: optional
Section: universe/admin
Installed-Size: 480
Maintainer: Martin Pitt <[email protected]>
Original-Maintainer: Bdale Garbee <[email protected]>
Architecture: amd64
Source: sudo
Version: 1.6.9p17-1ubuntu3
Replaces: sudo
Provides: sudo
Depends: libc6 (>= 2.8), libldap-2.4-2 (>= 2.4.7), libpam0g (>= 0.99.7.1), libpam-modules
Conflicts: sudo
Filename: pool/universe/s/sudo/sudo-ldap_1.6.9p17-1ubuntu3_amd64.deb
Size: 202064
MD5sum: 1e14392fb489d48e3ebb249f42e6ea01
SHA1: dbc4d6c697e59a76f80827bec51e58c97f316c5c
SHA256: 9399c3f1d3cbeef20a18fc11a37c316333bd8d48c242aecf4487aa9f4b77ce3f
Description: Provide limited super user privileges to specific users
 Sudo is a program designed to allow a sysadmin to give limited root
 privileges to users and log root activity.  The basic philosophy is to give
 as few privileges as possible but still allow people to get their work done.
 .
 This version is built with LDAP support.
Bugs: https://bugs.launchpad.net/ubuntu/+filebug
Origin: Ubuntu

[Jeff Strunk <…>]

I think this may be a more useful example of the Provides relationship not getting accounted for. There is no more mention of sudo or sudo-ldap in the output I cut out.

>>> loop.plugins['Packages'].complete(m,['kdesudo'], debug=True)              
Package kdesudo: adding new deps ['kdebase-runtime', 'kdelibs5', 'libc6', 'libgc
c1', 'libqt4-dbus', 'libqt4-svg', 'libqtcore4', 'libqtgui4', 'libstdc++6', 'sudo
']                                                                              
Package libgcc1: adding new deps ['gcc-4.3-base']                               
Package libqtgui4: adding new deps ['libaudio2', 'libfontconfig1', 'libfreetype6
', 'libglib2.0-0', 'libice6', 'libjpeg62', 'libmng1', 'libpng12-0', 'libsm6', 'l
ibtiff4', 'libx11-6', 'libxext6', 'libxrender1', 'zlib1g', 'fontconfig']        
Package libaudio2: adding new deps ['libxt6']                                   
Package libglib2.0-0: adding new deps ['libpcre3', 'libselinux1']               
Package libxext6: adding new deps ['libxau6', 'x11-common']                     
Package sudo: adding new deps ['libpam0g', 'libpam-modules']
...

I found the problem in the Source.complete() method. If a package has a Provides relation named after another package, it is never seen by complete. For example, when Source.complete() gets to sudo, it checks to see if 'sudo' is a package. Because it is, it adds it to the list of packages to install and never checks to see if 'sudo' is a key in the provides dictionary.

[desai]

This appears to be properly fixed in [8f072533eba97f6135a6223285752741685ba66f] (SVN r5449). Alternatives should supercede requirements when they provide/conflict appropriately with the dep name.