* [gentoo-dev] openssl and preserve_old_lib_notify pitfall
@ 2010-09-30 16:31 Andreas K. Huettel
2010-09-30 16:40 ` Samuli Suominen
` (2 more replies)
0 siblings, 3 replies; 7+ messages in thread
From: Andreas K. Huettel @ 2010-09-30 16:31 UTC (permalink / raw
To: Gentoo Dev
[-- Attachment #1: Type: Text/Plain, Size: 871 bytes --]
Hi,
Just by accident I noticed during emerge something that may lead to major confusion: the just stabilized openssl-1.0.0-r3 contains the following code:
pkg_postinst() {
...
has_version ${CATEGORY}/${PN}:0.9.8 && return 0
preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
}
However, portage in my case first updated openssl (slot 0) from 0.9.8 to this version, _printing out the preserve_old_lib_notify message_, and then afterwards installed openssl-0.9.8o-r2.
Net result: if I had relied on the elog messages alone, I would have messed up my system by deleting the required files from openssl:0.9.8...
I have no clue how this could be improved, though. Any ideas?
Cheers, Andreas
--
Andreas K. Huettel
Gentoo Linux developer - kde, sci, sunrise
dilfridge@gentoo.org
http://www.akhuettel.de/
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] openssl and preserve_old_lib_notify pitfall
2010-09-30 16:31 [gentoo-dev] openssl and preserve_old_lib_notify pitfall Andreas K. Huettel
@ 2010-09-30 16:40 ` Samuli Suominen
2010-09-30 17:25 ` Zac Medico
2010-09-30 17:32 ` Zac Medico
2010-09-30 19:06 ` Mike Frysinger
2 siblings, 1 reply; 7+ messages in thread
From: Samuli Suominen @ 2010-09-30 16:40 UTC (permalink / raw
To: gentoo-dev
On 09/30/2010 07:31 PM, Andreas K. Huettel wrote:
>
> Hi,
>
> Just by accident I noticed during emerge something that may lead to major confusion: the just stabilized openssl-1.0.0-r3 contains the following code:
>
> pkg_postinst() {
> ...
> has_version ${CATEGORY}/${PN}:0.9.8 && return 0
> preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
> }
>
> However, portage in my case first updated openssl (slot 0) from 0.9.8 to this version, _printing out the preserve_old_lib_notify message_, and then afterwards installed openssl-0.9.8o-r2.
>
> Net result: if I had relied on the elog messages alone, I would have messed up my system by deleting the required files from openssl:0.9.8...
>
> I have no clue how this could be improved, though. Any ideas?
Get Portage 2.2_rcX (with preserved-libs) feature released into ~arch. ;-)
>
> Cheers, Andreas
>
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] openssl and preserve_old_lib_notify pitfall
2010-09-30 16:40 ` Samuli Suominen
@ 2010-09-30 17:25 ` Zac Medico
2010-09-30 17:35 ` Samuli Suominen
0 siblings, 1 reply; 7+ messages in thread
From: Zac Medico @ 2010-09-30 17:25 UTC (permalink / raw
To: gentoo-dev
On 09/30/2010 09:40 AM, Samuli Suominen wrote:
> Get Portage 2.2_rcX (with preserved-libs) feature released into ~arch. ;-)
We probably won't be able to stabilize portage-2.2 at the same time
as openssl, so we should probably be thinking of more short-term
solutions if this openssl thing is a real problem.
--
Thanks,
Zac
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] openssl and preserve_old_lib_notify pitfall
2010-09-30 16:31 [gentoo-dev] openssl and preserve_old_lib_notify pitfall Andreas K. Huettel
2010-09-30 16:40 ` Samuli Suominen
@ 2010-09-30 17:32 ` Zac Medico
2010-09-30 19:09 ` Mike Frysinger
2010-09-30 19:06 ` Mike Frysinger
2 siblings, 1 reply; 7+ messages in thread
From: Zac Medico @ 2010-09-30 17:32 UTC (permalink / raw
To: gentoo-dev
On 09/30/2010 09:31 AM, Andreas K. Huettel wrote:
>
> Hi,
>
> Just by accident I noticed during emerge something that may lead to major confusion: the just stabilized openssl-1.0.0-r3 contains the following code:
>
> pkg_postinst() {
> ...
> has_version ${CATEGORY}/${PN}:0.9.8 && return 0
> preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
> }
>
> However, portage in my case first updated openssl (slot 0) from 0.9.8 to this version, _printing out the preserve_old_lib_notify message_, and then afterwards installed openssl-0.9.8o-r2.
The preserve_old_lib_notify message in postinst is invalid if the
package doesn't actually own the file. It would be safer to check
for the file in $D during preinst than to check in $ROOT in postinst
like that function does.
Also, if the openssl-0.9.8o-r2 gets pulled in later then it should
bail out due to a file collision, since it's not allows for two
different SLOTs to install the same file(s).
> Net result: if I had relied on the elog messages alone, I would have messed up my system by deleting the required files from openssl:0.9.8...
>
> I have no clue how this could be improved, though. Any ideas?
>
> Cheers, Andreas
>
--
Thanks,
Zac
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] openssl and preserve_old_lib_notify pitfall
2010-09-30 17:25 ` Zac Medico
@ 2010-09-30 17:35 ` Samuli Suominen
0 siblings, 0 replies; 7+ messages in thread
From: Samuli Suominen @ 2010-09-30 17:35 UTC (permalink / raw
To: gentoo-dev
On 09/30/2010 08:25 PM, Zac Medico wrote:
> On 09/30/2010 09:40 AM, Samuli Suominen wrote:
>> Get Portage 2.2_rcX (with preserved-libs) feature released into ~arch. ;-)
>
> We probably won't be able to stabilize portage-2.2 at the same time
> as openssl, so we should probably be thinking of more short-term
> solutions if this openssl thing is a real problem.
The same scenario is present in jpeg and libpng too, or any other
package which is slotted and uses preserve_old_lib.
(I wasn't serious about the 2.2 thing with that ;-)
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] openssl and preserve_old_lib_notify pitfall
2010-09-30 16:31 [gentoo-dev] openssl and preserve_old_lib_notify pitfall Andreas K. Huettel
2010-09-30 16:40 ` Samuli Suominen
2010-09-30 17:32 ` Zac Medico
@ 2010-09-30 19:06 ` Mike Frysinger
2 siblings, 0 replies; 7+ messages in thread
From: Mike Frysinger @ 2010-09-30 19:06 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: Text/Plain, Size: 1049 bytes --]
On Thursday, September 30, 2010 12:31:16 Andreas K. Huettel wrote:
> Just by accident I noticed during emerge something that may lead to major
> confusion: the just stabilized openssl-1.0.0-r3 contains the following
> code:
fix your e-mail client. its line wrapping is broken.
> pkg_postinst() {
> ...
> has_version ${CATEGORY}/${PN}:0.9.8 && return 0
> preserve_old_lib_notify /usr/$(get_libdir)/lib{crypto,ssl}.so.0.9.8
> }
>
> However, portage in my case first updated openssl (slot 0) from 0.9.8 to
> this version, _printing out the preserve_old_lib_notify message_, and then
> afterwards installed openssl-0.9.8o-r2.
are you sure openssl-1 didnt also take care of preserving the library ? look
at the contents of openssl-1.
> Net result: if I had relied on the elog messages alone, I would have messed
> up my system by deleting the required files from openssl:0.9.8...
you may have broken one or two *binary only* packages, but this hardly
classifies as "messed up my system".
-mike
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [gentoo-dev] openssl and preserve_old_lib_notify pitfall
2010-09-30 17:32 ` Zac Medico
@ 2010-09-30 19:09 ` Mike Frysinger
0 siblings, 0 replies; 7+ messages in thread
From: Mike Frysinger @ 2010-09-30 19:09 UTC (permalink / raw
To: gentoo-dev
[-- Attachment #1: Type: Text/Plain, Size: 835 bytes --]
On Thursday, September 30, 2010 13:32:07 Zac Medico wrote:
> The preserve_old_lib_notify message in postinst is invalid if the
> package doesn't actually own the file. It would be safer to check
> for the file in $D during preinst than to check in $ROOT in postinst
> like that function does.
that isnt how it works. the libs being preserved specifically are not part of
$D (not installed by src_install) and so there is no reference to check
against in pkg_preinst. only $ROOT.
> Also, if the openssl-0.9.8o-r2 gets pulled in later then it should
> bail out due to a file collision, since it's not allows for two
> different SLOTs to install the same file(s).
if "by later" you mean "a different emerge at a later point in time", then the
user did not read / follow his log, so end game there is PEBKAC
-mike
[-- Attachment #2: This is a digitally signed message part. --]
[-- Type: application/pgp-signature, Size: 836 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2010-09-30 19:10 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2010-09-30 16:31 [gentoo-dev] openssl and preserve_old_lib_notify pitfall Andreas K. Huettel
2010-09-30 16:40 ` Samuli Suominen
2010-09-30 17:25 ` Zac Medico
2010-09-30 17:35 ` Samuli Suominen
2010-09-30 17:32 ` Zac Medico
2010-09-30 19:09 ` Mike Frysinger
2010-09-30 19:06 ` Mike Frysinger
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox