From: Alec Warner <antarus@gentoo.org>
To: gentoo-portage-dev@lists.gentoo.org
Cc: Zac Medico <zmedico@gentoo.org>
Subject: Re: [gentoo-portage-dev] precisions on installed packages' dependencies
Date: Fri, 27 Mar 2020 23:48:16 -0700 [thread overview]
Message-ID: <CAAr7Pr-yqBiNwwFKivEL+Dp2rXA=jXiKWq4FfW__cUHuS7_QzA@mail.gmail.com> (raw)
In-Reply-To: <324215029.2913035.1585317594992.JavaMail.zimbra@laposte.net>
[-- Attachment #1: Type: text/plain, Size: 5957 bytes --]
On Fri, Mar 27, 2020 at 7:00 AM <michael.lienhardt@laposte.net> wrote:
>
> ----- Alec Warner <antarus@gentoo.org> a écrit :
> > On Tue, Mar 24, 2020 at 11:31 AM <michael.lienhardt@laposte.net> wrote:
> > > However, I still doubt that only storing the soname dependencies is
> enough.
> > > Consider package A (that cannot be recompiled) that depends on package
> B
> > > which provides lib L.so.
> > > B is recompiled with different use flags, which put different
> > > functionalities in L.so.
> > > The dependencies of A are still satisfied (B is installed, L.so is
> > > available), but since the content of L.so changed, A cannot execute
> anymore.
> > > Hypothetically, can this scenario occur?
> > > Can this scenario occur in practice?
> > > Is there a way in emerge/portage to avoid it?
>
>
> > > You have far more experience than me on this, and it would be nice for
> me
> > > to know what I'm up against.
> >
> > A lot of this has to do with the specifics of how package managers manage
> > system state, as well as various quirks of subsets of the tree. For
> > example, a perl upgrade (X->Y) will often break perl modules who expect
> > perl-X, but get perl-Y. So one fix is to try to keep perl-X installed (so
> > we SLOT perl and have N perls installed.) Then you need to decide which
> > version of perl to build things against (X or Y, or both?) We took this
> > tactic in the python ecosystem; but perl is not slotted in Gentoo, and so
> > upgrading perl breaks all perl modules. There is a tool
> > (gentoo-perl-cleaner) that will walk the deptree and fix all of these
> > broken packages that you run after an upgrade.
> >
> > I'm not sure it's strictly avoidable. You could build perl-Y, then
> rebuild
> > all perl-modules against perl-Y, then merge the entire result to the
> > livefs. This will reduce the breakage time but likely not eliminate it;
> > plus it seems hard to implement in practice without modern filesystem
> tools
> > (overlayfs, btrfs, zfs or similar tech to make it atomic.) It also
> doesn't
> > account for executing code. What happens to perl-X code that is executing
> > when you unmerge perl-X? The short answer is that code might break and
> > 'proper' management means you should restart services after an upgrade
> > (something Gentoo doesn't typically do; but is common in Debian for
> > example.)
>
> Many thanks for this answer.
> To sum up what I understood, the problem is not really the dependencies,
> but which recompilation (and service restart) are triggered with an update.
>
Yes and no. Assume a spherical package manager that could detect
everything, we basically need to do the following for a perl X -> Y upgrade.
1 User triggers X - Y upgrade.
2 build perl-Y, but don't merge it to the livefs.
3 numerate all deps of perl-Y, build those (but don't merge them to the
livefs, but they need to build against perl-Y, not perl-X)
4 with atomic_transaction:
4a Merge perl-Y to the livefs
4b Merge perl-Y's dependencies to the live fs
5 restart anything that is running perl-X, so that it runs with perl-Y
6 unmerge perl-X
In practice we cannot always do 3 or 4 or 5. We will miss dependencies (due
to missing depgraph information) both in the package depgraph as well as
the service depgraph.
So in practice we do:
1 user triggers X -Y upgrade.
2 build perl-Y, merge it to the livefs, unmerge perl-X
3 run gentoo-perl-cleaner to upgrade the dependencies broken by the X - Y
upgrade (via slot deps, or whatever mechanism, it can vary.)
4 restart anything that is running perl-X
And just accept that from 2-4..well stuff will be broken. We can minimize
the time by building binpkgs ahead of time for example, and merging the
binpkgs in a parallel. Note that 5 and 4 are the same problem in both
lists. Note that per the guide linked below, sometimes 2-3 can be done 'at
once', although again practically speaking "During Perl upgrade, packages
that depend on Perl may become unavailable." even if they are all handled
by emerge, because there are many race conditions in the order that
packages get merged to the livefs.
> In gentoo, there is the ":=" slot operator (and others similar) in
> dependencies that trigger the recompilation when the dependency's slot
> change, but this is the only existing mechanism.
> And this is why every time perl changes, the compilation of its modules is
> not triggered and they are most probably broken.
> Correct?
>
They are supposed to be triggered:
https://wiki.gentoo.org/wiki/Perl#Upgrading_.28major_version.29 for example
says this. But this is up to how callers run the tool. For example gentoo
infra executes emerge via puppet, and we never execute emerge -uDNav
--with-bdeps=y --backtrack=100 --autounmask-keep-masks=y @world, we have
our own piece of code that handles perl upgrades.
> And then, in this context, keeping the installed packages' dependencies
> consistent is up to debate: packages will get broken in any case...
> It is clearly impossible to have a tool that automatically detect all
> implementation dependency breakage.
>
> Again, there's something I probably don't see: why was slot operators
> chosen (among other possibilities) as a mechanism to trigger recompilation?
> I'm very grateful to you all for the time you take to read and answer my
> questions.
Sorry I'm being overly academic. My concern earlier is that you mentioned a
goal of "never breaking installed packages' which I found to be a fairly
audacious goal. The idea is that we should build tools that achieve this
practically (e.g. via heuristics such as := slot operators) while
understanding that the complexities of application deploys are legion and
the tool will never handle them all. So the goal of never breaking them is
more an idealistic goal rather than a practical reality.
-A
> Best,
> Michael
>
>
[-- Attachment #2: Type: text/html, Size: 7612 bytes --]
next prev parent reply other threads:[~2020-03-28 6:48 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-03-23 0:38 [gentoo-portage-dev] precisions on installed packages' dependencies michael.lienhardt
2020-03-23 1:01 ` Zac Medico
2020-03-23 22:21 ` Re : " michael.lienhardt
2020-03-24 4:13 ` Zac Medico
2020-03-24 18:31 ` michael.lienhardt
2020-03-26 8:06 ` Alec Warner
2020-03-27 13:59 ` michael.lienhardt
2020-03-28 6:48 ` Alec Warner [this message]
2020-03-30 21:55 ` michael.lienhardt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAAr7Pr-yqBiNwwFKivEL+Dp2rXA=jXiKWq4FfW__cUHuS7_QzA@mail.gmail.com' \
--to=antarus@gentoo.org \
--cc=gentoo-portage-dev@lists.gentoo.org \
--cc=zmedico@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox