← Back to team overview

ocaml-maint team mailing list archive

  1. ocaml-maint team
  2. Mailing list archive
  3. Message #00550

[Bug 1061769] Re: sks postinst uses dpkg-vendor, but doesn't depend on dpkg-dev (nor should it)

  Thread PreviousDate PreviousThread Next 
** Description changed:

  A recent change to sks packaging uses the dpkg-vendor command to
  determine if the current OS derives from Ubuntu.  dpkg-vendor is
  provided by the dpkg-dev package, which sks does not, and should not
  depend on.
  
  In order for the postinst to behave properly, it needs to gracefully
  handle the situation where the dpkg-vendor command does not exist.
+ 
+ ubuntu@ip-10-195-165-105:~$ sudo apt-get install sks --reinstall
+ Reading package lists... Done
+ Building dependency tree       
+ Reading state information... Done
+ 0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 6 not upgraded.
+ Need to get 0 B/802 kB of archives.
+ After this operation, 0 B of additional disk space will be used.
+ (Reading database ... 25941 files and directories currently installed.)
+ Preparing to replace sks 1.1.1+dpkgv3-7ubuntu0.2 (using .../sks_1.1.1+dpkgv3-7ubuntu0.2_amd64.deb) ...
+ Stopping sks daemons: sksrecon.. sksdb.. done.
+ Unpacking replacement sks ...
+ Processing triggers for ureadahead ...
+ Processing triggers for man-db ...
+ Setting up sks (1.1.1+dpkgv3-7ubuntu0.2) ...
+ debian-sks uid check: ok
+ debian-sks homedir check: ok
+ /var/lib/dpkg/info/sks.postinst: 76: /var/lib/dpkg/info/sks.postinst: dpkg-vendor: not found
+ Starting sks daemons: Not starting sks (as configured in /etc/default/sks)
+ 
+ 
+ == SRU ==
+ 
+ === IMPACT ===
+ This bug impacts any 12.04 server running SKS where dpkg-dev is not installed (which is often the case), and upgrades to the current package in precise-updates.  dpkg-dev would drag in a handful of development level utilities and compilers that many administrators would not want on their production server.
+ 
+ === TEST CASE ===
+ Take a 12.04 server installed prior to July 9, 2012, with SKS installed.  In my case, I started a 12.04 server in EC2, and commented out the two lines in /etc/apt/sources.list referencing precise-updates.  Install SKS:
+  $ sudo apt-get update && sudo apt-get install -y sks
+ Then, uncomment the precise-updates lines in /etc/apt/sources.list, and upgrade SKS:
+  $ sudo apt-get update && sudo apt-get install -y sks
+ 
+ === REGRESSION POTENTIAL ===
+ As implemented, minimal.
+ 
+ === MINIMAL PATCH ===
+ diff -Nru sks-1.1.3/debian/sks.postinst sks-1.1.3/debian/sks.postinst                 
+ --- sks-1.1.3/debian/sks.postinst       2012-07-02 06:19:39.000000000 -0500           
+ +++ sks-1.1.3/debian/sks.postinst       2012-10-04 12:46:25.000000000 -0500           
+ @@ -73,7 +73,8 @@                                                                     
+         if [ -r /var/lib/sks/berkeley_db.active ]; then                               
+             OLD_BDB=$(cat /var/lib/sks/berkeley_db.active)                            
+         else                                                                          
+ -           if dpkg-vendor --derives-from Ubuntu; then                                
+ +           if (type dpkg-vendor >/dev/null && dpkg-vendor --derives-from Ubuntu) || \
+ +                       [ -e /etc/dpkg/origins/ubuntu ]; then                         
+                 if dpkg --compare-versions "$2" lt "1.1.1+dpkgv3-6.1"; then           
+                     OLD_BDB=4.7                                                       
+                 else

** Changed in: sks (Ubuntu Precise)
       Status: In Progress => Fix Committed

** Changed in: sks (Ubuntu Quantal)
       Status: In Progress => Fix Committed

-- 
You received this bug notification because you are a member of Debian
OCaml Maintainers, which is subscribed to sks in Ubuntu.
https://bugs.launchpad.net/bugs/1061769

Title:
  sks postinst uses dpkg-vendor, but doesn't depend on dpkg-dev (nor
  should it)

Status in Precise Backports:
  New
Status in “sks” package in Ubuntu:
  Fix Committed
Status in “sks” source package in Precise:
  Fix Committed
Status in “sks” source package in Quantal:
  Fix Committed

Bug description:
  A recent change to sks packaging uses the dpkg-vendor command to
  determine if the current OS derives from Ubuntu.  dpkg-vendor is
  provided by the dpkg-dev package, which sks does not, and should not
  depend on.

  In order for the postinst to behave properly, it needs to gracefully
  handle the situation where the dpkg-vendor command does not exist.

  ubuntu@ip-10-195-165-105:~$ sudo apt-get install sks --reinstall
  Reading package lists... Done
  Building dependency tree       
  Reading state information... Done
  0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 6 not upgraded.
  Need to get 0 B/802 kB of archives.
  After this operation, 0 B of additional disk space will be used.
  (Reading database ... 25941 files and directories currently installed.)
  Preparing to replace sks 1.1.1+dpkgv3-7ubuntu0.2 (using .../sks_1.1.1+dpkgv3-7ubuntu0.2_amd64.deb) ...
  Stopping sks daemons: sksrecon.. sksdb.. done.
  Unpacking replacement sks ...
  Processing triggers for ureadahead ...
  Processing triggers for man-db ...
  Setting up sks (1.1.1+dpkgv3-7ubuntu0.2) ...
  debian-sks uid check: ok
  debian-sks homedir check: ok
  /var/lib/dpkg/info/sks.postinst: 76: /var/lib/dpkg/info/sks.postinst: dpkg-vendor: not found
  Starting sks daemons: Not starting sks (as configured in /etc/default/sks)

  
  == SRU ==

  === IMPACT ===
  This bug impacts any 12.04 server running SKS where dpkg-dev is not installed (which is often the case), and upgrades to the current package in precise-updates.  dpkg-dev would drag in a handful of development level utilities and compilers that many administrators would not want on their production server.

  === TEST CASE ===
  Take a 12.04 server installed prior to July 9, 2012, with SKS installed.  In my case, I started a 12.04 server in EC2, and commented out the two lines in /etc/apt/sources.list referencing precise-updates.  Install SKS:
   $ sudo apt-get update && sudo apt-get install -y sks
  Then, uncomment the precise-updates lines in /etc/apt/sources.list, and upgrade SKS:
   $ sudo apt-get update && sudo apt-get install -y sks

  === REGRESSION POTENTIAL ===
  As implemented, minimal.

  === MINIMAL PATCH ===
  diff -Nru sks-1.1.3/debian/sks.postinst sks-1.1.3/debian/sks.postinst                 
  --- sks-1.1.3/debian/sks.postinst       2012-07-02 06:19:39.000000000 -0500           
  +++ sks-1.1.3/debian/sks.postinst       2012-10-04 12:46:25.000000000 -0500           
  @@ -73,7 +73,8 @@                                                                     
          if [ -r /var/lib/sks/berkeley_db.active ]; then                               
              OLD_BDB=$(cat /var/lib/sks/berkeley_db.active)                            
          else                                                                          
  -           if dpkg-vendor --derives-from Ubuntu; then                                
  +           if (type dpkg-vendor >/dev/null && dpkg-vendor --derives-from Ubuntu) || \
  +                       [ -e /etc/dpkg/origins/ubuntu ]; then                         
                  if dpkg --compare-versions "$2" lt "1.1.1+dpkgv3-6.1"; then           
                      OLD_BDB=4.7                                                       
                  else

To manage notifications about this bug go to:
https://bugs.launchpad.net/precise-backports/+bug/1061769/+subscriptions

References

  Thread PreviousDate PreviousThread Next