← Back to team overview

openjdk team mailing list archive

  1. openjdk team
  2. Mailing list archive
  3. Message #13091

[Bug 1769013] Re: Please merge ca-certificates-java 20180413 (main) from Debian unstable (main)

  Thread PreviousDate PreviousThread Next 
Hello Tiago, or anyone else affected,

Accepted ca-certificates-java into bionic-proposed. The package will
build now and be available at https://launchpad.net/ubuntu/+source/ca-
certificates-java/20180516ubuntu1~18.04.1 in a few hours, and then in
the -proposed repository.

Please help us by testing this new package.  See
https://wiki.ubuntu.com/Testing/EnableProposed for documentation on how
to enable and use -proposed.Your feedback will aid us getting this
update out to other Ubuntu users.

If this package fixes the bug for you, please add a comment to this bug,
mentioning the version of the package you tested and change the tag from
verification-needed-bionic to verification-done-bionic. If it does not
fix the bug for you, please add a comment stating that, and change the
tag to verification-failed-bionic. In either case, without details of
your testing we will not be able to proceed.

Further information regarding the verification process can be found at
https://wiki.ubuntu.com/QATeam/PerformingSRUVerification .  Thank you in
advance!

** Changed in: ca-certificates-java (Ubuntu Bionic)
       Status: New => Fix Committed

** Tags added: verification-needed verification-needed-bionic

-- 
You received this bug notification because you are a member of OpenJDK,
which is subscribed to ca-certificates-java in Ubuntu.
https://bugs.launchpad.net/bugs/1769013

Title:
  Please merge ca-certificates-java 20180413 (main) from Debian unstable
  (main)

Status in JOSM:
  Unknown
Status in ca-certificates-java package in Ubuntu:
  Fix Released
Status in ca-certificates-java source package in Bionic:
  Fix Committed

Bug description:
  [Original Merge description]
  There's a new ca-certificates-java package in debian unstable versioned 20180413 which conflicts with cosmic's version 20170930ubuntu1 [1] and requires a merge.

  The following changes should be kept:
  1) debian/control: Bump javahelper build dependency.
  2) debian/rules:
  2a) Explicitly depend on openjdk-11-jre-headless, needed to configure.
  2b) Replace javac arguments '-source 1.7 -target 1.7' with '--release 7'
      as, per JEP-247, it also takes care of setting the right -bootclasspath
      argument.

  And a new change should be considered:
  - remove the creation of a default jvm-*.cfg file from debian/jks-keystore.hook.in as openjdk packages already provides a default jvm with the right configuration.

  
  [Impact]
  Besides the fix in bug 1739631 this merge also removes the usage of a fixed jvm config file by ca-certificates-java. A long long time ago ca-certificates-java failed to be installed together with openjdk because during configuration its scripts/hooks will call java, which would then be missing the jvm config file (as openjdk was only configured but not yet installed by dpkg). Still this was wrong as such solution requires that every package that depended on openjdk during dpkg configuration to provide their own jvm cfg - since that file tells openjdk which VM are available and their alias this configuration might not match what VMs (client, server, jamvm, zero, etc) are available with any given openjdk package.

  This usage is no longer required since OpenJDK packages have provided
  their own default exactly for this scenario since 2009 back to
  Jaunty's openjdk version 6b14-0ubuntu4 [2] - which is the correct
  approach for this problem as the openjdk maintainers known what jvm
  should default to in each architecture.

  This has already been fixed in the postinst script by debian 874276
  [3], but unfortunately the jks-keystore hook was not fixed at the
  time.

  [Test Case]
  * Install ca-certificates-java in a clean bionic install, it should be able to configured correctly by dpkg while openjdk is also being configured.

  [Regression Potential]
  * if the openjdk package ever fail to ship a default jvm config file (or ships a badly configured one) the configuration step of ca-certificates-java might fail, but this is no worse than it shipping its own misconfigured jvm config file.

  [Other Info]

  
  [References]
  [1] https://merges.ubuntu.com/main.html?query=ca-certificates-java
  [2] https://bazaar.launchpad.net/~openjdk/openjdk/openjdk8/revision/311
  [3] https://bugs.debian.org/874276

To manage notifications about this bug go to:
https://bugs.launchpad.net/josm/+bug/1769013/+subscriptions

References

  Thread PreviousDate PreviousThread Next