[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#996048: postfix-mta-sts-resolver: autopkgtest doesn't handle new version of ca-certificates nicely: rehash: warning: skipping ca-certificates.crt,it does not contain exactly one certificate or CRL

Source: postfix-mta-sts-resolver
Version: 1.0.0-4
Severity: serious
Tags: sid bookworm
User: debian-ci@lists.debian.org
Usertags: needs-update
Control: affects -1 src:ca-certificates

[X-Debbugs-CC: debian-ci@lists.debian.org,
ca-certificates@packages.debian.org]

Dear maintainer(s),

With a recent upload of ca-certificates the autopkgtest of
postfix-mta-sts-resolver fails in testing when that autopkgtest is run
with the binary packages of ca-certificates from unstable. It passes
when run with only packages from testing. In tabular form:

                         pass            fail
ca-certificates          from testing    20211004
postfix-mta-sts-resolver from testing    1.0.0-4
all others               from testing    from testing

I copied some of the output at the bottom of this report. The *warning*
seems to be innocent, but causes the test to fail because by default
autopkgtest considers output on stderr as fatal (without the
allow-stderr restriction).

Currently this regression is blocking the migration of ca-certificates
to testing [1]. Of course, ca-certificates shouldn't just break your
autopkgtest (or even worse, your package), but it seems to me that the
change in ca-certificates was intended and your package needs to update
to the new situation.

If this is a real problem in your package (and not only in your
autopkgtest), the right binary package(s) from ca-certificates should
really add a versioned Breaks on the unfixed version of (one of your)
package(s). Note: the Breaks is nice even if the issue is only in the
autopkgtest as it helps the migration software to figure out the right
versions to combine in the tests.

More information about this bug and the reason for filing it can be found on
https://wiki.debian.org/ContinuousIntegration/RegressionEmailInformation

Paul

[1] https://qa.debian.org/excuses.php?package=ca-certificates

https://ci.debian.net/data/autopkgtest/testing/amd64/p/postfix-mta-sts-resolver/15856707/log.gz

autopkgtest [19:39:52]: test run: [-----------------------
Updating certificates in /etc/ssl/certs...
rehash: warning: skipping ca-certificates.crt,it does not contain
exactly one certificate or CRL
1 added, 0 removed; done.
Running hooks in /etc/ca-certificates/update.d...
done.
autopkgtest [19:40:04]: test run: -----------------------]
autopkgtest [19:40:04]: test run:  - - - - - - - - - - results - - - - -
- - - - -
run                  FAIL stderr: rehash: warning: skipping
ca-certificates.crt,it does not contain exactly one certificate or CRL

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

Reply to: