Re: recommended way to fix Bug#492814 ?
On Tue, Jul 29, 2008 at 02:29:18PM -0700, Ivan Kohler wrote:
> > Ok; apparently I misread the control file.
> > Build-Depends: [...] libxcrypt-dev (>= 2.4), libxcrypt-dev (< 3.0)
> > Apparently, my question was meant to be: why was a package uploaded to
> > unstable that build-depends on a version of libxcrypt that's only in
> > testing (since libxcrypt-dev 3.0-2 was uploaded over a month before your
> > libpam-unix2 upload)?
> Because that's the version it needs to be functional. libpam-unix2 2.4
> needs libxcrypt before 3.0. It doesn't work with libxcrypt 3.0.
> > I'm not seeing how you expected this to work, so I'm
> > not sure what to recommend as a way out of this mess.
> I expected (wrongly, obviously) it would pick up the build dependency
> and build against the correct packages...
Packages uploaded to unstable have to be buildable in unstable.
> > > To fix the libxcrypt build problem in unstable, I'll need to revert to
> > > the previous version.
> > Why can't you *fix* the bug? It's a trivial build failure to fix - just
> > stop building with -Werror.
...
> > > 3.0 currently in unstable is unsuitable for release.
> >
> > For reasons other than the build failure?
> Yes. libpam-unix2 needs the previous version to build and work
> correctly.
> > That is certainly not evident from the BTS.
> http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=487487
There's nothing in bug #487487 that explains why libpam-unix2 can't use the
newer version of libxcrypt. I had to figure this out for myself by
downloading the libpam-unix2 2.4.1 package, to see that it uses a function
from libxcrypt1 that's no longer present in libxcrypt2.
> > If the build failure is the only reason, I don't see why you
> > wouldn't just fix it.
> The libxcrypt build failure is not really relevant. It could have built
> fine and there would still be the same exact problem.
Which problem? The problems I can see are:
- libpam-unix2 2.5.0 was broken, because it was built against the old
version of libxcrypt which it's not compatible with
- libxcrypt is failing to build
- libpam-unix2 1:2.4.1-1 is failing to build because it has a versioned
build-dependency on a previous version of libxcrypt
>From what I see, fixing libxcrypt so that it builds would have also
addressed the first problem because libpam-unix2 2.5.0 could have been
rebuilt against the new libxcrypt; but now you've uploded an older version
of libpam-unix2 which introduces a new incompatibility, so you would have to
both fix libxcrypt, and upload libpam-unix 2.5.0 again.
I still think that's the best option, unless there's some *other*
undocumented reason why libxcrypt2 is unsuitable for release. I think it's
the best option because it avoids epoching a library, and because it would
continue to use the libpam-unix2 2.5.0 package which, aside from not being
able to do password changing at present, appears to have at least received
some testing.
> > > How do you suggest I revert to libxcrypt 2.4 to fix the build problems
> > > in unstable *without* using a library epoch?
> > I don't.
> Okay, so you are confirming that the library epoch, distasteful though
> it may be, is still the best/correct way to fix the problem. I will
> prepare and upload corrected packages as per my original suggestion:
> - libxcrypt version 1:2.4-2 (no changes from 2.4-2 currently in
> testing)
> - libpam-unix2 1:2.4.1-2 version of libpam-unix2 (no changes except to
> update the build-dep)
The problem with this is that it brings in a "new" upstream version of
libpam-unix2, 2.4.1, which has before now not been in unstable or testing.
That should not normally qualify for a freeze exception, AFAICS; I'll let
someone else on the release team make the decision whether it should get
that freeze exception, but I believe the alternate approach I outlined above
allows for better QA by comparison.
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek@ubuntu.com vorlon@debian.org
Reply to: