[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#994513: marked as done (buster-pu: package debconf/1.5.71+deb10u1)



Your message dated Sat, 09 Oct 2021 12:11:43 +0100
with message-id <896b7609401ceb0e1c537222e26587ea2351415d.camel@adam-barratt.org.uk>
and subject line Closing bugs for fixes included in the 10.11 point release
has caused the Debian Bug report #994513,
regarding buster-pu: package debconf/1.5.71+deb10u1
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact owner@bugs.debian.org
immediately.)


-- 
994513: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=994513
Debian Bug Tracking System
Contact owner@bugs.debian.org with problems
--- Begin Message ---
Package: release.debian.org
Severity: normal
Tags: buster
User: release.debian.org@packages.debian.org
Usertags: pu

[ Reason ]
https://bugs.debian.org/984533 and its clone
https://bugs.debian.org/985572 showed a buster-to-bullseye upgrade bug
in which debconf was unable to execute whiptail between unpacking the
new libslang2 and unpacking the new libc6.  Part of the fix for that
involved adjusting debconf in bullseye to detect this situation and
gracefully fall back to text mode.  The other part of the fix was to
adjust libc6.preinst to do something similar, in case debconf has not
yet been upgraded or the running debconf frontend is still from an old
version.

Unfortunately, the code in libc6.preinst was somewhat broken, resulting
in buster-to-bullseye upgrades that hang in some situations.  We only
noticed this after bullseye released because the breakage is only
apparent with certain package sets that provoke apt into choosing
particular upgrade orderings; even with this, I only know of it
happening for people who run "apt upgrade" as a separate step before
"apt full-upgrade" (IMO unnecessarily, but it seems to be some people's
habit).  https://bugs.debian.org/994042 has an analysis of the situation
and a reproduction recipe.

While fixing this particular upgrade bug requires fixing libc6.preinst
(because its broken logic happens before debconf has an opportunity to
decide what to do), it's possible for apt to attempt to unpack some
*other* package between unpacking the new libslang2 and the new libc6
which also tries to use debconf in its preinst, and that would run into
a similar bug.  (I admit to not having a concrete example of such an
upgrade ordering.)  The only way to fix that situation is to cherry-pick
the fix for #985572 into debconf in buster.  As Aurelien points out in
#994042, we can't rely on people having applied all buster updates
before starting the upgrade to bullseye.  Nevertheless, I think this
change would make upgrades more robust, since debconf must take great
care not to crash like this.

I recognize that #985572's severity is only "wishlist", which ordinarily
wouldn't merit an oldstable update; at the time it was thought that a
glibc change in bullseye would be enough to work around this
effectively, and that making debconf more robust would just be icing on
the cake.  #994042 suggests to me that that was too complacent.  If this
request is accepted then I'll unarchive and reopen #985572 and set its
severity to "important".

[ Impact ]
Certain upgrade orderings may crash with something along the lines of
"whiptail: /lib/x86_64-linux-gnu/libm.so.6: version `GLIBC_2.29' not
found (required by /lib/x86_64-linux-gnu/libslang.so.2)".

[ Tests ]
The reproduction recipe in #994042 is worth testing with this change,
though that isn't sufficient.  To test this bug directly, the simplest
approach is to install whiptail and/or dialog before an upgrade from
buster to bullseye, but then deliberately break them somehow (for
example by using dpkg-divert to replace them with shell scripts that
write something to standard error and then exit non-zero).

At the moment I've only done some very basic tests along these lines,
but I'll do full upgrade tests before uploading, assuming this request
is accepted.  With a point release coming up soon I thought I'd better
get this request in now.

[ Risks ]
The change itself is simple: it just adds two additional guards.  The
alternative is to do nothing and accept the risk of broken upgrades.

[ Checklist ]
  [x] *all* changes are documented in the d/changelog
  [x] I reviewed all changes and I approve them
  [x] attach debdiff against the package in (old)stable
  [x] the issue is verified as fixed in unstable

[ Changes ]
I think the diff speaks for itself: it's just a couple of extra
--version checks.  (I've confirmed that both whiptail and dialog support
the --version argument in both buster and bullseye; and of course I'll
replace "UNRELEASED" with "buster" before uploading.)

diff -Nru debconf-1.5.71/Debconf/FrontEnd/Dialog.pm debconf-1.5.71+deb10u1/Debconf/FrontEnd/Dialog.pm
--- debconf-1.5.71/Debconf/FrontEnd/Dialog.pm	2019-01-15 09:56:11.000000000 +0000
+++ debconf-1.5.71+deb10u1/Debconf/FrontEnd/Dialog.pm	2021-09-16 23:36:53.000000000 +0100
@@ -65,7 +65,8 @@
 	# Autodetect if whiptail or dialog is available and set magic numbers.
 	if (Debconf::Path::find("whiptail") && 
 	    (! defined $ENV{DEBCONF_FORCE_DIALOG} || ! Debconf::Path::find("dialog")) &&
-	    (! defined $ENV{DEBCONF_FORCE_XDIALOG} || ! Debconf::Path::find("Xdialog"))) {
+	    (! defined $ENV{DEBCONF_FORCE_XDIALOG} || ! Debconf::Path::find("Xdialog")) &&
+	    system('whiptail --version >/dev/null 2>&1') == 0) {
 		$this->program('whiptail');
 		$this->dashsep('--');
 		$this->borderwidth(5);
@@ -77,7 +78,8 @@
 		$this->hasoutputfd(1);
 	}
 	elsif (Debconf::Path::find("dialog") &&
-	       (! defined $ENV{DEBCONF_FORCE_XDIALOG} || ! Debconf::Path::find("Xdialog"))) {
+	       (! defined $ENV{DEBCONF_FORCE_XDIALOG} || ! Debconf::Path::find("Xdialog")) &&
+	       system('dialog --version >/dev/null 2>&1') == 0) {
 		$this->program('dialog');
 		$this->dashsep(''); # dialog does not need (or support) 
 		                    # double-dash separation
diff -Nru debconf-1.5.71/debian/changelog debconf-1.5.71+deb10u1/debian/changelog
--- debconf-1.5.71/debian/changelog	2019-02-26 09:30:35.000000000 +0000
+++ debconf-1.5.71+deb10u1/debian/changelog	2021-09-16 23:37:29.000000000 +0100
@@ -1,3 +1,9 @@
+debconf (1.5.71+deb10u1) UNRELEASED; urgency=medium
+
+  * Check that whiptail or dialog is actually usable (closes: #985572).
+
+ -- Colin Watson <cjwatson@debian.org>  Thu, 16 Sep 2021 23:37:29 +0100
+
 debconf (1.5.71) unstable; urgency=medium
 
   [ Kevin Locke ]

Thanks,

-- 
Colin Watson (he/him)                              [cjwatson@debian.org]

Attachment: signature.asc
Description: PGP signature


--- End Message ---
--- Begin Message ---
Package: release.debian.org
Version: 10.11

Hi,

The updates relating to these bugs were included in this morning's
10.11 point release for buster.

Regards,

Adam

--- End Message ---

Reply to: