Bug#574072: apt-get upgrade re-upgrades same packages over and over (to same already installed version)
package apt
forcemerge 351056 574072
tag 351056 + patch
thanks
2010/3/17 Sten Heinze <sten.heinze@gmx.de>:
> Qt package currently in my local repository are compiled from the same source
> as the experimental ones. No modifications are made to the source, so there
> should be no difference.
The source is identical, but the binary package isn't equal - the build
environment is e.g. different: As you can see the md5sum of the packages
official vs. your rebuild aren't equal and - if you look a bit closer
you will see
that the Install-Size of the packages aren't equal, too.
(and that is why apt doesn't merge the versions).
> How do I find out if apt sees them really as the same? I've seen some checksums
> in the apt-cache output attached, but I can't figure out how to get them from
> the Debian repositories, maybe grep-dctrl or something else?
The policy command tells you this: All repositories listed under the
same version number are considered equal, so for example:
> Versions-Tabelle:
> 4:4.6.2-1 0
> 1 http://ftp.de.debian.org experimental/main Packages
> *** 4:4.6.2-1 0
> 100 /var/lib/dpkg/status
> 4:4.5.3-4 0
> 500 http://ftp.de.debian.org testing/main Packages
> 50 http://ftp.de.debian.org unstable/main Packages
The versions with number 4:4.6.2-1 are not equal (and therefore
not merged) - versions with 4:4.5.3-4 are equal.
The hash apt computes internal isn't visible - and is not the one
display as md5sum and co. in the show command - that are the
hashes for the deb packages and not available in the dpkg-status file,
therefore apt generates his own simple hash over metadata available
in all sources Packages files and dpkg status file.
Back to the problem itself:
The version merger in apt is a bit broken if multiply versions with
different hashes are available. In your case two versions are available:
the official and your rebuilt - now apt tries to merge the status file
and doesn't find the right version and therefore creates a new one:
This triggers the "local and online package with the same version
but different hash - reinstall it" feature -- in an endless loop as it
will reinstall version 2, but compares in the next run only against
version 1 leading again to a version 3…
This bug should be fixed by applying the patch from #351056 [0].
I have therefore optimistically merged your bug to this group and
the changelog will close them all together as most (if not all) are
caused by this bug or no longer reproducible with newer APT…
… or caused by the reinstall feature which if it runs only one time
is really a feature as it is a simple matter of pinning in action.
But still, i want to highlight:
It is not recommend to have multiple sources providing different
packages with the same version number. APT can more or less
handle it (as you can see here) but the real problem is that it is
rather confusing for humans or other applications - especially
as it is trivial to solve that: Just built your packages with a
different versionnumber, e.g. 4:4.6.2-1+b1~yourname
instead of rebuilding with 4:4.6.2-1. Following a version scheme
like this will help identifying your rebuilt packages on the first look
rather than depending on your memory. :)
Best regards / Mit freundlichen Grüßen,
David Kalnischkies
[0] http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=351056#87
complete with changelog and a few comments in my branch:
http://bazaar.launchpad.net/~donkult/apt/sid/revision/1962
Reply to: