Bug#767999: debootstrap/base-passwd: #767999 and #766459 should really be fixed in base-passwd

2014-11-06 Thread Michael Tautschnig 
[ BCC'ing Santiago, Holger, Adam, Cyril ]

Hi all,

I'm refraining from quoting the preceding mails as most of you will have those
in their inbox, and I'd rather summarise the situation right here:

At least Santiago's and my opinion diverge on whether base-passwd is presently
in line with policy on 3.8 Essential packages. Therefore the route from here
appears to hinge on interpreting policy in one of two ways: my point is that
base-passwd, at present, is not providing its functionality after just being
unpacked - it does require postinst having been run. Santiago claims, if I
interpret this correctly, that every package has to be configured at least once
before being useful at all (irrespective of whether it is essential or not).

The steps from here are such:

1. Determine whether base-passwd is in line with policy on providing its
functionality as an essential package.
  A) If it is, then debootstrap is buggy.
  B) If base-passwd violates policy, then base-passwd is buggy.

2. If debootstrap is buggy, then the most effective way of updating as many
debootstrap installations as possible must be found.

3. If base-passwd violates policy, policy could be amended to acknowledge
base-passwd's special case. Then again we are in situation 2.

4. If base-passwd violates policy and policy would not be amended, then
base-passwd will need to be changed. Again, as you aren't base-passwd's
maintainer, you are not to be tasked with this.

My point of view is that base-passwd should be changed, and thanks to
suggestions from Tollef last night the attached patch should actually achieve
this. The idea simply is to sort out creating /etc/passwd and /etc/group in
preinst already, so that these files will be present once the package reaches
the state unpacked.

Using a version of base-passwd modified in this way makes wheezy's debootstrap
work for me.

I am thus CC'ing Colin as base-passwd's maintainer to gather his input - I'm not
really up for any bug-reassigning game, so I'd rather not do this myself without
consent by any of the involved package maintainers (I'm just a debootstrap
user...).

Best,
Michael

diff -Nru base-passwd-3.5.36/debian/other base-passwd-3.5.36/debian/other
--- base-passwd-3.5.36/debian/other 1970-01-01 01:00:00.0 +0100
+++ base-passwd-3.5.36/debian/other 2014-11-06 11:18:54.0 +
@@ -0,0 +1,10 @@
+
+override_dh_clean:
+   dh_auto_clean
+   $(RM) debian/preinst
+
+override_dh_auto_configure:
+   cp debian/preinst.in debian/preinst
+   sed -e '/@PASSWD@/ {' -e 'r passwd.master' -e 'd' -e '}' -i 
debian/preinst
+   sed -e '/@GROUP@/ {' -e 'r group.master' -e 'd' -e '}' -i debian/preinst
+
diff -Nru base-passwd-3.5.36/debian/preinst.in 
base-passwd-3.5.36/debian/preinst.in
--- base-passwd-3.5.36/debian/preinst.in1970-01-01 01:00:00.0 
+0100
+++ base-passwd-3.5.36/debian/preinst.in2014-11-06 10:47:29.0 
+
@@ -0,0 +1,23 @@
+#! /bin/sh
+
+set -e
+
+if [ ! $1 = install ] ; then
+exit 0
+fi
+
+if [ ! -e /etc/passwd ] ; then
+   cat  /etc/passwd EOF
+@PASSWD@
+EOF
+fi
+
+if [ ! -e /etc/group ] ; then
+   cat  /etc/group EOF
+@GROUP@
+EOF
+fi
+
+#DEBHELPER#
+
+exit 0
diff -Nru base-passwd-3.5.36/debian/rules base-passwd-3.5.36/debian/rules
--- base-passwd-3.5.36/debian/rules 2014-08-31 18:04:51.0 +0100
+++ base-passwd-3.5.36/debian/rules 2014-11-06 11:25:54.0 +
@@ -5,6 +5,16 @@
 export DEB_BUILD_MAINT_OPTIONS := hardening=+all
 export DEB_CFLAGS_MAINT_APPEND := -Wall
 
+override_dh_auto_clean:
+   dh_auto_clean
+   $(RM) debian/preinst
+
+override_dh_auto_install:
+   cp debian/preinst.in debian/preinst
+   sed -e '/@PASSWD@/ {' -e 'r passwd.master' -e 'd' -e '}' -i 
debian/preinst
+   sed -e '/@GROUP@/ {' -e 'r group.master' -e 'd' -e '}' -i debian/preinst
+   dh_auto_install
+
 override_dh_installdebconf:
touch debian/base-passwd.substvars
mv debian/base-passwd.substvars debian/base-passwd.substvars.real


pgpx38I6SSozq.pgp
Description: PGP signature

Bug#767999: debootstrap/base-passwd: #767999 and #766459 should really be fixed in base-passwd

2014-11-06 Thread Michael Tautschnig 
Hi,

On Thu, Nov 06, 2014 at 22:44:40 +0100, Adam Borowski wrote:
 On Thu, Nov 06, 2014 at 02:06:07PM +, Michael Tautschnig wrote:
[...]
  1. Determine whether base-passwd is in line with policy on providing its
  functionality as an essential package.
A) If it is, then debootstrap is buggy.
 
 Even if it somehow is, there's a practical problem: it's impossible to
 deploy a fix to a significant part of users.
 

Yes, I can see that. But determining the package at fault would nevertheless
help to see what the best fix is in the long run.

B) If base-passwd violates policy, then base-passwd is buggy.
 
 I say it is, but since the only consumer that matters is base-files, it
 might be safer to change the latter.
 

Well, as Santiago has said in many ways, the necessary changes to base-files
could be painful as well. I'd rather see it the other way: if base-passwd were
changed, it might as well be possible to simplify debootstrap further as it
could be the case that the present dpkg -i call specific to base-files and
base-passwd would no longer be necessary, i.e., they could just be installed in
arbitrary sequence with the other essential packages.

  My point of view is that base-passwd should be changed, and thanks to
  suggestions from Tollef last night the attached patch should actually 
  achieve
  this. The idea simply is to sort out creating /etc/passwd and /etc/group in
  preinst already, so that these files will be present once the package 
  reaches
  the state unpacked.
 
 I tested your patch when debootstrapping from squeeze, it did work.  Should
 I test some more scenarios (cdebootstrap?  2-phase cross-arch debootstrap?
 some other distro?) -- or do you think it should be safe?
 

Cool, thanks!! If testing is trivial for you then I'm sure this would be
appreciated (in particular the it did not work before, but not it works
improvement). While I wouldn't really expect any new problems, I don't know
enough about, e.g., cdebootstrap so maybe something could go wrong over there?

Best,
Michael



pgps39u023zjj.pgp
Description: PGP signature

Bug#766459: debootstrap: should not try to configure

2014-10-28 Thread Michael Tautschnig 
Hi Santiago, All,

On Tue, Oct 28, 2014 at 13:39:06 +0100, Santiago Vila wrote:
[...]
 I already tried to fix this problem yesterday in base-files by making
 minor changes. It didn't work.
 
 And it didn't work because contrary to what some people in this thread
 has suggested, this issue has *absolutely* nothing to do with recent changes
 in base-files. Most probably, this is what happened:
 
 debootstrap in wheezy installs base-passwd and base-files in the same dpkg 
 run.
 
 The order in which base-files and base-passwd are configured is not
 defined in policy so it may depend on the dpkg version, which is
 almost like saying that it could be random.
 
 At this moment dpkg in jessie and sid are quite different, so most likely:
 
 dpkg in jessie happen to configure base-passwd first, and it works.
 dpkg in sid happen to configure base-files first, and it fails.
 
 So I could be wrong, but this (recent changes in dpkg) is most likely
 the real reason this didn't bite us before.
 

Yes, and I'm trying to confirm this right now. The diff between set-of-working
packages vs. set-of-failing packages is

5c5
 base-files_7.8_amd64.deb
---
 base-files_7.7_amd64.deb
21c21
 dpkg_1.17.20_amd64.deb
---
 dpkg_1.17.19_amd64.deb
56c56
 libc6_2.19-12_amd64.deb
---
 libc6_2.19-11_amd64.deb
59c59
 libc-bin_2.19-12_amd64.deb
---
 libc-bin_2.19-11_amd64.deb
61c61
 libcryptsetup4_2%3a1.6.6-3_amd64.deb
---
 libcryptsetup4_2%3a1.6.6-2_amd64.deb
132c132
 multiarch-support_2.19-12_amd64.deb
---
 multiarch-support_2.19-11_amd64.deb
159c159
 tzdata_2014i-1_all.deb
---
 tzdata_2014h-2_all.deb
162,163c162,163
 vim-common_2%3a7.4.488-1_amd64.deb
 vim-tiny_2%3a7.4.488-1_amd64.deb
---
 vim-common_2%3a7.4.481-1_amd64.deb
 vim-tiny_2%3a7.4.481-1_amd64.deb

but likely it all boils down to the changes in dpkg.

 
 So please next time a simple chown root:root fails, let us not kill
 the messenger, ok? It has been quite disappointing to me to see so
 many fingers wrongly pointing at base-files, when base-files was never
 to blame for this.


As surely I was among the people pointing fingers I would like to apologise for
not having identified the right change causing those problems. I'm not yet sure
about the other absent dependency, but I'll do proper debugging before coming up
with further ideas.

Best,
Michael



pgpmjxKfzOisk.pgp
Description: PGP signature

Bug#766459: debootstrap: should not try to configure

2014-10-27 Thread Michael Tautschnig 
Hi all,

I'm being heavily bitten by this one as well and I'm mildly shocked to see it
crop up this late in the release cycle. I'm not going to hide that I believe
this ought to be reassigned to base-files. I'll try to elaborate below.


Santiago Vila wrote:
[...]
 In this particular case, I believe the reason for the failure (that
 didn't happen before) is some change in base-passwd, not something
 that base-files does differently now.
 

I tend to disagree: base-passwd hasn't been touched since 2014-09-04, whereas
debootstrap only started to fail last week, when base-files 7.7 was uploaded.
It's this change I believe:

http://sources.debian.net/src/base-files/7.7/debian/postinst.in/?hl=132,133,134#L132

Causing

chown: invalid user: 'root:root'

Admittedly, though, this just exposes a problem that had been lingering for a
while as the calls to chown using root:root could have been invoked from several
bits of the postinst script.

 In principle, every essential package may depend on any other, and the
 set of real dependencies may change over time, so it's natural that
 debootstrap needs minor adjustments from time to time.

So would you expect some sort of versioned dependencies in debootstrap? As the
upload of base-files 7.7 showed, it is changes in packages that suddenly require
new hacks. And a key problem is that tools like debootstrap ought to work from
within, e.g., stable release to bootstrap future releases like testing or
unstable. Suggesting that a bootstrapping tool is changed due to updates in
another package is going to cause a major dependency loop as at least testing
efforts such as those of jenkins.d.n will be broken.

In fact it would be easier to codify this in dpkg than in debootstrap, I
believe, as dpkg would live in the same suite as the package to be installed.
But this sounds like very bad design indeed.

   You will find a more complete explanation of this in the logs for
   Bug#760568 where I'm asked no less than to depend on base-passwd,
   which is essential! IMHO, this is definitely not the way to go.
 

Using the essential! hammer doesn't sound like a great argument when your
package is essential.

  It's past time to be untangling the Essential hairball. Correct dependency
  metadata is much more scalable than hacks in debootstrap.
 
 I agree that you may have a point here. In fact, in the aforementioned
 bug #760568 against cdebootstrap, which is very similar to this one,
 I suggested the idea that if the knowledge about right package ordering
 among essential packages were codified and written somewhere, other
 similar tools could use the same information without having to
 reinvent the wheel.
 
 I see now that the control file could be such common place to have
 that information, but I would like to see a little bit of *design*
 before doing anything which is not in policy yet.
 
 For example, we could use:
 
 * The same Depends field we are using for normal dependencies.
 
 * A new field for this particular purpose which dpkg and friends
 ignore under normal circumstances, and an environment variable which
 debootstrap may set to tell dpkg and friends that they should actually
 honor them instead of ignoring them.
 
 * An extension of the Depends field, much like !stage1 is used in
 Build-Depends for build profiles.
 
 So yes, we could consider to codify this metadata (the fact that
 base-files postinst uses chown and expect the root user to exist,
 for example) in *some* way...
 
  Stop being part of the problem, and add the dependency already..
 
 ... but please let us think about it first. Starting to add Depends
 field here and there in a random fashion just because it makes
 debootstrap not to fail anymore is not something I will be happy
 with.
 

I do fully agree that care must be taken, as dependency loops would obviously be
a major problem.

 The Depends field is implicit among the set of essential packages.

I'm not too sure about the among bit here? No doubt that this is implicit for
any non-essential package, but among them I'm not sure whether any rules apply
right now?

 If a tool like apt-get or dpkg really behaves in a different way when
 I add a Depends field which was already implicit, I think that there
 is something fundamentally wrong here.
 

Does dpkg really add the essential information into its dependency
information? Wouldn't this rather be seen as ah, essential, so it must be
there? At least briefly looking at dpkg's source code I cannot seem to see dpkg
considering this implicit dependency at all (unless attempting to remove an
essential package).

 So, to summarize: I'm not opposed to modify policy when it says that
 we don't need to include dependencies on essential packages, but if we
 decide to go that route, please let us do it according to some *plan*,
 not in a random fashion, because otherwise, IMHO, *that* would be the
 real hack.
 

I do appreciate being careful, but then bug fixes for a bug of normal severity
(#763405) shouldn't

Re: Bug#766459: debootstrap: should not try to configure

2014-10-27 Thread Michael Tautschnig 
I'm hoping this is not going to be too philosophical, so I'll enlist the facts
first (please let me know if I got any of them wrong):

debootstrap'ing a system fails, because

- chown root:root ... won't work when invoked from base-files' postinst
- version 7.7 of base-files is the first to actually have this call when invoked
  from within (c)debootstrap
- using root:root relies on /etc/passwd and /etc/group being in place and
  populated
- /etc/passwd and /etc/group are provided by base-passwd, which is essential

On Mon, Oct 27, 2014 at 11:08:55 +0100, Santiago Vila wrote:
 I'm going to reply to Julien first, then to Michael.
 
 On Mon, 27 Oct 2014, Julien Cristau wrote:
 
  On Mon, Oct 27, 2014 at 08:35:14 +, Michael Tautschnig wrote:
  I agree this should be fixed in base-files.
 
 Bugs should be fixed where they are. If base-files, or any other
 package, essential or not, can't make a simple chown root:root, then
 it is a bug in whatever package was responsible for making sure that
 the root user exist in a Debian system, base-passwd and debootstrap in
 this case.
 
[...]
 This has worked for ages, and it should continue to work, because
 base-passwd is essential.
 

So let's see what Debian Policy says in 3.8 Essential packages:

[...] Since dpkg will not prevent upgrading of other packages while an
essential package is in an unconfigured state, all essential packages must
supply all of their core functionality even when unconfigured. If the package
cannot satisfy this requirement it must not be tagged as essential, and any
packages depending on this package must instead have explicit dependency fields
as appropriate. [...]

While base-passwd is essential, the question seems to be whether providing
/etc/passwd and /etc/group are its core functionality. The description of
base-passwd states: These are the canonical master copies of the user database
files (/etc/passwd and /etc/group), containing the Debian-allocated user and
group IDs.

The package base-passwd, however, will only copy those files into place in its
postinst script. It may thus be argued (if provision of the files is considered
core functionality) that base-passwd violates policy. Yet it may be impossible
for base-passwd to implement this bit of policy unless unconditionally
overwriting /etc/passwd and /etc/group were deemed acceptable (which it surely
isn't, unless we implement something like /etc/passwd.d/ and /etc/group.d/).

A collection of possible ways forward - feel free to add more:

- base-passwd should no longer be marked essential, but instead base-files
  should depend on it (making base-passwd implicitly essential), hence neither
  would base-passwd be violating policy nor would we any longer face the
  problems in base-files/(c)debootstrap. But maybe other issues arise, which I
  might not be aware of.

- base-files should explicitly depend on base-passwd, because it uses
  functionality that is not considered core functionality of base-passwd.

- We ignore the policy violation of base-passwd or consider the use of
  /etc/passwd in base-files use of non-core functionality and hence ignore the
  bug in base-files. Either ignorance will then require working around those
  bugs in (c)debootstrap.

Best,
Michael



pgp8tHayOOAmV.pgp
Description: PGP signature

Re: Bug#766459: debootstrap: should not try to configure

2014-10-27 Thread Michael Tautschnig 
Apologies if I may be repeating information as we were concurrently working on
those messages.

On Mon, Oct 27, 2014 at 11:34:06 +0100, Santiago Vila wrote:
[...]
 I just expect debootstrap maintainers to cooperate with the release
 managers to ensure that the version in stable is able to debootstrap
 the testing distribution, whenever it is possible to do so.
 

This should, however, ideally work both ways: any package modification expected
to break debootstrap would have to be communicated. But arguably this will not
necessarily be obvious, as can be seen here.

 I've heard that the version in wheezy-backports does not have this problem.
 Maybe it could be just a matter of making an upload for the next point 
 release.
 I don't know.
 

That's because of the following workaround, which is being disputed:

 debootstrap (1.0.56) unstable; urgency=low
 .
   [ Tollef Fog Heen ]
   * Install base-passwd and base-files in two calls rather than one to
 avoid problems with home-built media with different ordering in
 Packages.  Thanks to Jo Shields for pointing this out and providing
 the workaround.  Closes: #601670.  LP: #1001131.

Though see my earlier mail: if debootstrap ends up being the package to finally
close this bug, then, yes, this might be the route to go.

[...]
   If a tool like apt-get or dpkg really behaves in a different way when
   I add a Depends field which was already implicit, I think that there
   is something fundamentally wrong here.
  
  Does dpkg really add the essential information into its dependency
  information? Wouldn't this rather be seen as ah, essential, so it must be
  there? At least briefly looking at dpkg's source code I cannot seem to see 
  dpkg
  considering this implicit dependency at all (unless attempting to remove an
  essential package).
 
 In the general case we don't have to worry about that because once
 that essential packages are properly installed and configured, they
 will continue to work all the time unless apt-get does some really
 weird things.
 

Yes and no: mind that that essential only provides guarantees for
functionality being available as soon as the package is unpacked. The
configured bit is irrelevant for features deemed essential.

 But how are we expected to have all the essential packages properly
 installed and configured?
 
 Should base-files worry about base-passwd being properly installed and
 configured before making a chown? Certainly not, this is the work of
 debootstrap!
 

No. As you are using the base-passwd is essential argument, base-files can
only rely on functionality provided by base-passwd when that is unpacked. The
order of packages being configured is not covered by essential and neither
should it be debootstrap's job to sort this out (but debootstrap 1.0.56 does do
this).

[...]
 In either case, I'm going to re-examine carefully what I did in
 base-files 7.7 and see if there is a simple workaround that may be
 done to avoid this problem.
 

Much appreciated, but obviously we should, as you suggested, see what the right
way of fixing this is.

Best,
Michael



pgpDPcf798kxO.pgp
Description: PGP signature

Re: Bug#766459: debootstrap: should not try to configure

2014-10-27 Thread Michael Tautschnig 
On Mon, Oct 27, 2014 at 12:07:24 +0100, Santiago Vila wrote:
 On Mon, 27 Oct 2014, Michael Tautschnig wrote:
 
  I'm hoping this is not going to be too philosophical, so I'll enlist the 
  facts
  first (please let me know if I got any of them wrong):
  
  debootstrap'ing a system fails, because
  
  - chown root:root ... won't work when invoked from base-files' postinst
  - version 7.7 of base-files is the first to actually have this call when 
  invoked
from within (c)debootstrap
 
 Regarding previous point, it should be noted that base-files postinst
 has a lot of chown calls. I would like to know how it is possible that
 only the recently added is the one that fails and not the others
 (if that's really the case).
 

I suppose none of the others are being executed as all of them are guarded by
some combination of checks?

 BTW: I don't know what is the proper way to debug this (private
 repository using reprepro?). Can anybody confirm that the chown that
 fails is exactly the one at the very end?
 

Indeed it could be a very different one.  I'm attaching a full log with the
postinst script having set -evx. It might be obvious, but this is being run on a
wheezy system.

  So let's see what Debian Policy says in 3.8 Essential packages:
  
  [...] Since dpkg will not prevent upgrading of other packages while an
  essential package is in an unconfigured state, all essential packages must
  supply all of their core functionality even when unconfigured. If the 
  package
  cannot satisfy this requirement it must not be tagged as essential, and any
  packages depending on this package must instead have explicit dependency 
  fields
  as appropriate. [...]
 
 This is about dpkg when making upgrades. It means that once an
 essential package is properly configured, it should not stop working
 because of it being unconfigured by dpkg (whatever that means).
 
 I think it does not apply here.
 

Then maybe take the first sentence in 3.8 Essential packages instead: Essential
is defined as the minimal set of functionality that must be available and usable
on the system at all times, even when packages are in the Unpacked state.

If not this one (and not the one above), which bit of policy are you then
relying on when you do the chown calls?

 [ snipped philosophical stuff. I would much prefer to have free time
   to work on this rather than discuss about it. Really ].
 

As you please. I was just hoping to find potential options other than revert
the change in base-files.

Best,
Michael

root@mt-farm05:~# mkdir /srv/sid-base.cow
root@mt-farm05:~# pbuilder create --aptcache /srv/jenkins-slave/aptcache 
--debootstrapopts --keyring=/usr/share/keyrings/debian-archive-keyring.gpg 
--buildplace /srv/sid-base.cow --mirror ftp://ftp.uk.debian.org/debian 
--distribution sid --no-targz --extrapackages cowdancer
I: Running in no-targz mode
I: Distribution is sid.
I: Current time: Mon Oct 27 11:44:42 GMT 2014
I: pbuilder-time-stamp: 1414410282
I: Building the build environment
I: running debootstrap
/usr/sbin/debootstrap
I: Retrieving Release
I: Retrieving Release.gpg
I: Checking Release signature
I: Valid Release signature (key id A1BD8E9D78F7FE5C3E65D8AF8B48AD6246925553)
I: Retrieving Packages
I: Validating Packages
I: Resolving dependencies of required packages...
I: Resolving dependencies of base packages...
I: Found additional required dependencies: acl adduser dmsetup 
init-system-helpers insserv libaudit-common libaudit1 libbz2-1.0 libcap2 
libcap2-bin libcryptsetup4 libdb5.3 libdebconfclient0 libdevmapper1.02.1 
libgcrypt20 libgdbm3 libgpg-error0 libkmod2 libncursesw5 libprocps3 
libsemanage-common libsemanage1 libslang2 libsystemd0 libudev1 libustr-1.0-1 
perl perl-modules procps systemd systemd-sysv udev
I: Found additional base dependencies: binutils bzip2 cpp cpp-4.9 
debian-archive-keyring dpkg-dev g++ g++-4.9 gcc gcc-4.9 gnupg gpgv 
libapt-pkg4.12 libasan1 libatomic1 libc-dev-bin libc6-dev libcilkrts5 
libcloog-isl4 libdpkg-perl libgcc-4.9-dev libgmp10 libgomp1 libisl10 libitm1 
liblsan0 libmpc3 libmpfr4 libquadmath0 libreadline6 libstdc++-4.9-dev 
libstdc++6 libtimedate-perl libtsan0 libubsan0 libusb-0.1-4 linux-libc-dev make 
patch readline-common xz-utils
I: Checking component main on ftp://ftp.uk.debian.org/debian...
I: Retrieving acl
I: Validating acl
I: Retrieving libacl1
I: Validating libacl1
I: Retrieving adduser
I: Validating adduser
I: Retrieving apt
I: Validating apt
I: Retrieving libapt-pkg4.12
I: Validating libapt-pkg4.12
I: Retrieving libattr1
I: Validating libattr1
I: Retrieving libaudit-common
I: Validating libaudit-common
I: Retrieving libaudit1
I: Validating libaudit1
I: Retrieving base-files
I: Validating base-files
I: Retrieving base-passwd
I: Validating base-passwd
I: Retrieving bash
I: Validating bash
I: Retrieving binutils
I: Validating binutils
I: Retrieving build-essential
I: Validating build-essential
I: Retrieving bzip2
I: Validating bzip2
I: Retrieving libbz2-1.0
I: Validating

Re: Bug#766459: debootstrap: should not try to configure

2014-10-27 Thread Michael Tautschnig 
On Mon, Oct 27, 2014 at 16:36:42 +0100, Santiago Vila wrote:
[...]
 For example, your interpretation would force base-passwd to lose its
 essential flag, because it can't provide its core functionality only
 when in unpacked state. Then, according to policy, base-files and
 *every* other package using any of the system users in any of its
 maintainer scripts would have to add a Depends: base-passwd, since
 they depend on functionality which is only available after base-passwd
 has been configured.
 

Yes, indeed this is what I'd infer from policy. But I could easily be wrong.

 Frankly, I don't think that's what we want.
 

I would say that at least we do not want this at this point in the release
cycle as it appears be bear way too many risks.

Admittedly, all that *I* want is a working debootstrap, so I'm also ok just
having the changes in base-files for now (or maybe also in debootstrap).

Best,
Michael



pgp4bTvfbnFKY.pgp
Description: PGP signature

Bug#749995: debian-installer-netboot-images: FTBFS - debian-installer not found in wheezy-proposed-updates

2014-05-31 Thread Michael Tautschnig 
Package: debian-installer-netboot-images
Version: 20130613+deb7u2.b1
Usertags: goto-cc

During a rebuild of all Debian packages in a clean sid chroot (using cowbuilder
and pbuilder) the build failed with the following error.

[...]
sha256sum: debian-installer_20130613+deb7u2+b1_amd64.deb.sha256sum: no properly 
formatted SHA256 checksum lines found
debian/rules:18: recipe for target 'get-images-amd64' failed

The reason lies here:

- The code fetches 
http://mirror.lchost.net/debian/dists/wheezy-proposed-updates/main/binary-amd64/Packages.gz
- Checks, unpacks, eventually ends up as amd64.Packages
- `grep-dctrl -P debian-installer -X -s Sha256 amd64.Packages` returns nothing

So debian-installer simply doesn't exist in wheezy-proposed-updates.


I'm leaving the severity of this bug report untouched as this may all be well
known?

Best,
Michael



pgpjU28btnKUL.pgp
Description: PGP signature

Bug#749228: kbd-chooser: Conflicting return types of loadkeys_wrapper

2014-05-25 Thread Michael Tautschnig 
Package: kbd-chooser
Version: 1.67
Severity: wishlist
Usertags: goto-cc

During a rebuild of all packages in a clean sid chroot (and cowbuilder+pbuilder)
the build failed with the following error. Please note that we use our research
compiler tool-chain (using tools from the cbmc package), which permits extended
reporting on type inconsistencies at link time.

[...]
cc -Wall  -I. -DNDEBUG=1 -fomit-frame-pointer -Os -DAT_KBD  -DUSB_KBD 
kbd-chooser.c -o kbd-chooser loadkeys.o findfile.o ksyms.o  getfd.o  at-kbd.o  
usb-kbd.o -ldebconfclient -ldebian-installer

error: conflicting function declarations loadkeys_wrapper
old definition in module kbd-chooser file kbd-chooser.c line 27
signed int (char *)
new definition in module loadkeys file loadkeys.y line 257
void (char *map)
Makefile:95: recipe for target 'kbd-chooser' failed
make[1]: *** [kbd-chooser] Error 64
make[1]: Leaving directory 
'/srv/jenkins-slave/workspace/sid-goto-cc-kbd-chooser/kbd-chooser-1.67'
dh_auto_build: make -j1 returned exit code 2
debian/rules:3: recipe for target 'build' failed
make: *** [build] Error 2

As the actual implementation does not return a value, and neither does the call
site pick up a return value, this seems to be just a mistake here:

http://sources.debian.net/src/kbd-chooser/1.67/kbd-chooser.c?hl=27#L27

Yet it is worth fixing to avoid any future (invalid) use of the presumed return
value.

Best,
Michael



pgppN_AU8b5z2.pgp
Description: PGP signature