Source: licensecheck Version: 3.0.28-1 Severity: wishlist Tags: patch User: [email protected] Usertags: cross-satisfiability
Hi, currently, licensecheck is involved in 48 source packages not being able to satisfy their crossbuild dependencies. See [1] for a list (Ctrl+F for licensecheck). This is because the dependencies of a source package have to be installed for the architecture that the source package is built for. During native compilation, that architecture is equal to the native architecture. During cross compilation it is a different architecture than the native architecture. The licensecheck package is Architecture:all and thus implicitly treated as being the native architecture. As it is, the package is thus unable to satisfy crossbuild dependencies of any source package build depending on it. There are multiple ways to resolve this situation: - make licensecheck Multi-Arch:foreign (with private perl lib) - make licensecheck Multi-Arch:foreign and split out perl library into a new package which is Architecture:any Multi-Arch:same - adapt all build dependencies on it with the :native qualifier For a binary package to be marked as Multi-Arch:foreign it has to not expose the architecture it is installed in. This seems to be the case for the licensecheck application. The interface the licensecheck script provides seems to be architecture independent. Unfortunately, the binary package also ships perl modules. Perl modules can be architecture independent (pure perl) or architecture specific (XS modules). The problem arises when the architecture independent module is on a dependency path between two architecture specific packages. The architecture independent package is unable to transport the architecture of its reverse dependency and it can thus happen that two XS modules of different architectures end up in the same installation set. Since the architecture of all XS modules has to be equal, the package becomes unusable. This is called the multiarch interpreter problem and a list of affected packages can be found here [2]. The only solution to the problem with our current dependency model is to put the architecture independent perl module into a binary package that is marked as Architecture:any and Multi-Arch:same. Fortunately though, a look through codesearch seems to suggest that nobody is using the perl module provided by the licensecheck binary package. Thus it is possible to just make the perl module private and thus prevent accidental usage by third parties. If the module is ever required by others, then it should be moved into a separate package which is marked Architecture:any and Multi-Arch:same. Since the problem can be fixed in the licensecheck package, we can avoid having to patch the 48 source packages that build depend on it. I attached a patch which marks the licensecheck package Multi-Arch:foreign and moves the perl module into a private path. Thanks! cheers, josch [1] https://bootstrap.debian.net/cross_all.html [2] https://bootstrap.debian.net/ma_interpreter.html
diff -Nru licensecheck-3.0.29/debian/changelog licensecheck-3.0.29/debian/changelog --- licensecheck-3.0.29/debian/changelog 2017-01-24 11:55:30.000000000 +0100 +++ licensecheck-3.0.29/debian/changelog 2017-02-05 09:31:18.000000000 +0100 @@ -1,3 +1,17 @@ +licensecheck (3.0.29-1.1) UNRELEASED; urgency=medium + + * Non-maintainer upload. + * Make the licensecheck package Multi-Arch:foreign so that it is able to + satisfy the crossbuild dependencies of (as of today) 49 source packages. + For the licensecheck binary package to be Multi-Arch foreign, the perl + module parts have to be hidden from the world and must thus not be + installed into the common perl search path. If the module part of + licensecheck is ever needed by another module, then the module would have + to be moved to a new binary package and marked as Architecture:any + Multi-Arch:same to avoid the multiarch interpreter problem. + + -- Johannes Schauer <[email protected]> Sun, 05 Feb 2017 09:31:18 +0100 + licensecheck (3.0.29-1) unstable; urgency=medium [ upstream ] diff -Nru licensecheck-3.0.29/debian/control licensecheck-3.0.29/debian/control --- licensecheck-3.0.29/debian/control 2017-01-24 11:52:22.000000000 +0100 +++ licensecheck-3.0.29/debian/control 2017-02-05 09:22:15.000000000 +0100 @@ -39,6 +39,7 @@ Recommends: ${cdbs:Recommends} Breaks: devscripts (<< 2.16.6~) Replaces: devscripts (<< 2.16.6~) +Multi-Arch: foreign Description: simple license checker for source files Licensecheck attempts to determine the license that applies to each file passed to it, by searching the start of the file for text diff -Nru licensecheck-3.0.29/debian/patches/series licensecheck-3.0.29/debian/patches/series --- licensecheck-3.0.29/debian/patches/series 1970-01-01 01:00:00.000000000 +0100 +++ licensecheck-3.0.29/debian/patches/series 2017-02-05 09:31:18.000000000 +0100 @@ -0,0 +1 @@ +use-private-module diff -Nru licensecheck-3.0.29/debian/patches/use-private-module licensecheck-3.0.29/debian/patches/use-private-module --- licensecheck-3.0.29/debian/patches/use-private-module 1970-01-01 01:00:00.000000000 +0100 +++ licensecheck-3.0.29/debian/patches/use-private-module 2017-02-05 09:31:18.000000000 +0100 @@ -0,0 +1,19 @@ +Description: use private licensecheck module + For the licensecheck binary package to be Multi-Arch foreign, the perl module + parts have to be hidden from the world and must thus not be installed into + the common perl search path. If the module part of licensecheck is ever needed + by another module, then the module would have to be moved to a new binary + package and marked as Architecture:any Multi-Arch:same to avoid the multiarch + interpreter problem. +Author: Johannes Schauer <[email protected]> + +--- licensecheck-3.0.29.orig/bin/licensecheck ++++ licensecheck-3.0.29/bin/licensecheck +@@ -17,6 +17,7 @@ use String::Escape qw(unbackslash); + use List::Util 1.45 qw(uniq uniqstr); + use Sort::Key::Multi 1.25 qw(rs_keysort rus_keysort); + ++use lib '/usr/share/licensecheck'; + use App::Licensecheck; + + =head1 NAME diff -Nru licensecheck-3.0.29/debian/rules licensecheck-3.0.29/debian/rules --- licensecheck-3.0.29/debian/rules 2017-01-24 11:50:10.000000000 +0100 +++ licensecheck-3.0.29/debian/rules 2017-02-05 09:31:18.000000000 +0100 @@ -16,6 +16,8 @@ # You should have received a copy of the GNU General Public License # along with this program. If not, see <http://www.gnu.org/licenses/>. +DEB_MAKEMAKER_USER_FLAGS=LIB=/usr/share/licensecheck + include /usr/share/cdbs/1/rules/utils.mk include /usr/share/cdbs/1/class/perl-makemaker.mk include /usr/share/cdbs/1/rules/debhelper.mk
