> Begin forwarded message:
>
> From: Jeff Johnson <n3...@mac.com>
> Subject: Re: [OM Cooker] rpm-5.4.16 snapshot
> Date: March 15, 2016 at 5:30:53 PM EDT
> To: Bernhard Rosenkraenzer <b...@lindev.ch>
> Cc: Cooker OpenMandriva <om-coo...@ml.openmandriva.org>
> Reply-To: Cooker OpenMandriva <om-coo...@ml.openmandriva.org>
>
>
> On Mar 15, 2016, at 5:12 PM, Bernhard Rosenkraenzer wrote:
>
>> Hi,
>> this looks interesting.
>> One question:
>> "3) (recommended) rpm-5.4.16 uses db-6.1.23 (not 6.1.26)"
>>
>> Did you have any particular problems with 6.1.26?
>> From the changelog, it looks like 6.1.26 is a bugfix release more than
>> anything else.
>> http://download.oracle.com/otndocs/products/berkeleydb/html/changelog_6_1.html#idp518176
>>
>
> Yes I had problems with db-6.1.26 and decided to punt for the moment. The
> issue is
> gonna be something silliy and obscure, not anything major.
>
> Once I get all the other stuff working, I will drill out db-6.1.26 issues.
> Meanwhile
> I expect most distros to still be using db-5.3.x (and perhaps db-5.2.x to
> avoid
> an obscure regression between db-5.2.x -> db-5.3.x with a duplicate key that
> POK has been screaming about for years and I have yet to see).
>
> I have checked with db-5.3.x and WORKSFORME. I can pretty simply recheck
> with db-5.[23].x if you are worried about functionality or portability.
>
>> Did it introduce any new bad things, or are you just recommending 6.1.23
>> because it has had more testing with rpm already?
>>
>
> There are going to be issues with DB_MULTIVERSION and DB_TXN_SNAPSHOT
> with non-root access to /var/lib/rpm/__db* files in order to create read
> locks even
> if only reading.
>
> rpm has been playing fast-and-loose for a long time now, permitting non-root
> reads without
> read locks and the very occaisonal segfault if a query is being performed
> while an install
> is actually being performed.
>
> There are 2 possible solutions, each with its own degrees of disruption:
>
> 1) (developers and single owners) switch to a "chmod g+w /var/lib/rpm" scheme
> and chmod g+s /usr/bin/rpm
> That of course propagates through entire tool chains like urpmi
>
> 2) push the dbenv __db* files into shared memory or /var/cache/rpm with
> rw_rw_rw access
> This opens several DoS attacks.
>
> But perhaps YMMV ... I am currently doing the "chmod g+w /var/lib/rpm"
> approach.
>
> BTW, if you want to try a parallel install of rpm-5.4.16 to system rpm, do
> this
> 1) add configure ... --with-paths-versioned
> 2) instead of doing "make install", do "make DESTDIR=/var/tmp/rpm-root"
> and copy the tree to /
> The issue is libtool relinking necessitates the versions being
> added after install -c ... which
> just clobbered /usr/bin/rpm ...
>
> Cloning the data base --with-paths-versioned SHOULD be as simple as doing
> cp /var/lib/rpm{,-5.4.16}
> rpm-5.4.16 --rebuilddb
> but YMMV.
>
> hth
>
> 73 de Jeff
>
>
>> ttyl
>> bero
>>
>> On 2016-03-15 21:28, Jeff Johnson wrote:
>>> There is a snapshot release of rpm-5.4.16 now available at
>>>
>>> http://rpm5.org/files/rpm/rpm-5.4/SNAPSHOT/rpm-5.4.16-0.20160315.src.rpm
>>> This is the first SRPM built by itself that is headed for release
>>> in the next few weeks that is being provided as a public reference
>>> point for integration and portability testing.
>>> See the included INSTALL document for the build pre-requisite versions used.
>>> From a distro POV, please note the following changes that are included
>>> in the snapshot that will (at least) need to be considered when upgrading:
>>> 1) (recommended) rpm-5.4.16 uses BLAKE2bp for file digests.
>>> BLAKe2bp is a 256bit digest that is faster than SHA256 (and MD5)
>>> that will improve installation speeds.
>>> Details are here:
>>> https://blake2.net
>>> 2) (recommended) rpm-5.4.16 uses libtomcrypt (rather than BeeCrypt).
>>> LibTomCrypt has support for ECDSA and is used by recent python and
>>> the linux kernel (iirc).
>>> Details are here:
>>> https://github.com/libtom/libtomcrypt
>>> 3) (recommended) rpm-5.4.16 uses db-6.1.23 (not 6.1.26) with
>>> DB_MULTIVERSION and DB_TXN_SNAPSHOT.
>>> DB_TXN_SNAPSHOT avoids deadlocks with copy-on-write rather than
>>> locking semantics.
>>> The change is necessary to support nested transactional commits
>>> in rpm like
>>> command transaction
>>> package transaction
>>> install transaction
>>> erase transaction
>>> without deadlocking on trigger lookups.
>>> Details about DB_MULTIVERSION and DB_TXN_SNAPSHOT can be found
>>> in the Oracle Berkeley DB documentation here:
>>> http://docs.oracle.com/cd/E17076_04/html/index.html
>>> As always, rpm can be configured to use any of ~120 digests, any of
>>> BeeCrypt
>>> NSS
>>> Openssl
>>> Libgcrypt
>>> LibTomCrypt
>>> and (most likely, unchecked) any version of Berkeley DB back to db-4.6.x.
>>> Bug reports are requested at
>>> https://launchpad.net/rpm
>>> Patches and discussion are requested at
>>> <rpm-devel@rpm5.org>
>>> Enjoy!
>>> 73 de Jeff
>>> _______________________________________________
>>> OM-Cooker mailing list
>>> om-coo...@ml.openmandriva.org
>>> http://ml.openmandriva.org/mailman/listinfo/om-cooker_ml.openmandriva.org
>>
>
>
> _______________________________________________
> OM-Cooker mailing list
> om-coo...@ml.openmandriva.org
> http://ml.openmandriva.org/mailman/listinfo/om-cooker_ml.openmandriva.org
