Hi there,
I package a lot of our internal software into RPMs. I am careful to make
sure new software releases correctly capture inter-package dependencies
to enforce correct software installs. So I was quite surprised this week
to witness a case in which RPM allowed a package to be installed, even
though its dependencies were not satisfied.
The operator who conducted the RPM upgrade in question did not use any
special command line options to defeat dependence checks. Here is the
output from the session in which this incorrect RPM upgrade took place.
$ rpm -q server modules
server-2.4.1-20050914.2025
modules-1.20.1-20050926.1621
$ sudo rpm -Uvh modules-1.22.1-20051013.1833.i386.rpm
Preparing... ########################################### [100%]
1:modules ########################################### [100%]
$ rpm -qp modules-1.22.1-20051013.1833.i386.rpm --requires
/bin/sh
/bin/sh
/bin/sh
/bin/sh
config(modules) = 1:1.22.1-20051013.1833
libc.so.6
libc.so.6(GLIBC_2.0)
libc.so.6(GLIBC_2.1)
libc.so.6(GLIBC_2.1.3)
libc.so.6(GLIBC_2.3.2)
libgcc_s.so.1
libgcc_s.so.1(GCC_3.0)
libm.so.6
libstdc++.so.5
libstdc++.so.5(CXXABI_1.2)
libstdc++.so.5(GLIBCPP_3.2)
server >= 2.6.1
rpmlib(CompressedFileNames) <= 3.0.4-1
rpmlib(PayloadFilesHavePrefix) <= 4.0-1
$ rpm -q server
server-2.4.1-20050914.2025
As you can see, the 'modules' RPM version 1.22.1 depends on the 'server'
RPM having version 2.6.1 or greater. But installed on the box is
'server' RPM 2.4.1. Nevertheless, the upgrade to 'modules' 1.22.1
succeeds, although it should have failed.
Can anyone think of a reason the dependence check failed to fail?
Other info:
OS: Red Hat Enterprise Linux ES release 3 (Taroon Update 5)
RPM versions:
rpm-4.2.3-24_nonptl
rpm-libs-4.2.3-24_nonptl
rpmdb-redhat-3-0.20050921
rpm-devel-4.2.3-24_nonptl
rpm-build-4.2.3-24_nonptl
Here is a (slightly sanitized) copy of my spec file for the 'modules'
RPM:
%define name modules
%define ver 1.22.1
%define rel 1
%define prefix /
%define subdir Server/modules
%define packager dlowell
%define source /tmp/rpmtree.dlowell.31159/SOURCES/modules-1.22.1.tar.gz
%define summary Server modules.
%define req server >= 2.6.1
%define tmpdir /tmp/myrpm.dlowell.31159
Summary: %{summary}
Name: %{name}
Version: %{ver}
Release: %{rel}
Vendor: Idetic, Inc.
Group: Server Software
License: Proprietary.
Source: %{source}
URL: http://www.idetic.com
Epoch: 1
Distribution: Idetic
Packager: %{packager}
BuildRoot: %{tmpdir}/%{name}-%{ver}-%{rel}-buildroot
BuildRequires: myrpm
Requires: %{req}
#Buildrequires:
#PreReq:
%description
This package contains server modules.
%changelog
#--------------------------------------------------
%prep
%setup -q
#%setup -n %{name}
#--------------------------------------------------
%build
cd %{subdir}; make
#--------------------------------------------------
%install
rm -rf $RPM_BUILD_ROOT
mkdir -p $RPM_BUILD_ROOT%{prefix}
cd %{subdir}; make install INSTALLROOT=$RPM_BUILD_ROOT%{prefix}
#--------------------------------------------------
%clean
rm -rf $RPM_BUILD_ROOT
#--------------------------------------------------
%pre
#
# No preinstall script needed for this RPM.
#
%post
#
# No postinstall script needed for this RPM.
#
%preun
#
# No preuninstall script needed for this RPM.
#
%postun
#--------------------------------------------------
%files -f %{subdir}/INSTALL_FILES
# %dir
# %config
Thank you for your help!
Dave
_______________________________________________
Rpm-list mailing list
Rpm-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/rpm-list
