Project

General

Profile

Actions

Bug #2949

closed

Rudder might try to remove essential packages on outdated systems

Added by Matthieu CERDA over 9 years ago. Updated over 7 years ago.

Status:
Released
Priority:
1
Assignee:
Matthieu CERDA
Category:
Techniques
Target version:
Severity:
UX impact:
User visibility:
Effort required:
Priority:

Description

Rudder might try to remove important packages on outdated systems:

On some systems (It has been seen in Debian), Rudder might try to remove important packages when they are too old because of failed dependencies resolution.

Example: On a KVM/libvirt hypervisor not up to date enough, Rudder tried to install collectd which ended in a removal of libvirt/kvm...

We might want to force aptitude/apt-get to KEEP packages at all costs and fail instead.

Actions #1

Updated by Matthieu CERDA over 9 years ago

  • Status changed from New to Discussion

I am a little blocked on this, by default CFE3 uses aptitude if present on the system with a fallback on apt-get, however the only options I found only impact apt-get:

// auto-remove breaks on meta packages
APT::Get::AutomaticRemove "0";
APT::Get::HideAutoRemove "1";

Cf.: http://www.linuxquestions.org/questions/debian-26/how-do-i-get-rid-of-autoremove-717521/

What should we do ? either force apt-get or try to find a workaround ?

Actions #2

Updated by Matthieu CERDA over 9 years ago

  • Assignee set to Jonathan CLARKE

Jon, maybe you could bring some insight here ?

Actions #3

Updated by Nicolas PERRON over 9 years ago

  • Target version changed from 2.3.9 to 2.3.10
Actions #4

Updated by Jonathan CLARKE over 9 years ago

  • Assignee changed from Jonathan CLARKE to Matthieu CERDA

Matthieu CERDA wrote:

I am a little blocked on this, by default CFE3 uses aptitude if present on the system with a fallback on apt-get, however the only options I found only impact apt-get:

[...]

Cf.: http://www.linuxquestions.org/questions/debian-26/how-do-i-get-rid-of-autoremove-717521/

What should we do ? either force apt-get or try to find a workaround ?

The equivalent option for aptitude is Aptitude::Delete-Unused, see http://media.fossclub.de/aptitude/html/en/ch02s05s05.html#configDelete-Unused.

I have tested adding -o "Aptitude::Delete-Unused=false" to aptitude's command line options, and it does indeed not remove any packages other than those explicitly requested (ie, aptitude remove bla will remove bla, but not any automatically installed dependencies).

I agree that this is a good way to avoid this bug, and it is much safer for Rudder not to use this automatic mechanism. As the aptitude manual itself states "As with any automatic process, there is a potential for things to go haywire." (see http://media.fossclub.de/aptitude/html/en/ch02s02s06.html). Please implement.

Actions #5

Updated by Matthieu CERDA over 9 years ago

  • Status changed from Discussion to Pending technical review
  • % Done changed from 0 to 100

Applied in changeset commit:1396b5247e32a5209ae4b241b9f11a0edbc996f9.

Actions #6

Updated by Jonathan CLARKE over 9 years ago

  • Status changed from Pending technical review to Pending release

Looks good to me!

Actions #7

Updated by Jonathan CLARKE over 9 years ago

Released in Rudder 2.4.0.

Actions #8

Updated by Jonathan CLARKE over 9 years ago

  • Project changed from Rudder to 24
  • Category deleted (Techniques)
Actions #9

Updated by Nicolas PERRON over 9 years ago

  • Status changed from Pending release to Released
Actions #10

Updated by Benoît PECCATTE over 7 years ago

  • Project changed from 24 to Rudder
  • Category set to Techniques
Actions

Also available in: Atom PDF