Web lists-archives.com

Re: Removal of linux-base from jessie-backports broke Xen upstream CI


On 2/13/19 1:09 PM, Ian Jackson wrote:
> I would like to recount a situation.  I'm not sure where, if anywhere,
> the root bug(s) lie, but I am inclined to say that a big part of the
> problem was a change to the contents of jessie-backports.  I would be
> interested to hear what the backports team and ftpmaster have to say;
> in particular, if anyone knows the answers to my questions below.
> My tentative conclusions are that:
> 1. Packages should not be removed from foo-backports just because a
> similar package is in foo-security, because there are situations where
> a host may have been relying on the package being in foo-backports and
> a similar (even, newer) package being in foo-security is not
> sufficient.

 I very much disagree with that. That situation obsoleted the one in
-backports, and thus it made no sense to continue to carry it.

> 2. Cruft removal in stable releases, including in -backports, should
> perhaps be done with care/caution/announcement or something.

 -backports accompanies stable.  There was no package removed from the
complete suite of stable + -backports.  Also, we also remove packages
from -backports when they become unavailable in testing/unstable and
thus can't be considered a backport anymore.  That includes packages
that weren't even in stable - which isn't an easy decision, but it
doesn't make sense to carry packages solely in -backports (which isn't
the case here - just as a help for understanding the background).

> Using the jessie-backports kernel with the jessie installer involves
> using the preseed hook mechanism to add jessie-backports to the
> target's apt sources, and an in-target apt-get install rune to install
> the kernel package.
> (Using the jessie-backports kernel also involves editing the installer
> image to have the jessie-backports kernel and modules, but that is not
> relevant to this tale.)

 I don't really follow - you now can get rid of that special casing
(which had to be added specifically) and reduce complexity.  I actually
see this even as a win situation for your setup.

> However, after that change to the archive, the dependency resolver
> from jessie's apt, in our CI, is no longer willing to update to
> linux-base from jessie-security.  (I have not yet investigated in
> detail but I suspect that the apt-get -t jessie-backports rune above
> is part of that causal chain.)

 Please simply remove the special casing and move on?  I really don't
understand why this needs to be made a big fuzz about.

> The reason I say that I am not sure is that the CI commit which added
> that rune had, according to its commit message, an additional effect
> of putting backports in the apt sources; perhaps that latter would
> have been sufficient.  (After I have sent this mail I am going to mess
> about with the system to find a way to get it working properly again.)
> Q: Was `apt-get install -t backports linux-base'
>    unnecessary (and wrong) ?

 If you needed the newer package that would be the sensible approach.
But things changed, it is _now_ unecessary (and was even before removal
of the package from backports).  So that special casing can get dropped.

> It is unfortunate that something which worked for a period of over 2
> years was broken by an archive change.

 Sometimes things change. The package wouldn't be maintained in
backports anymore and thus even had put you in a bad spot if you
wouldn't have pulled in the package from stable directly, even if we
kept it around (and dangling and unsupported and ...)

> Q. Why was linux-base removed from jessie-backports ?

 Because it was pointed out to me and it was the sensible thing to do.
While I now see that it causes issues for specifically crafted setups
like you have, technically it was the proper thing to do - and now
knowing that it caused issues for your setup I very likely would still
do it because having unsupported packages lying around makes very little
sense because it sends the wrong message.

 Thanks for bringing this to our attention.  I think what we can do is
announce removal of packages to make people aware of the whys.