RPM currently supports SHA-2 in RPMTAG_FILEDIGESTS, but it doesn't handle
packages that change digest algorithm (e.g. on upgrades) correctly.
(I'm not an expert at RPM code. Please correct me if I'm wrong.)
There are three places where RPM compares file digests from different packages:
- handleInstInstalledFiles
- handleOverlappedFiles
- rpmfiDecideFate
In all three cases at least one of the digests comes from a complete RPM package, so it should be possible to unpack the payload of the package and compute digests of "the other" type for all files in the package.
Different digests cannot be computed from payload content "on-the-fly" unless
1) payloads are unpacked earlier
2) file resolutions are computed later
either of which is a profound design change to rpmlib.
Created attachment 330017
spec files for test rpms
Attached are specs for test RPMs. s,/home/mitr/ht,your_test_directory,g, and build all using the default settings (md5), and build all but *1.spec with "--define '_binary_filedigest_algorithm 8'" as well.
Setting up testing environment
==============================
ht=/home/mitr/ht # or your own
mkdir -p $ht/rpmdb
cd $ht
myrpm() { rpm --dbpath $ht/rpmdb "$@"; }
myrpm --initdb
Testing %config handling (rpmfiDecideFate)
==========================================
# %files of ht_config* contain:
# %config(noreplace) config_file
# %config config_replace
for action in (do nothing, change config_*), new in (changed,same) do:
myrpm -ivh ht_config-1-1.noarch.rpm
# $action
myrpm -Uvh ht_config-2$new-1.noarch.rpm
ll $ht/config_*
myrpm -ev ht_config
results when all packages use md5:
(do nothing, changed): files changed
(do nothing, same): file dates changed
(change files, changed): creates config_file.rpmnew, config_replace.rpmsave; on erase creates config_file.rpmsave
(change files, same): changes kept on disk; on erase .rpmsave created for both files
results when *1 uses md5, *2* uses sha2:
(do nothing, changed): files changed
(do nothing, same): file dates changed
(change files, changed): files overwritten, old data lost!
(change files, same): files overwritten, old data lost!
results when *1 uses md5, *2* uses sha2, after applying rpm-4.6.0-rc3-config-hashes.patch:
(do nothing, changed): files changed
(do nothing, same): file dates changed
(change files, changed): creates config_file.rpmnew, config_replace.rpmsave; on erase creates config_file.rpmsave
(change files, same): config_file change kept on disk (creates .rpmnew), config_replace overwritten (creates .rpmsave)
on erase creates config_file.rpmsave
Testing file conflict handling (handleInstInstalledFiles, handleOverlappedFiles):
================================================================================
for kind in (same,different), action in (together,separately):
other=ht_conflict$(kind==same ? 1a : 2)-1-1
if action==together:
myrpm -ivh ht_conflict1-1-1.noarch.rpm $other.noarch.rpm
else:
myrpm -ivh ht_conflict1-1-1.noarch.rpm
myrpm -ivh $other.noarch.rpm
myrpm -ev ht_conflict1 $other
results when all packages use md5:
(same,together): installs OK
(same,separately): installs OK
(different,together): conflict message, nothing installed
(different,separately): conflict message, $other not installed
Results when *1.* uses md5, $other uses sha2:
(same,together): conflict message, nothing installed
(same,separately): conflict message, $other not installed
(different,together): conflict message, nothing installed
(different,separately): conflict message, $other not installed
Created attachment 330021
Don't throw away user's modified config files on cross-hash upgrades
Given the above tests, it might be practical not to recompute the hashes. To summarize the changes between all-md5 and mixed environments:
* If %config files are updated, current rpm will always overwrite with the new
version, discarding any local changes.
The attached patch makes rpm conservative: If a %config file was locally
modified and the original and new packages use different hashes, it will always
create .rpmnew/.rpmsave files. With this change, %config(noreplace) files
are always treated in the same way they would be treated in an all-md5
environment.
%config (no noreplace) files will move user's modifications to .rpmsave files
even if the config file has not changed between two packages with different
hashes. Fedora guidelines suggest using noreplace in most cases (rpmlint even
warns about %config without noreplace), so this might be good enough.
* It is impossible to share files between packages that use different hashes,
unless the packages use different colors and rpm processes them. This
shouldn't impact multilib because both multilib versions are built at the
same time, and perhaps because the color handling overrides conflicts.
I can't think of any other reasonable use for packages with file conflicts,
and even if there is such an use, the conflicting packages would most likely
be built together and use the same hash type.
Perhaps using only this patch, and adding a release note to F11/F12 (as long as F10 is supported) and to RHEL5 is good enough?
same hash type (and perhaps because rpm will
Applied upstream (with slightly changed comment to fit it on one line :), thanks for the patch and testing efforts.
This will go to rawhide (and eventually F10 updates too) on next update round, but note that there's no way the digestalgo stuff is going to get backported to rpm 4.4.x. For RHEL it doesn't matter as only supported upgrade path is through anaconda where this is not an issue, for Fedora it's just preupgrade from F9 and older which wont work.
rpm-4.6.0-1.fc10 has been pushed to the Fedora 10 testing repository. If problems still persist, please make note of it in this bug report.
If you want to test the update, you can install it with
su -c 'yum --enablerepo=updates-testing update rpm'. You can provide feedback for this update here: http://admin.fedoraproject.org/updates/F10/FEDORA-2009-1478
RPM currently supports SHA-2 in RPMTAG_FILEDIGESTS, but it doesn't handle
packages that change digest algorithm (e.g. on upgrades) correctly.
(I'm not an expert at RPM code. Please correct me if I'm wrong.)
There are three places where RPM compares file digests from different packages: lledFiles dFiles
- handleInstInsta
- handleOverlappe
- rpmfiDecideFate
In all three cases at least one of the digests comes from a complete RPM package, so it should be possible to unpack the payload of the package and compute digests of "the other" type for all files in the package.