Comment 35 for bug 8770

Message-ID: <email address hidden>
Date: Sat, 18 Dec 2004 01:14:13 -0800
From: Steve Langasek <email address hidden>
To: Brian May <email address hidden>
Cc: <email address hidden>, Sam Hartman <email address hidden>
Subject: Re: Bug#274763: heimdal, krb5, krb4,
 openafs: kerberos implementations have several undeclared conflicts

--2B/JsCI69OhZNC5r
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Dec 17, 2004 at 09:10:23AM +1100, Brian May wrote:
> >>>>> "Steve" =3D=3D Steve Langasek <email address hidden> writes:

> Steve> Bi-directional conflicts are mandatory according to policy;
> Steve> IIRC, this is required to ensure that packages are
> Steve> de-installed in the correct order when a new conflicting
> Steve> package is installed.

> This is the first time I have been alerted that bi-directional
> conflicts are required. In the past I have always been under the
> impression a conflict in one direction implied a conflict in the other
> direction.

> However, I still fail to see the problem, maybe an example would help.

I'm afraid even quizzing a dpkg maintainer on IRC didn't shed any light on
this; for the moment I'm taking it as a given that there is a good reason to
require conflicts in both directions, unless someone thinks this is
sufficiently bad that they care to do the research to show that policy is
wrong. I suspect it's easier to just fix the packages. :-)

> Are there any situations where a conflict in only one direction is
> applicable? Are there any situations where a conflict in only one
> direction is OK?

There is at least one case where a unidirectional conflict is ok, and that's
when using both Conflicts: and Replaces: together.

> In any case, I suspect there may be a large number of packages in
> Debian that only conflict in one direction. I don't know of any way to
> test for such problems either.

That could be; I haven't checked.

> Steve> On the krb5-admin-server side, I believe the intent is
> Steve> still to have krb5-admin-server conflict directly with
> Steve> heimdal-kdc; so I think there's still a bug here, but I
> Steve> don't think it's severe enough on its own to be RC.
>=20
> Steve> Also, I see that you did not misspeak above, but did make
> Steve> heimdal-kdc conflict with krb5-kdc -- where this item was
> Steve> about krb5-admin-server. I don't know if there are other
> Steve> reasons for heimdal-kdc should conflict with krb5-kdc, but
> Steve> again strictly speaking, it should be conflicting with
> Steve> krb5-admin-server here in addition to (instead of?)
> Steve> krb5-kdc.

> I would have hoped that because krb5-admin-server depends on krb5-kdc,
> then this would be sufficient.

Theoretically, some future version of krb5-admin-server might no longer
depend on krb5-kdc, and the conflict information would fall through the
cracks; it's better to be explicit.

> Hmmmm... The more I think about it, the more I dislike this manual and
> error prone process of setting conflicts. Especially conflicts to
> prevent files clashing.

> Perhaps the package control file is no longer the best place to put
> this information?

Perhaps not, but that is probably a discussion best held on debian-policy.
:) FWIW, automation of Conflicts is also likely to be a bad idea in cases
where the conflict is unintentional and should be resolved by other means.

Cheers,
--=20
Steve Langasek
postmodern programmer

--2B/JsCI69OhZNC5r
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)

iD8DBQFBw/TiKN6ufymYLloRAh8JAJ9ygHfMqDrbW9nlR/soW7XY/D2OLACgo6/g
/Db3XwSm5h7Jy6yoFG47KO4=
=RNNd
-----END PGP SIGNATURE-----

--2B/JsCI69OhZNC5r--