Soyuz should not allow duplicated packages in NEW/UNAPPROVED queue

Bug #62976 reported by Colin Watson on 2006-09-29
44
This bug affects 7 people
Affects Status Importance Assigned to Milestone
Launchpad itself
Critical
Wendell Nicolas

Bug Description

It's still possible for two uploads with the same package name and version to land in the unapproved queue; furthermore it is then possible to simultaneously accept both of them. Neither of these should be allowed.

OOPS-2018FTPMASTERPUBLISH1

Celso Providelo (cprov) wrote :

That's unfortunatelly right ...

As we discussed on IRC, the fact we allow dups in NEW & UNAPPROVED is annoying, but the fix will require a fix in nascentupload workflow which we are trying to keep quiet until we land ArchiveRework (because the code will need redesign for PPA anyway).

My suggestion is to workaround this situation with two fixes:

 * Materialize the state updates for each item inside the queue action batch, so the already existent lookup will find the just-modified candidate (this is a bug in previous implementation, one line fix)

 * Fix queue "fetch" action to use ID as a tie-breaker when writing dupes to disk, so foo_1.0.dsc will become foo_1.0.dsc-<ID> if it is already in disk.

Kamion, would you be satisfied (for a while) with this alternative plan ?

Changed in soyuz:
assignee: nobody → cprov
importance: Undecided → High
status: Unconfirmed → Confirmed
Colin Watson (cjwatson) wrote :

I'm not sure I understand your first fix. If it means "if an upload is already in the unapproved queue, then reject it", then that sounds good. If not, could you please explain further?

Please don't apply your second fix! If you munge the filenames around, then debdiff won't work properly because the filenames in the Files: sections of the .dsc files will be wrong, making 'queue fetch' largely useless. Please just make 'queue fetch' refuse to fetch an item if the files it wants to write already exist.

Celso Providelo (cprov) wrote :

You did, the code to refuse (name, version) duplication in ACCEPTED queue is already in place, but it doesn't work inside the same batch ("queue accept foo").

Ok, I didn't think about the filename mess with debdiff, thank you for pointing it.
The second fix will become:

 * Refuse to fetch queue items which will generate disk file overwrite (warn the user about the conflict)

Is it better ?

Celso Providelo (cprov) wrote :

prototype almost done in my `queue-ui`

Changed in soyuz:
status: Confirmed → In Progress
Celso Providelo (cprov) wrote :

Workaround split into bug #65052, will keep this one as Confirmed/High, so it can be addressed properly soon.

Changed in soyuz:
assignee: cprov → nobody
status: In Progress → Confirmed
Robert Collins (lifeless) wrote :

@Julian I think this is the earliest bug showing that the data model permits duplicates we want to avoid - possibly not the one blocking parallel uploaders, but related closely perhaps?

tags: added: rfwtad
Julian Edwards (julian-edwards) wrote :

Rob, yes pretty much. See also bug 556839

William Grant (wgrant) wrote :

This was seen again in OOPS-2018FTPMASTERPUBLISH1, where two uploads with conflicting orig tarballs were both in NEW, and accepted within a single transaction.

Julian Edwards (julian-edwards) wrote :

Bumping to Critical because it causes OOPSes.

Changed in launchpad:
importance: High → Critical
tags: added: oops
description: updated

Any easy short-term fix would be to throw an error back to the user if we
detect simultaneous acceptance of conflicting packages when the archive admin
accepts a batch of packages.

Note that this generally only happens when they use the "queue" script tool as
the archive admin will try and accept package "foo" before they list how many
were uploaded. The UI package does not work like this, it requires you to
search for packages before you click on the packages so it would also be more
obvious that there are multiple uploads.

The queue script needs to die, in fire.

piotr zimoch (ebytyes) on 2013-06-14
Changed in launchpad:
status: Triaged → New
status: New → Incomplete
status: Incomplete → Opinion
status: Opinion → Invalid
status: Invalid → Confirmed
status: Confirmed → In Progress
status: In Progress → Fix Committed
status: Fix Committed → Fix Released
Changed in ubuntu:
status: New → Incomplete
status: Incomplete → Opinion
status: Opinion → Invalid
status: Invalid → Confirmed
status: Confirmed → In Progress
status: In Progress → Fix Committed
status: Fix Committed → Fix Released
William Grant (wgrant) on 2013-06-14
Changed in ubuntu:
status: Fix Released → New
Changed in launchpad:
status: Fix Released → Triaged
no longer affects: ubuntu
Changed in launchpad:
status: Triaged → Confirmed
Curtis Hovey (sinzui) on 2013-09-16
Changed in launchpad:
status: Confirmed → Triaged
Changed in launchpad:
status: Triaged → New
affects: launchpad → google-launchpad-migrator
Changed in google-launchpad-migrator:
assignee: nobody → dexter dimaculangan (dexterjohn2011)
status: New → Confirmed
William Grant (wgrant) on 2015-11-12
affects: google-launchpad-migrator → launchpad
Changed in launchpad:
status: Confirmed → Triaged
assignee: dexter dimaculangan (dexterjohn2011) → nobody
Colin Watson (cjwatson) wrote :

@dexterjohn2011, I'm not quite sure what you're doing, but this definitely does not belong on google-launchpad-migrator; it has nothing to do with Google Code project bugs. Reverting changes.

information type: Public → Public Security
William Grant (wgrant) on 2016-04-17
information type: Public Security → Public
Lukasz (lukaszek130388) on 2016-05-16
Changed in launchpad:
status: Triaged → Fix Released
Colin Watson (cjwatson) on 2016-05-16
Changed in launchpad:
status: Fix Released → Triaged
Thanatas (xaxadmin) on 2016-07-12
Changed in launchpad:
status: Triaged → Fix Released
Colin Watson (cjwatson) on 2016-07-12
Changed in launchpad:
status: Fix Released → Triaged
Colin Watson (cjwatson) on 2016-07-25
no longer affects: ubuntu
wax miguel (waxmigs2902) on 2017-02-02
Changed in launchpad:
status: Triaged → Confirmed
William Grant (wgrant) on 2017-02-04
Changed in launchpad:
status: Confirmed → Triaged
Changed in launchpad:
assignee: nobody → Anthony Ochoa (anthony1985)
William Grant (wgrant) on 2017-07-22
no longer affects: ubuntu
Changed in launchpad:
assignee: Anthony Ochoa (anthony1985) → nobody
Changed in launchpad:
assignee: nobody → Wendell Nicolas (dentubuntu)
To post a comment you must log in.
This report contains Public information  Edit
Everyone can see this information.

Duplicates of this bug

Other bug subscribers