Netplan

Bug #2025519
Comment #8

Comment 8 for bug 2025519

Revision history for this message

Steve Langasek (vorlon) wrote on 2023-09-02:

I've reviewed the package in the jammy queue, since Chris seemed to only get to the lunar one in his SRU shift. I have some questions that I expect may apply to both uploads.

It was initially confusing to me that this was a backport of a version that's been superseded in mantic, and also that it includes the addition of a number of files under debian/patches; I wondered why these had not been committed upstream. Then I saw that these were present in the -7 package, so this is ok from that perspective.

So then I diffed the upload in the jammy queue against 0.106.1-7 and found other packaging differences that don't make sense:

--- netplan.io-0.106.1/debian/libnetplan0.symbols 2023-07-20 06:11:50.000000000 -0700
+++ netplan.io-0.106.1/debian/libnetplan0.symbols 2023-08-24 03:11:14.000000000 -0700
@@ -26,9 +26,6 @@
  get_unspecified_address@Base 0.104
  global_backend@Base 0.104
  global_state@Base 0.104
- is_route_present@Base 0.106
- is_route_rule_present@Base 0.106.1
- is_string_in_array@Base 0.106.1
  is_wireguard_key@Base 0.100
  netdefs@Base 0.99
  netdefs_ordered@Base 0.99

Why is this backport missing symbols entries that are present in the unstable version? I see you've included a patch, debian/patches/sru-compat/0024-Avoid-unnecessary-export-of-API.patch, that patches these symbols out (which, confusingly accomplishes this by removing the NETPLAN_INTERNAL tag, which on its surface would appear to do the opposite?). But the net effect here is that you are now introducing a libnetplan0 package in the archive, whose version number is >= 0.106, but whose ABI does not match what is declared in later versions - so if someone installs this package in jammy, then upgrades to mantic, apt may not have correct information about the necessary order in which packages must be upgraded, because a new package using these symbols in mantic will think that the version in jammy satisfies the dependency!

So I think the correct course of action here is to NOT patch these out of the library's ABI.

--- netplan.io-0.106.1/debian/netplan.io.install 2023-07-25 03:18:01.000000000 -0700
+++ netplan.io-0.106.1/debian/netplan.io.install 2023-08-24 01:24:24.000000000 -0700
@@ -1,3 +1,4 @@
+lib/netplan/*
lib/systemd/system-generators/netplan
usr/libexec/netplan/*
usr/share/*

Why is this present only in the jammy backport and not in the unstable version? (Particularly as /lib should be avoided now in favor of /usr/lib)

I've reviewed the package in the jammy queue, since Chris seemed to only get to the lunar one in his SRU shift.  I have some questions that I expect may apply to both uploads.

It was initially confusing to me that this was a backport of a version that's been superseded in mantic, and also that it includes the addition of a number of files under debian/patches; I wondered why these had not been committed upstream.  Then I saw that these were present in the -7 package, so this is ok from that perspective.

So then I diffed the upload in the jammy queue against 0.106.1-7 and found other packaging differences that don't make sense:

--- netplan.io-0.106.1/debian/libnetplan0.symbols       2023-07-20 06:11:50.000000000 -0700
+++ netplan.io-0.106.1/debian/libnetplan0.symbols       2023-08-24 03:11:14.000000000 -0700
@@ -26,9 +26,6 @@
  get_unspecified_address@Base 0.104
  global_backend@Base 0.104
  global_state@Base 0.104
- is_route_present@Base 0.106
- is_route_rule_present@Base 0.106.1
- is_string_in_array@Base 0.106.1
  is_wireguard_key@Base 0.100
  netdefs@Base 0.99
  netdefs_ordered@Base 0.99

Why is this backport missing symbols entries that are present in the unstable version?  I see you've included a patch, debian/patches/sru-compat/0024-Avoid-unnecessary-export-of-API.patch, that patches these symbols out (which, confusingly accomplishes this by removing the NETPLAN_INTERNAL tag, which on its surface would appear to do the opposite?).  But the net effect here is that you are now introducing a libnetplan0 package in the archive, whose version number is >= 0.106, but whose ABI does not match what is declared in later versions - so if someone installs this package in jammy, then upgrades to mantic, apt may not have correct information about the necessary order in which packages must be upgraded, because a new package using these symbols in mantic will think that the version in jammy satisfies the dependency!

So I think the correct course of action here is to NOT patch these out of the library's ABI.

--- netplan.io-0.106.1/debian/netplan.io.install        2023-07-25 03:18:01.000000000 -0700
+++ netplan.io-0.106.1/debian/netplan.io.install        2023-08-24 01:24:24.000000000 -0700
@@ -1,3 +1,4 @@
+lib/netplan/*
 lib/systemd/system-generators/netplan
 usr/libexec/netplan/*
 usr/share/*

Why is this present only in the jammy backport and not in the unstable version?  (Particularly as /lib should be avoided now in favor of /usr/lib)