sks postinst uses dpkg-vendor, but doesn't depend on dpkg-dev (nor should it)
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Precise Backports |
Won't Fix
|
Undecided
|
Unassigned | ||
sks (Ubuntu) |
Fix Released
|
High
|
Dustin Kirkland | ||
Precise |
Fix Released
|
High
|
Dustin Kirkland | ||
Quantal |
Fix Released
|
High
|
Dustin Kirkland |
Bug Description
A recent change to sks packaging uses the dpkg-vendor command to determine if the current OS derives from Ubuntu. dpkg-vendor is provided by the dpkg-dev package, which sks does not, and should not depend on.
In order for the postinst to behave properly, it needs to gracefully handle the situation where the dpkg-vendor command does not exist.
ubuntu@
Reading package lists... Done
Building dependency tree
Reading state information... Done
0 upgraded, 0 newly installed, 1 reinstalled, 0 to remove and 6 not upgraded.
Need to get 0 B/802 kB of archives.
After this operation, 0 B of additional disk space will be used.
(Reading database ... 25941 files and directories currently installed.)
Preparing to replace sks 1.1.1+dpkgv3-
Stopping sks daemons: sksrecon.. sksdb.. done.
Unpacking replacement sks ...
Processing triggers for ureadahead ...
Processing triggers for man-db ...
Setting up sks (1.1.1+
debian-sks uid check: ok
debian-sks homedir check: ok
/var/lib/
Starting sks daemons: Not starting sks (as configured in /etc/default/sks)
== SRU ==
=== IMPACT ===
This bug impacts any 12.04 server running SKS where dpkg-dev is not installed (which is often the case), and upgrades to the current package in precise-updates. dpkg-dev would drag in a handful of development level utilities and compilers that many administrators would not want on their production server.
=== TEST CASE ===
Take a 12.04 server installed prior to July 9, 2012, with SKS installed. In my case, I started a 12.04 server in EC2, and commented out the two lines in /etc/apt/
$ sudo apt-get update && sudo apt-get install -y sks
Then, uncomment the precise-updates lines in /etc/apt/
$ sudo apt-get update && sudo apt-get install -y sks
=== REGRESSION POTENTIAL ===
As implemented, minimal.
=== MINIMAL PATCH ===
diff -Nru sks-1.1.
--- sks-1.1.
+++ sks-1.1.
@@ -73,7 +73,8 @@
if [ -r /var/lib/
else
- if dpkg-vendor --derives-from Ubuntu; then
+ if (type dpkg-vendor >/dev/null && dpkg-vendor --derives-from Ubuntu) || \
+ [ -e /etc/dpkg/
if dpkg --compare-versions "$2" lt "1.1.1+dpkgv3-6.1"; then
summary: |
- sks postinst uses dpkg-vendor, but doesn't depend on dpkg-dev + sks postinst uses dpkg-vendor, but doesn't depend on dpkg-dev (nor + should it) |
Changed in sks (Ubuntu): | |
importance: | Undecided → High |
assignee: | nobody → Dustin Kirkland (kirkland) |
status: | New → In Progress |
Changed in sks (Ubuntu Precise): | |
status: | New → In Progress |
importance: | Undecided → High |
assignee: | nobody → Dustin Kirkland (kirkland) |
description: | updated |
Changed in sks (Ubuntu Precise): | |
status: | In Progress → Fix Committed |
Changed in sks (Ubuntu Quantal): | |
status: | In Progress → Fix Committed |
Changed in precise-backports: | |
status: | New → Won't Fix |
Try not to use "Fix Committed" for SRUs when you upload, as we use that to track when they land in -proposed (and set it automatically when we accept the SRU).