Ubuntu
apt package

updating php5 metapackage brings in unnecessarily libapache2-mod-php5

Bug #1333745 reported by Stoyan Stoyanov
8
This bug affects 1 person
Affects Status Importance Assigned to Milestone
apt (Ubuntu)
New
Undecided
Unassigned

Bug Description

Description: Ubuntu 14.04 LTS
Release: 14.04

I have a system with the following packages installed:

ii php5 5.5.9+dfsg-1ubuntu4 all server-side, HTML-embedded scripting language (metapackage)
ii php5-cgi 5.5.9+dfsg-1ubuntu4 amd64 server-side, HTML-embedded scripting language (CGI binary)
ii php5-common 5.5.9+dfsg-1ubuntu4 amd64 Common files for packages built from the php5 source
ii php5-gd 5.5.9+dfsg-1ubuntu4 amd64 GD module for php5
ii php5-json 1.3.2-2build1 amd64 JSON module for php5
ii php5-mysql 5.5.9+dfsg-1ubuntu4 amd64 MySQL module for php5

If I attempt to update these, libapache2-mod-php5 gets pulled in as a dependency although the installed php5-cgi should be sufficient to satisfy the dependency requirements of php5:

The following NEW packages will be installed:
   libapache2-mod-php5 (5.5.9+dfsg-1ubuntu4.1)
   php5-cli (5.5.9+dfsg-1ubuntu4.1)
   php5-readline (5.5.9+dfsg-1ubuntu4.1)
The following packages will be upgraded:
   php5 (5.5.9+dfsg-1ubuntu4 => 5.5.9+dfsg-1ubuntu4.1)
   php5-cgi (5.5.9+dfsg-1ubuntu4 => 5.5.9+dfsg-1ubuntu4.1)
   php5-common (5.5.9+dfsg-1ubuntu4 => 5.5.9+dfsg-1ubuntu4.1)
   php5-gd (5.5.9+dfsg-1ubuntu4 => 5.5.9+dfsg-1ubuntu4.1)
   php5-mysql (5.5.9+dfsg-1ubuntu4 => 5.5.9+dfsg-1ubuntu4.1)

If I update the php5-* packages first and then attempt to update php5 everything works as expected.

Revision history for this message
Robie Basak (racb) wrote :

Thank you for taking the time to file this report and helping to make Ubuntu better.

I think I can reproduce the behaviour you're seeing, but I don't think this is a bug.

If I use "apt-get install php5" after the security update has appeared, then I see the behaviour you describe. But this is not the recommended way of installing security updates.

Instead, you should use "apt-get dist-upgrade" to get all relevant updates. If you want to be very specific about what you want installed, then you should use apt pinning, or specifically state "apt-get install php5 php5-cgi" to specify the alternate dependency specifically, to avoid pulling in libapache2-mod-php5.

Since I don't think this is a bug in Ubuntu, I'm marking this bug as Invalid. If you disagree, please explain and then change the bug status back to New.

Changed in php5 (Ubuntu):
status: New → Invalid
Revision history for this message
Ondřej Surý (ondrej) wrote :

In any case this is not a bug in php5, but in apt dependencies resolution.

affects: php5 (Ubuntu) → apt (Ubuntu)
Revision history for this message
Stoyan Stoyanov (stoyansbg) wrote :

Thank you for taking the time to reply, Robie.

I think that "apt-get install $package" is the correct way of upgrading individual packages. From the "install" section of the apt-get man page:

"This is also the target to use if you want to upgrade one or more already-installed packages without upgrading every package you have on your system."

Anyway, the method you choose to update the package is irrelevant. The problem first manifested itself with unattended-upgrades, but did not want to add this to my report in order not to add more variables.

You should not need to explicitly specify the dependency (php5-cgi) if the package is already installed and, in this case, also due to be upgraded.

Changed in apt (Ubuntu):
status: Invalid → New
Revision history for this message
Stoyan Stoyanov (stoyansbg) wrote :

This seems to be related to a bug reported years ago. (https://bugs.launchpad.net/ubuntu/+source/apt/+bug/423071)

As with the other bug, apt seems to ignore the fact that the already installed php5-cgi pakage, upgrade for which is also available, once upgraded will satisfy the first ("OR-ed") part of the dependency.

Depends: libapache2-mod-php5 (>= 5.5.9+dfsg-1ubuntu4.1) | libapache2-mod-php5filter (>= 5.5.9+dfsg-1ubuntu4.1) | php5-cgi (>= 5.5.9+dfsg-1ubuntu4.1) | php5-fpm (>= 5.5.9+dfsg-1ubuntu4.1), php5-common (>= 5.5.9+dfsg-1ubuntu4.1)

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.