Bug 39092 - univention-updater should not remove univention-server packages
univention-updater should not remove univention-server packages
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: Update - univention-updater
UCS 4.0
Other Linux
: P5 normal (vote)
: UCS 4.2
Assigned To: Stefan Gohmann
Felix Botner
: interim-2
: 39481 42966 (view as bug list)
Depends on:
Blocks: 43613
  Show dependency treegraph
 
Reported: 2015-08-06 12:40 CEST by Janek Walkenhorst
Modified: 2017-04-04 18:29 CEST (History)
4 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 7: Crash: Bug causes crash or data loss
Who will be affected by this bug?: 1: Will affect a very few installed domains
How will those affected feel about the bug?: 5: Blocking further progress on the daily work
User Pain: 0.200
Enterprise Customer affected?: Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Ticket number: 2016111521000301
Bug group (optional):
Max CVSS v3 score:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Janek Walkenhorst univentionstaff 2015-08-06 12:40:50 CEST
Investigate marking the SP:univention-server BPs (e.g. BP:univention-server-master) as "Essential":

The role-meta-package depends on very many other packages and thus apt-get often thinks the best way to resolve conflicts is removing the role-meta-package. But this is never the correct solution for UCS systems.

As "Essential" packages will never be removed this may point apt in the right direction to solve (or at least stop apt from effectively destroying the system)
Comment 1 Stefan Gohmann univentionstaff 2016-01-28 07:37:33 CET
Should be checked with UCS 4.2.
Comment 2 Florian Best univentionstaff 2016-02-23 13:58:13 CET
*** Bug 39481 has been marked as a duplicate of this bug. ***
Comment 3 Florian Best univentionstaff 2016-05-12 10:52:35 CEST
Occurred again in Bug #41215.
Comment 4 Stefan Gohmann univentionstaff 2016-08-24 14:35:26 CEST
Please refer:
 https://www.debian.org/doc/debian-policy/ch-binary.html#s3.8

I don't think it is the right way to mark our server packages as essential. We already check the status in our postup.sh file. I think we should also add a Nagios check which checks if the role package is installed.

If it happens often, we should add a check in the preup.sh and block the upgrade if the server package should be removed.
Comment 5 Janek Walkenhorst univentionstaff 2016-08-24 14:50:34 CEST
(In reply to Stefan Gohmann from comment #4)
> Please refer:
>  https://www.debian.org/doc/debian-policy/ch-binary.html#s3.8
> 
> I don't think it is the right way to mark our server packages as essential.
The description seems ill-fitting, maybe the priority could be changed instead
 <https://www.debian.org/doc/debian-policy/ch-archive.html#s-priorities>
but I don't know if or how apt-get considers the package priority.

> We already check the status in our postup.sh file.
> I think we should also
> add a Nagios check which checks if the role package is installed.
Is that not a bit too late?

> If it happens often, we should add a check in the preup.sh and block the
> upgrade if the server package should be removed.
I think this should be added in any case.
Comment 6 Florian Best univentionstaff 2016-08-29 15:48:43 CEST
(In reply to Stefan Gohmann from comment #4)
> If it happens often, we should add a check in the preup.sh and block the
> upgrade if the server package should be removed.
What is "often"? I saw this myself a lot of times, especially in development phases.
Comment 7 Stefan Gohmann univentionstaff 2016-08-31 17:11:42 CEST
(In reply to Janek Walkenhorst from comment #5)
> > We already check the status in our postup.sh file.
> > I think we should also
> > add a Nagios check which checks if the role package is installed.
> Is that not a bit too late?

Maybe, but it might also happen in other situations.

> > If it happens often, we should add a check in the preup.sh and block the
> > upgrade if the server package should be removed.
> I think this should be added in any case.

Then, I suggest to change the topic and the target of this bug. Otherwise we create a new bug and remove the TM of this bug.
Comment 8 Janek Walkenhorst univentionstaff 2016-08-31 17:21:21 CEST
(In reply to Stefan Gohmann from comment #7)
> (In reply to Janek Walkenhorst from comment #5)
> > > […] we should add a check in the preup.sh and block the
> > > upgrade if the server package should be removed.
> > I think this should be added in any case.
> 
> Then, I suggest to change the topic and the target of this bug. Otherwise we
> create a new bug and remove the TM of this bug.

univention-updater should evaluate the --simulate runs if any univention-server package will be removed and if so stop the upgrade.
Comment 9 Florian Best univentionstaff 2016-09-20 16:13:15 CEST
Also in Bug #42450 was univention-server-master marked for removal.
Comment 10 Stefan Gohmann univentionstaff 2016-12-14 20:47:47 CET
*** Bug 42966 has been marked as a duplicate of this bug. ***
Comment 11 Florian Best univentionstaff 2017-02-10 11:26:09 CET
>           What    |Removed                     |Added
>----------------------------------------------------------------------------
>          User Pain|                            |0.046
>        Who will be|---                         |1: Will affect a very few
>   affected by this|                            |installed domains
>               bug?|                            |
>           Assignee|updater-maintainers@univent |gohmann@univention.de
>                   |ion.de                      |
>     How will those|---                         |2: A Pain – users won’t
>      affected feel|                            |like this once they notice
>     about the bug?|                            |it
>   What type of bug|---                         |4: Minor Usability: Impairs
>           is this?|                            |usability in secondary
>                   |                            |scenarios
>       What kind of|---                         |Bug Report
>      report is it?|                            |

→ I think the rating is not really correct.
1. This is more a Development Internal bug as this happens very often during development. I experienced this 2 times during UCS 4.2 development and another 3 time is currently possible on UCS 4.2 if you want to "apt-get install python-2.6-dev" but luckily i recognized it this time and didn't crash my system.
So the value "1: Will affect a very few installed domains" might be correct if "installed domains" refers to our customers.

2. "2: A Pain – users won’t like this once they notice it"
→ This is wrong in my opinion. If this ever occurs on a customer system I would return the product immediately and this would block all of my work.

3. "4: Minor Usability: Impairs usability in secondary scenarios"
→ Also this is not really true. It crashes your whole system.
Comment 12 Stefan Gohmann univentionstaff 2017-02-10 12:00:36 CET
(In reply to Florian Best from comment #11)
> → I think the rating is not really correct.
> 1. This is more a Development Internal bug as this happens very often during
> development. I experienced this 2 times during UCS 4.2 development and
> another 3 time is currently possible on UCS 4.2 if you want to "apt-get
> install python-2.6-dev" but luckily i recognized it this time and didn't
> crash my system.
> So the value "1: Will affect a very few installed domains" might be correct
> if "installed domains" refers to our customers.

Yes, it refers to our customers.

> 2. "2: A Pain – users won’t like this once they notice it"
> → This is wrong in my opinion. If this ever occurs on a customer system I
> would return the product immediately and this would block all of my work.
> 
> 3. "4: Minor Usability: Impairs usability in secondary scenarios"
> → Also this is not really true. It crashes your whole system.

OK, I think we have two different scenarios. In one scenario, only the server role package is removed and that is normally not critical. In the second scenario the server role package is removed and the slapd or another important package, for example: Bug #41215.
Comment 13 Stefan Gohmann univentionstaff 2017-02-16 11:26:56 CET
A new check has been added to the UCS 4.2 preup check: r76717 + r76723

Changelog: r76738
Comment 14 Florian Best univentionstaff 2017-02-16 13:06:58 CET
*** Bug 40504 has been marked as a duplicate of this bug. ***
Comment 15 Florian Best univentionstaff 2017-02-16 13:11:29 CET
(In reply to Stefan Gohmann from comment #12)
> OK, I think we have two different scenarios. In one scenario, only the
> server role package is removed and that is normally not critical. In the
> second scenario the server role package is removed and the slapd or another
> important package, for example: Bug #41215.
Well, yes there might be two different scenarios.
Your fix is basically Bug #40504 - which helps our customers.
I would like if this would also be prevented on a deeper layer (apt/dpkg) to protect more efficient against this case, as comment #0 suggests. Bug #41215 fixed the underlying reason and not that it is not possible anymore:
A simple "apt-get install python2.6-dev" on UCS 4.2 will currently trigger this.
Comment 16 Stefan Gohmann univentionstaff 2017-02-16 13:46:18 CET
(In reply to Florian Best from comment #15)
> (In reply to Stefan Gohmann from comment #12)
> > OK, I think we have two different scenarios. In one scenario, only the
> > server role package is removed and that is normally not critical. In the
> > second scenario the server role package is removed and the slapd or another
> > important package, for example: Bug #41215.
> Well, yes there might be two different scenarios.
> Your fix is basically Bug #40504 - which helps our customers.

Yes, to help our customers was my target, see also Comment #8.

> I would like if this would also be prevented on a deeper layer (apt/dpkg) to
> protect more efficient against this case, as comment #0 suggests. Bug #41215
> fixed the underlying reason and not that it is not possible anymore:
> A simple "apt-get install python2.6-dev" on UCS 4.2 will currently trigger
> this.

Feel free to create a new one.
Comment 17 Felix Botner univentionstaff 2017-02-22 11:23:46 CET
OK - preup fail_if_role_package_will_be_removed
OK - changelog
Comment 18 Stefan Gohmann univentionstaff 2017-04-04 18:29:07 CEST
UCS 4.2 has been released:
 https://docs.software-univention.de/release-notes-4.2-0-en.html
 https://docs.software-univention.de/release-notes-4.2-0-de.html

If this error occurs again, please use "Clone This Bug".