Univention Bugzilla – Bug 57292
UCS@School installs "unmaintained" packages
Last modified: 2024-05-21 13:10:57 CEST
According to the documentation UCS differentiates between "maintained" and "unmaintained" packages. https://docs.software-univention.de/manual/5.0/en/software/repository-server.html#software-config-repo states "unmaintained packages are not covered by security updates or other maintenance." When installing UCS@School several additional packages are installed depending on the role of the system. Some (?) of them are not included in the maintained-packages list for example erlang and its dependencies, python-django, rabbitmq and even univention-postgresql-9.6 (on a primary). On a school server some packages related to school-specific functionality like printing, printermoderation or webproxy can be found. Support/Service staff as well as customers themselves may be confused about the support status of the system.
After a fresh setup of UCS 5.0-7: ``` root@srv00-ucs01:~# univention-app info UCS: 5.0-7 errata1050 Installed: Upgradable: root@srv00-ucs01:~# univention-list-installed-unmaintained-packages No unmaintained packages installed. root@srv00-ucs01:~# univention-app install ucsschool [...] root@srv00-ucs01:~# univention-list-installed-unmaintained-packages The following packages are unmaintained: python-colorlog python3-colorlog root@srv00-ucs01:~# ``` And after setting up an UCS@school single server environment: ``` root@srv00-ucs01:~# univention-list-installed-unmaintained-packages The following packages are unmaintained: erlang-asn1 erlang-base erlang-crypto erlang-eldap erlang-ftp erlang-inets erlang-mnesia erlang-os-mon erlang-parsetools erlang-public-key erlang-runtime-tools erlang-snmp erlang-ssl erlang-syntax-tools erlang-tftp erlang-tools erlang-xmerl fonts-font-awesome fonts-glewlwyd gunicorn3 libsctp1 printer-driver-cups-pdf python-amqp python-anyjson python-attr python-billiard python-celery python-celery-common python-colorlog python-coreapi python-coreschema python-cups python-django python-django-common python-django-filters python-django-guardian python-djangorestframework python-ephem python-functools32 python-itypes python-kombu python-mailer python-pampy python-pathlib python-sqlparse python-vine python3-amqp python3-anyjson python3-attr python3-billiard python3-celery python3-colorlog python3-coreapi python3-coreschema python3-cups python3-django python3-django-celery-results python3-django-filters python3-django-guardian python3-djangorestframework python3-ephem python3-gunicorn python3-itypes python3-kombu python3-pampy python3-sqlparse python3-vine rabbitmq-server squidguard root@srv00-ucs01:~# ```
Created attachment 11211 [details] ucsschool unmaintained dependencies Small script to find which packages we have defined as explicit dependencies. These packages need to be added to the trigger list: https://git.knut.univention.de/univention/ucs-maintained ucs-school-import/debian/control gunicorn3 ####### ucs-test-ucsschool/debian/control ucs-school-import/debian/control python-attr ####### ucs-school-import/debian/control python-celery ####### ucs-school-import/debian/control python-celery-common ####### ucs-school-lib/debian/control python-colorlog ####### ucs-school-umc-printermoderation/debian/control python-cups ####### django-pam/debian/control ucs-school-import/debian/control python-django ####### ucs-school-import/debian/control python-django-filters ####### ucs-school-import/debian/control python-djangorestframework ####### ucs-school-import/debian/control python-pampy ####### ucs-test-ucsschool/debian/control ucs-school-import/debian/control python3-attr ####### ucs-school-import/debian/control python3-celery ####### ucs-school-lib/debian/control python3-colorlog ####### ucs-school-umc-printermoderation/debian/control python3-cups ####### django-pam/debian/control ucs-school-import/debian/control python3-django ####### ucs-school-import/debian/control python3-django-celery-results ####### ucs-school-import/debian/control python3-django-filters ####### ucs-school-import/debian/control python3-djangorestframework ####### ucs-school-import/debian/control python3-pampy ####### ucs-school-import/debian/control rabbitmq-server ####### ucs-school-webproxy/debian/control squidguard #######
We need a test for this. UCS does test this as an extra job: https://jenkins2022.knut.univention.de/job/UCS-5.0/job/UCS-5.0-7/job/CheckMaintainedList/ It is not just a ucs-test because ucs-test installs a lot of packages which are not maintained. So we need to test on a machine that doesn't have ucs-test installed.