[PKG-Openstack-devel] Bug#858418: Bug#858418: Is it possible to release fixed packages now?

Kepi kepi at igloonet.cz
Thu Jan 18 21:11:09 UTC 2018 

Thomas Goirand <zigo at debian.org> writes:

> On 01/09/2018 07:13 PM, Kepi wrote:
>> Is it possible to release fixed packages soon?
>> 
>> This bug is making remote systems unaccessible after reboot, IMHO
>> serverity should be critical. I don't think it is acceptable to have
>> such bug for more than half year on stable distribution.
>> 
>> I can confirm that upstream patch mentioned by Nicolas is working.
>> 
>> Thanks
>
> Hi,
>
> While upstream patch may indeed fix the issue, it still relies on the
> SYSTEMCTL_SKIP_REDIRECT systemd internal. Using any of these is in fact
> *very wrong* and should never be used in the packaging of any package in
> Debian. If you don't trust me, you can attempt asking the systemd
> maintainers about this.
>
> For this reason, unfortunately, it is very unlikely that the release
> team will accept such a change in the stable release, and they will
> likely ask for a better fix.
>
> So, we should come up with a better way to fix the issue, a way that
> will be accepted by the release team. According to my own experience, it
> is also very unlikely that the release team will accept some new
> .service files either, unfortunately.
>
> I'd very happily accept any contribution if it's good enough. Though I
> may very much dislike gratuitous comments on how much the work of
> current package maintainers is unacceptable, even if I only very
> recently started to take care of the OpenVSwitch package (ie: at least 6
> months after this bug was opened, and many months after Stretch was
> released). So please, Kepi, moderate yourself. FYI, I've been thinking
> for a long time about ways to fix this problem, but so far haven't
> figure out an acceptable way.
>
> BTW, I don't agree severity should be set to critical. Definition for
> critical is:
>
> "makes unrelated software on the system (or the whole system) break, or
> causes serious data loss, or introduces a security hole on systems where
> you install the package."
>
> Here, only the network as controlled by OpenVSwitch breaks (ie: only
> OpenVSwitch breaks), and there's no data loss or security hole. Besides
> this, it's not ideal, but it can be worked around by not using
> /etc/network/interfaces for configuring OpenVSwitch. There's multiple
> ways to achieve that. Yes, it's not ideal, but until we find a
> satisfying way (in the eyes of the release team, that is) to fix the
> issue, I don't think there's a choice, and that's still a workaround.
>
> Last, is Philippe Latu's solution working? It doesn't feel right to me,
> and didn't have time to test it out...

Hi,

I run into related issue when you discussed problem with internal
variable just couple minutes after I filled report.

I agree it should be fixed "right way", but:

a) isn't _SYSTEMCTL_SKIP_REDIRECT which is already present in init
script internal too? It if is so, I think this workaround should
be included before better solution is found.

b) This issue is critical at least in impact. If you use OvS for primary
interface it renders whole system unusable after restart. I simply
believe this is critical issues because such bug shouldn't be present in
stable distribution. Or if it is present, it should be fixed (worked
around) in matter of days, not weeks or months.

I'm really not sure what is best approach now and I understand your
point of view. Problem is that currently Open vSwitch from stable
distribution:

* can break your primary network with correct configuration
* there is no info in README that you shouldn't use interfaces
* IMHO there shouldn't be any such info :) as we want to use interfaces,
  one reason why we love Debian :)
* workaround exists, even when it is ugly

In my case issue is fixed using this workaround and I can use my servers
again. I simply wanted to help others who will hit this bug and may not
have serial console ready.

BTW: I'm truly sorry if my previous (or this) comment sounds offensive,
there is huge chance it is caused by my poor English skill. I have
great respect for all work done by maintainers and I wasn't trying to
insult anybody. I still think that impact of this bug is greater than
it seams and should be at least worked around until better fix is ready.

Kind Regards,

Kepi
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 832 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/openstack-devel/attachments/20180118/beb52479/attachment.sig>

More information about the Openstack-devel mailing list