[Pkg-erlang-devel] Bug#562901: couchdb: wrong use of killall in preinst without pre-depends
Steve Langasek
steve.langasek at canonical.com
Mon Dec 28 23:00:33 UTC 2009
Package: couchdb
Version: 0.10.0-1
Severity: serious
Tags: patch
Justification: Policy 3.5
User: ubuntu-devel at lists.ubuntu.com
Usertags: origin-ubuntu lucid ubuntu-patch
The current version of couchdb calls killall in the preinst, with the
following rationale:
* Created debian/preinst, now we make sure that couchdb isn't running any
beam processes on upgrade. Upgrading from 0.9.0-2 was leaving old code in a
running beam process, so you were running 0.9.0 couchdb but had 0.10.0 code
installed until you killed the process. Adds a dependency on psmisc.
This is broken, because:
- You did not add psmisc as a pre-depends of the package as required, you
added it as a build-depends. This is a violation of Policy 3.5.
- You have not discussed this on debian-devel prior to adding the (logical)
pre-dependency. This is also a violation of a Policy 3.5 "should"
requirement.
- Your killall command is helplessly incorrect. Processes running as the
couchdb user should be managed by the init script, and it should be
regarded as a bug in the init script if they aren't being stopped on
upgrade. Processes running as users *other* than the couchdb user are
not affected by the killall command (and should not be), so whatever
problem this preinst was meant to work around is still going to affect
those users.
I recommend dropping this change entirely, as in the following patch, and if
necessary improving the init script to correctly manage these processes.
=== modified file 'debian/control'
--- debian/control 2009-11-21 17:10:39 +0000
+++ debian/control 2009-12-28 22:08:47 +0000
@@ -6,7 +6,7 @@
Standards-Version: 3.8.3
Build-Depends: cdbs (>= 0.4.42), debhelper (>= 7.2.11),
erlang-dev (>= 1:13.b.1-dfsg-3), help2man, libcurl4-openssl-dev,
- libicu-dev, libmozjs-dev, libreadline-dev, psmisc
+ libicu-dev, libmozjs-dev, libreadline-dev
Homepage: http://couchdb.apache.org/
Vcs-Svn: svn+ssh://svn.debian.org/svn/pkg-erlang/couchdb
Vcs-Browser: http://svn.debian.org/viewsvn/pkg-erlang/couchdb
=== removed file 'debian/preinst'
--- debian/preinst 2009-11-21 17:10:39 +0000
+++ debian/preinst 1970-01-01 00:00:00 +0000
@@ -1,29 +0,0 @@
-#!/bin/sh -e
-# by Sam Bisbee <sbisbee at computervip.com> Copyright 2009
-# The right to copy, distribute, and modify this file in any medium is released
-# to anyone without royalty, provided that this notice and the copyright notice
-# is preserved.
-
-case "$1" in
- install)
- ;;
-
- upgrade)
- #Prevent old couchdb code from running in a couchdb process and surviving
- #through to our new version. Assumes that it's running as the default
- #couchdb user.
- killall -q -u couchdb beam > /dev/null || true
- ;;
-
- abort-upgrade)
- ;;
-
- *)
- echo "preinst called with unknown argument $1" >&2
- exit 1
- ;;
-esac
-
-#DEBHELPER#
-
-exit 0
Cheers,
--
Steve Langasek Give me a lever long enough and a Free OS
Debian Developer to set it on, and I can move the world.
Ubuntu Developer http://www.debian.org/
slangasek at ubuntu.com vorlon at debian.org
More information about the Pkg-erlang-devel
mailing list