[pkg-gnupg-maint] dirmngr dependency

Daniel Kahn Gillmor dkg at fifthhorseman.net
Thu Aug 4 14:59:20 UTC 2016


Hi NIIBE--

On Thu 2016-08-04 02:53:19 -0400, NIIBE Yutaka wrote:
> Hello,
>
> Since I'm not sure what's the problem, I'm writing here.
>
> Today, I tried to fetch key by gpg --recv-key and it failed because
> libksba was too old (I had 1.3.3 installed).
>
> I think that libksba was not updated correctly.
>
> I saw Debian packaging of gnupg and it correctly has the field of
>
> 	Build-Depends: libksba-dev (>= 1.3.4)
>
> However, as the information in this page
>
>      https://packages.debian.org/experimental/dirmngr
>
> The binary package dirmngr depends on libksba8 (>= 1.2.0).
>
>      dep: libksba8 (>= 1.2.0)
>         X.509 and CMS support library
>
>
> Is it a bug of dirmngr or libksba8?
>
>
> I search where (>= 1.2.0) comes from.  I located it's in the
> debian/rules file of libksba package.
>
>     override_dh_makeshlibs:
> 	dh_makeshlibs -V "libksba8 (>= 1.2.0)"


Thanks for catching this!  I'm cc'ing pkg-gnutls-maint, who are
responsible for libksba.

Looking at the revisions of debian/rules for libksba, i think the
packaging could be improved here:

 913e67fa13638cb56a5e1af8e4167d300dd915ce  (2013-12-23)
    - convert to dh 9 (upstream: 1.3.0; makeshlibs still 1.2.0)
 5c4d2c3ff4579329481699ecccdc181ab6a44d4d  (2011-03-05)
    - import upstream 1.2.0 (makeshlibs changed from 1.1.0 to 1.2.0)
 0c9bd2ca8f38f8d00cbcb6b638e7a63e6a67cb9d  (2010-11-14)
    - symbols added, bump shlibs (makeshlibs changed from 1.0.2 to 1.1.0)
 dc8f40e4bd696f6294050f2bfd6a98602105d8cf  (2007-08-07)
    - moved to upstream 1.0.2 -- bump shlibs (makeshlibs changed from 1.0.0 to 1.0.2)

I find a better way to track symbol changes is with an explicit
debian/libksba8.symbols file.  This has two advantages:

 * it associates specific symbols with specific versions of the package,
   so other packages which only use older symbols get to have a looser
   dependency

 * you get a clear and automatic notification of new symbols when
   building a new version of the package.

I knocked together the attached script (invoked as "./extract-symbols
libksba8") to generate a debian/libksba8.symbols file, which i'm
including in the proposed patch below.

Having done that analysis, it's true that there have been no symbols
changes since 1.2.0!  so the dirmngr dependency is tighter for some
other reason that i still need to look into.

          --dkg

-------------- next part --------------
A non-text attachment was scrubbed...
Name: extract-symbols
Type: text/x-sh
Size: 1391 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20160804/f1b71462/attachment.sh>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-avoid-explicit-mkshlibs-version-ship-symbols-file.patch
Type: text/x-diff
Size: 7542 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-gnutls-maint/attachments/20160804/f1b71462/attachment.patch>


More information about the Pkg-gnutls-maint mailing list