[pkg-go] Bug#968964: lego: disables DNS providers without warning
Phil Pennock
debian-bts at phil.spodhuis.org
Mon Aug 24 17:42:12 BST 2020
Package: lego
Severity: important
Dear Maintainer,
The lego packaging for Debian disables various DNS providers, but does
not call out in the changelog when providers are disabled and does not
update the dnshelp sub-command so that the tool continues to falsely
claim support for DNS providers which have been disabled. This led to
much debugging until fresh eyes on a Monday quickly identified that all
our problems came from using the distribution packaging of lego, so
we've now switched to upstream release binaries.
In the
<https://salsa.debian.org/go-team/packages/golang-github-xenolf-lego.git>
git repo with the packaging, commit f2a108f0 on 2019-12-21 disabled
support for MS Azure DNS handling. This was not mentioned in the
changelog file or the git commit message.
The way that DNS providers are disabled is that in the debian/rules
file, the upstream `providers/dns/dns_providers.go` is patched with
Perl. If Debian is going to continue doing this, as a policy decision,
then the file `cmd/zz_gen_cmd_dnshelp.go` also needs to be updated, so
that running `lego dnshelp` does not falsely claim support where none
exists.
I believe that silently breaking working support and leaving now-false
claims in the code warrants "important" severity.
-- System Information:
Debian Release: bullseye/sid
APT prefers focal-updates
APT policy: (500, 'focal-updates'), (500, 'focal-security'), (500, 'focal'), (100, 'focal-backports')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 5.5.7-050507-generic (SMP w/8 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /usr/bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
More information about the Pkg-go-maintainers
mailing list