[debian-mysql] Request for help with MariaDB 10.3 / mysql-defaults / pam-mysql packaging
wferi at niif.hu
wferi at niif.hu
Fri Dec 28 09:05:12 GMT 2018
Otto Kekäläinen <otto at debian.org> writes:
> The recent upload of MariadB 10.3 to Debian unstable and also the new
> mysql-defaults break the Debian CI tests of your package pam-mysql.
Yes, I noticed, and a user even reported the actual breakage.
> I would appreciate very much if you can debug what exactly goes wrong
> in the pam-mysql tests and perhaps even file a merge request on Salsa
> against mariadb-10.3 to get it fixed.
The problem is that
# objdump -T /lib/x86_64-linux-gnu/security/pam_mysql.so | fgrep password
0000000000000000 DF *UND* 0000000000000000 libmysqlclient_18 make_scrambled_password_323
0000000000000000 DF *UND* 0000000000000000 libmysqlclient_18 make_scrambled_password
and the current sid version does not export these symbols, while
# objdump -T /usr/lib/x86_64-linux-gnu/libmariadbclient.so.18 | fgrep password
000000000003cf70 g DF .text 0000000000000027 libmariadbclient_18 make_scrambled_password
0000000000026f40 g DF .text 0000000000000051 libmariadbclient_18 get_tty_password
0000000000026f40 g DF .text 0000000000000000 (libmariadbclient_16) get_tty_password
000000000003cf00 g DF .text 0000000000000000 (libmariadbclient_16) my_make_scrambled_password
000000000003cf00 g DF .text 0000000000000067 libmariadbclient_18 my_make_scrambled_password
000000000003ca10 g DF .text 0000000000000027 libmariadbclient_18 make_scrambled_password_323
on a stretch system.
> I've spent a lot of effort to create gitlab-ci integration into
> mariadb-10.3 so it is easy for other DDs to write, test and submit
> contributions. The process is documented at
That's great work! However, I don't think the solution is bringing back
these deprecated symbols, maybe except for make_scrambled_password if
MariaDB upstream agrees to make it an official interface (as far as I
know, currently there's no exported function which imitates the effect
of the PASSWORD server function). Moreover, I think pam-mysql misuses
my_make_scrambled_password in stretch, because this function changed
behavior in MySQL 5.6, see https://bugs.mysql.com/bug.php?id=86357.
Anyway, a simple rebuild should fix this issue, because if the pam-mysql
configue script does not find these symbols, it switches to using an
internal implementation of make_scrambled_password and drops the
functionality provided by make_scrambled_password_323. So just ask for
a binNMU or ignore the problem for now (I'll ask upstream for a new
release shortly and upload that).
More information about the pkg-mysql-maint