Project

General

Profile

Bug #15418

Find out what's going on with Exim in our ISO build process

Added by intrigeri over 1 year ago. Updated about 1 year ago.

Status:
Resolved
Priority:
Elevated
Assignee:
-
Category:
-
Target version:
Start date:
03/16/2018
Due date:
% Done:

100%

Feature Branch:
Type of work:
Research
Blueprint:
Starter:
Affected tool:

Description

The Debian-exim user has been involved in the two cases where we had UID/GID variation accross releases, which broke automatic upgrades. I think we could do something cheap in order to decrease the chances such problems happen.


Related issues

Related to Tails - Bug #15419: Detect earlier in the dev process if we're breaking automatic upgrades Resolved 06/28/2018
Related to Tails - Bug #15690: Stop installing all "Priority: standard" packages only to remove some of them later Resolved 06/29/2018
Blocks Tails - Feature #15334: Core work 2018Q3: Foundations Team Resolved 02/20/2018

History

#1 Updated by intrigeri over 1 year ago

  • Assignee changed from intrigeri to bertagaz
  • Priority changed from Normal to Elevated
  • QA Check set to Info Needed

bertagaz: please send me the full build log for 3.6~rc1 and 3.6 so I can investigate. I probably won't have time to work on this after the end of March so it would be really nice if you could spend 5 minutes to do this soon.

#2 Updated by intrigeri over 1 year ago

#3 Updated by intrigeri over 1 year ago

  • Related to Bug #15419: Detect earlier in the dev process if we're breaking automatic upgrades added

#4 Updated by intrigeri over 1 year ago

intrigeri wrote:

bertagaz: please send me the full build log for 3.6~rc1 and 3.6 so I can investigate. I probably won't have time to work on this after the end of March so it would be really nice if you could spend 5 minutes to do this soon.

Ping? Thanks in advance.

#5 Updated by intrigeri over 1 year ago

#6 Updated by intrigeri over 1 year ago

#7 Updated by bertagaz about 1 year ago

  • Target version changed from Tails_3.7 to Tails_3.8

#8 Updated by intrigeri about 1 year ago

intrigeri wrote:

intrigeri wrote:

bertagaz: please send me the full build log for 3.6~rc1 and 3.6 so I can investigate. I probably won't have time to work on this after the end of March so it would be really nice if you could spend 5 minutes to do this soon.

Ping? Thanks in advance.

Ping? Note that I'm not asking you do do anything here besides emailing me two build logs for releases you did :)

#9 Updated by intrigeri about 1 year ago

  • Target version changed from Tails_3.8 to Tails_3.9

#10 Updated by intrigeri about 1 year ago

  • Assignee changed from bertagaz to intrigeri
  • QA Check deleted (Info Needed)

I suspect that for some reason, under some constraints exim4-daemon-light is installed, possibly because it Provides: default-mta. This package Depends: exim4-base which creates the Debian-exim user. Note that the exim4-config package also creates that user.

Now, all this is mere speculation and it'll be easier to understand by looking at the build logs that I've requested 3.5 months ago. I'm not convinced that I'll get these build logs within a reasonable time frame so I'll try to build from the 3.6 tag and if it still works, this should reproduce the problem. If I don't manage build from that tag, then we'll be back to square one i.e. trying to get the logs from bertagaz.

#11 Updated by intrigeri about 1 year ago

#12 Updated by intrigeri about 1 year ago

#13 Updated by intrigeri about 1 year ago

No trace of exim in my 3.6 build log. Going to build 3.5.

#14 Updated by intrigeri about 1 year ago

  • Assignee changed from intrigeri to anonym
  • QA Check set to Info Needed

intrigeri wrote:

No trace of exim in my 3.6 build log. Going to build 3.5.

… except the time-based snapshots needed to build the basebox for 3.5 are gone so I can't build it.

anonym, can you please send me the 3.5 build log?

#15 Updated by intrigeri about 1 year ago

  • Assignee changed from anonym to intrigeri
  • QA Check deleted (Info Needed)

Actually the last version that got exim mixed in was 3.6~rc1 and it looks like I can actually build this one.

#16 Updated by intrigeri about 1 year ago

  • Status changed from Confirmed to Resolved
  • Assignee deleted (intrigeri)
  • % Done changed from 0 to 100

OK, I think I got it. We install Priority: standard packages with tasksel. These priorities are set in the packages themselves but Debian ftp-masters can override them. In the main Debian archive, exim4 from Stretch is Priority: optional but security.debian.org was out-of-sync at some point early this year: exim4 was still Priority: standard. So when exim4 4.89-2+deb9u3 was uploaded to the Debian security archive (2018-02-14) it was Priority: standard which is why the 3.6~rc1 build picked it up (along with dnsutils, host, and their dependencies, by the way). This archive bug was fixed later and exim4 is back to Priority: optional, as it should be, which is why 3.6 and later did not install it via tasksel.

I'll think on #15419 about whether we could cheaply detect such issues earlier in the release process, before we've invested enough time into QA to feel lazy and ship a broken release as-is.

#17 Updated by intrigeri about 1 year ago

  • Related to Bug #15690: Stop installing all "Priority: standard" packages only to remove some of them later added

Also available in: Atom PDF