Project

General

Profile

Bug #15904

mutt is installed again

Added by sajolida 2 months ago. Updated about 1 month ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
-
Target version:
Start date:
09/02/2018
Due date:
% Done:

100%

QA Check:
Pass
Feature Branch:
kibi:bugfix/15904-make-sure-mutt-is-not-installed
Type of work:
Code
Blueprint:
Starter:
Affected tool:

Description

In Tails 3.9 (20180817) `mutt` is installed again.

We removed it from Tails in 1.4.

I could deinstall it from Tails 3.9 with no problem.

Associated revisions

Revision c716db66 (diff)
Added by Cyril Brulebois 2 months ago

Remove mutt, that can be accidentally installed (refs: #15904).

Packages in the security archive can have a priority that doesn't match
the one from the main archive (see Debian#867668), possibly leading to
extra packages getting installed in our environment. Make sure not to
ship mutt.

Revision db270a03
Added by intrigeri 2 months ago

Merge remote-tracking branch 'kibi/bugfix/15904-make-sure-mutt-is-not-installed' into stable (Fix-committed: #15904)

History

#1 Updated by intrigeri 2 months ago

  • Assignee set to intrigeri
  • Target version changed from Tails_3.9 to Tails_3.10.1

In Tails 3.9 (20180817) `mutt` is installed again.

FTR Tails 3.9 has not been released yet and 3.9~rc1 hasn't mutt installed so "Tails 3.9 (20180817)" is not very useful information.

But after looking around I've noticed that mutt is back in the latest build(s) from testing e.g. https://jenkins.tails.boum.org/view/RM/job/build_Tails_ISO_testing/35/artifact/build-artifacts/tails-amd64-testing-3.9-20180902T1222Z-0db0bd1299.iso.packages/*view*/.

I think that's another problem wrt. priority standard (#15690). See 0c55ab304eb85b3bf867c80e045e49d8db095ca5. We should probably do the same trick in config/chroot_local-hooks/98-remove_unwanted_packages as for geoclue i.e. remove only if installed.

In any case it's not important enough to warrant stressing my overloaded reviewers this close to the final ISO build so that'll wait for 3.10.

#2 Updated by intrigeri 2 months ago

I think that's another problem wrt. priority standard (#15690).

Confirmed, reported to Debian security team.

#3 Updated by intrigeri 2 months ago

Reported in the right place: https://bugs.debian.org/867668

Next step: workaround this problem in 3.10.

#4 Updated by intrigeri 2 months ago

  • Assignee changed from intrigeri to CyrilBrulebois

Do you want this one? While you're at it you could fix my shitty code in config/chroot_local-hooks/98-remove_unwanted_packages for which you commented:

no need for -gt 0
if dpkg --get-selections | grep -qs -E '…' ; then … ; fi

#5 Updated by CyrilBrulebois 2 months ago

  • Assignee changed from CyrilBrulebois to intrigeri
  • QA Check set to Ready for QA
  • Feature Branch set to kibi:bugfix/15904-make-sure-mutt-is-not-installed

Two commits in the bugfix/15904-make-sure-mutt-is-not-installed branch of my repository:

  • The first one removes mutt without checking whether it's installed; contrary to geoclue packages, there are no wildcards involved, so it can be purged without extra checks. Other packages with the same priority issue (due to priority mismatch in main/security archives) could get added in that specific section.
  • The second one makes the geoclue vs. dpkg check more idiomatic. I don't see any such packages getting installed when building the devel branch though.

Comparing .packages files, these packages go away due to the mutt removal, and that seems rather reasonable:

  • libnotmuch4 0.23.7-3
  • libtokyocabinet9:amd64 1.4.48-11+b1
  • mutt 1.7.2-1+deb9u1

For those following at home, an earlier FTBFS needs to be addressed to reach this point (see #15846).

#6 Updated by intrigeri 2 months ago

  • Status changed from Confirmed to In Progress
  • Assignee changed from intrigeri to CyrilBrulebois
  • % Done changed from 0 to 60
  • QA Check changed from Ready for QA to Dev Needed

Looks mostly good to me, thanks! Two things though:

  • please rebase this on the stable branch so we can merge it for 3.10 which is a bugfix release; devel is where we prepare the next major release (3.12).
  • we don't need to pass the -c option to grep anymore, do we?

#7 Updated by CyrilBrulebois 2 months ago

  • Assignee changed from CyrilBrulebois to intrigeri
  • QA Check changed from Dev Needed to Ready for QA

You're right on both counts. Rebased on top of stable, and -c option removed. Thanks for the review!

#8 Updated by intrigeri 2 months ago

Code review passes, sending to CI.

#9 Updated by intrigeri 2 months ago

  • Status changed from In Progress to Fix committed
  • Assignee deleted (intrigeri)
  • % Done changed from 60 to 100
  • QA Check changed from Ready for QA to Pass

Merged, thanks!

#10 Updated by Anonymous 2 months ago

  • Status changed from Fix committed to In Progress

#11 Updated by intrigeri 2 months ago

  • Status changed from In Progress to Fix committed

#12 Updated by intrigeri about 1 month ago

  • Target version changed from Tails_3.10.1 to Tails_3.9.1

#13 Updated by anonym about 1 month ago

  • Status changed from Fix committed to Resolved

Also available in: Atom PDF