[SERVER-23842] Package version conflict Created: 21/Apr/16  Updated: 01/Jun/22  Resolved: 01/Jun/22

Status: Closed
Project: Core Server
Component/s: Packaging
Affects Version/s: None
Fix Version/s: 4.1 Desired

Type: Bug Priority: Minor - P4
Reporter: MA Assignee: Alex Neben
Resolution: Won't Fix Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified

Operating System: ALL
Participants:

 Description   

Hi,

First, thanks for distributing prebuilt binaries for Debian and Ubuntu.

But I think your naming convention at the Debian/Ubuntu packages level is wrong or incomplete.

let me take an example...

You distribute packages for:

Each packages have the same version number, but the files are really different. See the md5 below:
$ md5sum mongodb-org_3.0.0_amd64.deb*
cdbb6447acd7b0cd7327278d88fe06f8 mongodb-org_3.0.0_amd64.deb.precise
89499682dd059002662ae8bf988600e9 mongodb-org_3.0.0_amd64.deb.trusty

Debian policy guide say something like, if packages are referenced in multiple distributions with the same version number, then the .deb file MUST be the exact same files (and is written only one time in the pool directory).

In your case, the different md5sum, imply different packages versions...

You may say it's not really a problem... But imagine someone is currently on Ubuntu Precise LTS with mongodb-org_3.0.0_amd64.deb package installed for the correct Precise repository. And he want to upgrade to Trusty via dist upgrade. What will apt do is compare installed package version and package version in the "futur" repository. apt will see it is the same version, ie: 3.0.0, and WILL NOT attempt and upgrade (neither a reinstall). That is bad! If package don't need to be updated then they should be the same

Sure there is a workaround, people may "apt-get clean" and "apt-get install --reinstall mongodb-org", this will force apt to "move" to the "right" version for Trusty. But it's only a workaround and most people wont think about that.

In order to resolve all this mess, a simple trick
Just include the destination release in the version.
ie: mongodb-org_3.0.0_amd64.deb should be declined as

  • mongodb-org_3.0.0+precise1_amd64.deb
  • mongodb-org_3.0.0+trusty1_amd64.deb

With that, apt will happily upgrade from one version to the other on distribution upgrade. As those versions are incremental.

$ dpkg --compare-versions 3.0.0+precise1 lt 3.0.0+trusty1 && echo Y || echo N
Y

-> Nice!

I also think there is no problem migrating for your current version scheme to the new one as version are still incremental.

$ dpkg --compare-versions 3.0.0 lt 3.0.0+precise1 && echo Y || echo N
Y

-> Nice!

BTW use the "+" separator and NOT the "" as the meaning is different. Using the "" will place the version bellow what's before the separator.

$ dpkg --compare-versions 3.0.0 lt 3.0.0~precise1 && echo Y || echo N
N

-> Bad

I hope you will review you naming convention for the benefit of all
Thanks

Side note: The actual convention doesn't permit to mirror all your repository with standard tool like reprepro.



 Comments   
Comment by Tom Pressnell [ 03/Nov/20 ]

Hi,

Has there been any follow up to this ?

 

It's an annoying problem, easily corrected to align with how distribution repositories are structured.

 

https://www.debian.org/doc/debian-policy/ch-binary.html#uniqueness-of-version-numbers

 

Also, not sure how this would behave during a dist-upgrade scenario.

(not that its an action i perform on db hosts)

 

But, having the os see both packages as "the same" and then running into a hash sum mismatch issue too, is not ideal.

Comment by Ramon Fernandez Marina [ 21/Apr/16 ]

Thanks for the detailed writeup kumy, I've sent this to the "Build Team", who handles the prebuilt packages, for evaluation.

Generated at Thu Feb 08 04:04:37 UTC 2024 using Jira 9.7.1#970001-sha1:2222b88b221c4928ef0de3161136cc90c8356a66.