[Freeipa-devel] import rpm causes failure during IPA caless install
Martin Kosek
mkosek at redhat.com
Fri Jan 8 13:11:06 UTC 2016
On 01/08/2016 02:09 PM, Martin Basti wrote:
>
>
> On 08.01.2016 14:00, Martin Kosek wrote:
>> On 01/08/2016 01:45 PM, Martin Basti wrote:
>>> Hello all,
>>>
>>> fix for ticket https://fedorahosted.org/freeipa/ticket/5535
>>> requires to import rpm module
>>>
>>> This import somehow breaks nsslib in IPA
>>> https://fedorahosted.org/freeipa/ticket/5572
>>>
>>>
>>> We have 2 ways how to fix it:
>>>
>>> 1) move import rpm to body of methods (attached patch)
>>> We are not sure how stable is this solution.
>>>
>>> 2) use solution with rpmdevtools proposed here:
>>> https://www.redhat.com/archives/freeipa-devel/2016-January/msg00092.html
>>> This should be rock stable but it needs many dependencies (rpm-python too,
>>> perl)
>>>
>>> The second way looks safer, so I would like to reimplement it, do you all agree
>>> or do you have better idea?
>>> Feedback welcome, please ASAP.
>>>
>>> Martin^2
>> Since it's Friday, I invested 15 minutes to practice my C skills and use the
>> python-cffi library to call rpm rpmvercmp library call directly (attached):
>>
>> $ python rpm.py 4.2.0-15.el7 4.2.0-15.el7_2.3
>> 4.2.0-15.el7 < 4.2.0-15.el7_2.3
>>
>> This would not introduce any additional dependency besides rpm-devel, right? :-)
> I'm afraid that this can cause the same issue as import rpm, because the nsslib
> is used from C library
This would need to be tested/figured out, I do not know the exact details of
how the NSS issue is triggered.
More information about the Freeipa-devel
mailing list