[Freeipa-devel] import rpm causes failure during IPA caless install
Martin Kosek
mkosek at redhat.com
Fri Jan 8 13:34:31 UTC 2016
On 01/08/2016 02:32 PM, Martin Kosek wrote:
> On 01/08/2016 02:22 PM, Jan Cholasta wrote:
>> On 8.1.2016 14:13, Martin Basti wrote:
>>>
>>>
>>> On 08.01.2016 14:14, Jan Cholasta wrote:
>>>> On 8.1.2016 14:09, Martin Basti wrote:
>>>>>
>>>>>
>>>>> On 08.01.2016 14:00, Martin Kosek wrote:
>>>>>> On 01/08/2016 01:45 PM, Martin Basti wrote:
>>>>>>> Hello all,
>>>>>>>
>>>>>>> fix for ticket https://fedorahosted.org/freeipa/ticket/5535
>>>>>>> requires to import rpm module
>>>>>>>
>>>>>>> This import somehow breaks nsslib in IPA
>>>>>>> https://fedorahosted.org/freeipa/ticket/5572
>>>>>>>
>>>>>>>
>>>>>>> We have 2 ways how to fix it:
>>>>>>>
>>>>>>> 1) move import rpm to body of methods (attached patch)
>>>>>>> We are not sure how stable is this solution.
>>>>>>>
>>>>>>> 2) use solution with rpmdevtools proposed here:
>>>>>>> https://www.redhat.com/archives/freeipa-devel/2016-January/msg00092.html
>>>>>>>
>>>>>>> This should be rock stable but it needs many dependencies (rpm-python
>>>>>>> too, perl)
>>>>>>>
>>>>>>> The second way looks safer, so I would like to reimplement it, do you
>>>>>>> all agree
>>>>>>> or do you have better idea?
>>>>>>> Feedback welcome, please ASAP.
>>>>>>>
>>>>>>> Martin^2
>>>>>> Since it's Friday, I invested 15 minutes to practice my C skills and
>>>>>> use the
>>>>>> python-cffi library to call rpm rpmvercmp library call directly
>>>>>> (attached):
>>>>>>
>>>>>> $ python rpm.py 4.2.0-15.el7 4.2.0-15.el7_2.3
>>>>>> 4.2.0-15.el7 < 4.2.0-15.el7_2.3
>>>>>>
>>>>>> This would not introduce any additional dependency besides rpm-devel,
>>>>>> right? :-)
>>>>
>>>> Not rpm-devel, but rpm-libs (you should dlopen "librpm.so.3").
>>>>
>>>>> I'm afraid that this can cause the same issue as import rpm, because the
>>>>> nsslib is used from C library
>>>>
>>>> I would be surprised if NSS was used in this particular function.
>>>>
>>> I will try it
>>
>> No NSS here:
>> <https://github.com/rpm-software-management/rpm/blob/master/lib/rpmvercmp.c>
>
> What line? I must miss something...
Please ignore the above, I somehow read it as "No, NSS here" :-)
>
>> Anyway, the function looks simple, so it might be safer to just rewrite it to
>> Python, with no new dependencies.
>
> I would personally rather use the first proposal of rpmdevtools, rather than
> rewriting it ourselves. IMO, rewriting the function is the worst option actually.
Still, how is reimplementing NSS function safer than calling their library
function? I checked that rpm-devel is not required, BTW.
More information about the Freeipa-devel
mailing list