Library versioning vs RPM versioning

Paul Howarth paul at city-fan.org
Wed Oct 19 07:44:35 UTC 2005 

On Wed, 2005-10-19 at 08:34 +0200, Linus Walleij wrote:
> Need to get this clear, out of curiosity...
> 
> If say, foo-1.0-1.rpm provides a library as /usr/lib/libfoo.so.1 and then 
> we say foo-1.1-1.rpm is released providing /usr/lib/libfoo.so.2.
> 
> Then, if there is one package bar-1.0.rpm that needs 
> /usr/lib/libfoo.so.1 (and has Requires: foo = 1.0 in its spec) and 
> another baz-1.2.rpm that needs /usr/lib/libfoo.so.2 (and has Requires foo 
> = 1.1 in its spec), what happens from a user point of view?
> 
> As I understand it, as long as no files collide you could have both 
> foo-1.0-1 and foo-1.1-1 installed and satisfy both dependencies. So 
> using command-line rpm that's all pretty easy. But will yum do the same? 
> What yum should then do when you issue "yum install baz" with "bar" 
> already installled is install the new one and keep the old one as well, 
> since it is still being used.
> 
> Am I correct?

No. Yum will only like to have one version of most packages (there are
some exceptions, such as kernels) installed, so you'll get dependency
errors because yum would like to have the latest foo installed, but
can't install it because already-installed bar requires the older
version of foo.

> I haven't been able to find any reasoning for these 
> scenarios in the docs that I've read yet... If you know library versioning 
> vs RPM philosophy then spill the beans, please.

What's usually done in this case is:

* maintainer of foo releases foo-1.1 (and foo-devel-1.1), which provide
libfoo.so.2, and a "compatibility" package foo10-1.0, which contains
libfoo.so.1 (but no foo10-devel-1.0, since new packages should be being
built against foo-1.1).

* yum upgrades foo to foo-1.1, but sees that bar requires libfoo.so.1,
so it installs new package foo10 to satisfy the dependency. You may find
multiple versions of openssl on your system as an example of this in
action.

* bar shouldn't have "Requires: foo = 1.0" in its spec; rpm will
autogenerate the dependency on libfoo.so.1, and that's all that's
needed. In fact having this explicit dependency would break the upgrade
route just described.

> (And this is a strong argument for keeping old versions of packages in the 
> repository, then, atleast stuff providing libraries, since someone who 
> want to install both "bar" and "baz" will need two versions.)

Keeping old versions wouldn't help in this case actually. Pruning is
good, and the mirrors will like it too.

Paul.
-- 
Paul Howarth <paul at city-fan.org>

More information about the fedora-extras-list mailing list