On Tue, Jun 30, 2020 at 08:48:05AM +1200, Andrew Bartlett wrote:
On Mon, 2020-06-29 at 08:46 -0400, Michael Stone wrote:
Package: samba-libs
Version: 2:4.12.3+dfsg-2
Severity: critical
Justification: breaks the whole system
The new samba-libs package changes the soname of libndr from
libndr.so.0 to
libndr.so.1 without reflecting this change in the package name. sssd-
ad-common
has a dependency on samba-libs (>= 2:4.11.5+dfsg) and links to
libndr.so.0.
When the samba-libs package is updated and libndr.so.0 disappears
sssd fails to
start, which then makes a system's remote users unavailable. (Worse,
this
doesn't happen until the next time sssd restarts--which may not be
until the
next reboot.)
It's not clear why the samba-libs package doesn't include the so
number, but at
the very least it needs a set of dependencies to avoid breaking sssd-
ad-common.
We can't put a version number in samba-libs as there are multiple
public libraries in there.
(Upstream) Samba doesn't promise not to keep doing this - the
underlying change has happened before, but this time we were honest and
bumped the .so - so sssd may need to have a dependency on the Samba
version it built against.
That may well be the best solution going forward, but something else
needs to be in place to prevent breakage for existing packages.
