Hi László and the release team, Thanks for merging my patch and taking care of opening this unblock request.
László Böszörményi <g...@debian.org> (2023-03-19): > [ Reason ] > Cyril Brulebois (kibi) who is the maintainer of crowdsec found out > that partial upgrade of Bullseye to Bookworm may render it unable to > start. Reason is, sqlite3 with 3.37.0-1 changed its internal > table_info representation. Previously the column types were in > lowercase letters and from this version these are using uppercase > letters - confusing the Bullseye version of crowdsec. With the version > in Bookworm it is already fixed. Meanwhile, I also found out that the new crowdsec version doesn't work with the old libsqlite3-0 (as it uses newer syntax). I've documented that in #1033132, and I've uploaded a fix already, after running the tests mentioned below. > [ Impact ] > Upgrading only libsqlite3-0 but not crowdsec makes the latter unusable > as it will not start. To prevent such situations I've added breaks on > old crowdsec versions. > > [ Tests ] > Kibi did the testing [1] and the fix only prevents incompatible > versions of the mentioned packages to be installed. I've extended the testing with a crowdsec package bumping its versioned dependency on libsqlite3-0, i.e. hardcoding a minimal version that we know to be needed syntax-wise (3.35.0), as opposed to the minimal one determined via the usual shared library mechanism (3.12.0). Test setup: - bullseye VM with crowdsec/bullseye installed. - apt pointing at bookworm, except with libsqlite3-0 and crowdsec pinned negatively via /etc/apt/preferences. - apt pointing at extra repository that contains libsqlite3-0 from unstable (3.40.1-2) and the tentative crowdsec 1.4.6-3 package (now uploaded to unstable since tests were all green). Triggering these work fine: - Ugrading crowdsec → pulls upgraded libsqlite3-0 along with a few other packages like glibc binaries, and the unpack/configure steps are fine. - Upgrading libsqlite3-0 → pulls upgraded crowdsec along with a few other packages like glibc binaries, and the unpack/configure steps are fine. - Dist-upgrading entirely is fine as well. The transcript for the first two is attached for information. I can replay the third scenario and attach it as well if needed, but I thought concentrating on the two partial upgrades made the most sense. Cheers, -- Cyril Brulebois -- Debian Consultant @ DEBAMAX -- https://debamax.com/
root@crowdsec11:~# apt-get install crowdsec Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: libc-bin libc-l10n libc6 libsqlite3-0 locales Suggested packages: glibc-doc libnss-nis libnss-nisplus The following packages will be upgraded: crowdsec libc-bin libc-l10n libc6 libsqlite3-0 locales 6 upgraded, 0 newly installed, 0 to remove and 287 not upgraded. Need to get 40.5 MB of archives. After this operation, 70.6 MB of additional disk space will be used. Do you want to continue? [Y/n] […] Reading changelogs... Done Preconfiguring packages ... (Reading database ... 35506 files and directories currently installed.) Preparing to unpack .../libc-l10n_2.36-8_all.deb ... Unpacking libc-l10n (2.36-8) over (2.31-13+deb11u5) ... Preparing to unpack .../locales_2.36-8_all.deb ... Unpacking locales (2.36-8) over (2.31-13+deb11u5) ... Preparing to unpack .../libc6_2.36-8_amd64.deb ... Checking for services that may need to be restarted... Checking init scripts... Unpacking libc6:amd64 (2.36-8) over (2.31-13+deb11u5) ... Setting up libc6:amd64 (2.36-8) ... Checking for services that may need to be restarted... Checking init scripts... Restarting services possibly affected by the upgrade: ssh: restarting...done. cron: restarting...done. Services restarted successfully. (Reading database ... 35494 files and directories currently installed.) Preparing to unpack .../libc-bin_2.36-8_amd64.deb ... Unpacking libc-bin (2.36-8) over (2.31-13+deb11u5) ... Setting up libc-bin (2.36-8) ... (Reading database ... 35494 files and directories currently installed.) Preparing to unpack .../crowdsec_1.4.6-3_amd64.deb ... Unpacking crowdsec (1.4.6-3) over (1.0.9-2+b4) ... Removing obsolete conffile /etc/logrotate.d/crowdsec ... Preparing to unpack .../libsqlite3-0_3.40.1-2_amd64.deb ... Unpacking libsqlite3-0:amd64 (3.40.1-2) over (3.34.1-3) ... Setting up libc-l10n (2.36-8) ... Setting up libsqlite3-0:amd64 (3.40.1-2) ... Setting up locales (2.36-8) ... Installing new version of config file /etc/locale.alias ... Generating locales (this might take a while)... fr_FR.UTF-8... done Generation complete. Setting up crowdsec (1.4.6-3) ... Installing new version of config file /etc/crowdsec/config.yaml ... Installing new version of config file /etc/crowdsec/patterns/mysql ... Installing new version of config file /etc/crowdsec/patterns/ssh ... Installing new version of config file /etc/crowdsec/profiles.yaml ... I: All 3 upstream-recommended collections are active, updating their dependencies I: Enabling WAL for SQLite [fstype=ext4] (see README.Debian) W: Applying workaround (lower timeout) for #1031326 INFO[19-03-2023 00:40:38] 1 alert(s) deleted INFO[19-03-2023 00:40:38] 1 alert(s) deleted INFO[19-03-2023 00:40:38] 1 alert(s) deleted INFO[19-03-2023 00:40:38] 1 alert(s) deleted W: Restarting crowdsec to refresh CAPI decisions (#1033138) Processing triggers for man-db (2.9.4-2) ... Processing triggers for libc-bin (2.36-8) ...
root@crowdsec11:~# apt-get install libsqlite3-0 Reading package lists... Done Building dependency tree... Done Reading state information... Done The following additional packages will be installed: crowdsec libc-bin libc-l10n libc6 locales Suggested packages: glibc-doc libnss-nis libnss-nisplus The following packages will be upgraded: crowdsec libc-bin libc-l10n libc6 libsqlite3-0 locales 6 upgraded, 0 newly installed, 0 to remove and 287 not upgraded. Need to get 40.5 MB of archives. After this operation, 70.6 MB of additional disk space will be used. Do you want to continue? [Y/n] […] Reading changelogs... Done Preconfiguring packages ... (Reading database ... 35506 files and directories currently installed.) Preparing to unpack .../libc-l10n_2.36-8_all.deb ... Unpacking libc-l10n (2.36-8) over (2.31-13+deb11u5) ... Preparing to unpack .../locales_2.36-8_all.deb ... Unpacking locales (2.36-8) over (2.31-13+deb11u5) ... Preparing to unpack .../libc6_2.36-8_amd64.deb ... Checking for services that may need to be restarted... Checking init scripts... Unpacking libc6:amd64 (2.36-8) over (2.31-13+deb11u5) ... Setting up libc6:amd64 (2.36-8) ... Checking for services that may need to be restarted... Checking init scripts... Restarting services possibly affected by the upgrade: ssh: restarting...done. cron: restarting...done. Services restarted successfully. (Reading database ... 35494 files and directories currently installed.) Preparing to unpack .../libc-bin_2.36-8_amd64.deb ... Unpacking libc-bin (2.36-8) over (2.31-13+deb11u5) ... Setting up libc-bin (2.36-8) ... (Reading database ... 35494 files and directories currently installed.) Preparing to unpack .../crowdsec_1.4.6-3_amd64.deb ... Unpacking crowdsec (1.4.6-3) over (1.0.9-2+b4) ... Removing obsolete conffile /etc/logrotate.d/crowdsec ... Preparing to unpack .../libsqlite3-0_3.40.1-2_amd64.deb ... Unpacking libsqlite3-0:amd64 (3.40.1-2) over (3.34.1-3) ... Setting up libc-l10n (2.36-8) ... Setting up libsqlite3-0:amd64 (3.40.1-2) ... Setting up locales (2.36-8) ... Installing new version of config file /etc/locale.alias ... Generating locales (this might take a while)... fr_FR.UTF-8... done Generation complete. Setting up crowdsec (1.4.6-3) ... Installing new version of config file /etc/crowdsec/config.yaml ... Installing new version of config file /etc/crowdsec/patterns/mysql ... Installing new version of config file /etc/crowdsec/patterns/ssh ... Installing new version of config file /etc/crowdsec/profiles.yaml ... I: All 3 upstream-recommended collections are active, updating their dependencies I: Enabling WAL for SQLite [fstype=ext4] (see README.Debian) W: Applying workaround (lower timeout) for #1031326 INFO[19-03-2023 00:43:45] 1 alert(s) deleted INFO[19-03-2023 00:43:45] 1 alert(s) deleted INFO[19-03-2023 00:43:45] 1 alert(s) deleted INFO[19-03-2023 00:43:45] 1 alert(s) deleted W: Restarting crowdsec to refresh CAPI decisions (#1033138) Processing triggers for man-db (2.9.4-2) ... Processing triggers for libc-bin (2.36-8) ...
signature.asc
Description: PGP signature
