Bug#529963: dbconfig-common: Suspected problem with database upgrade

Fri, 22 May 2009 07:27:41 -0700 

Package: dbconfig-common
Version: 1.8.39
Severity: normal

Dear folks,

Studying /usr/share/dbconfig-common/dpkg/postinst I think I found a
serious bug in _dbc_find_upgrades() function.

Let's see a simplified file structure:

$ find
..
../upgrade
../upgrade/mysql
../upgrade/mysql/2
../upgrade/mysql/2/T
../upgrade/mysql/2/E
../upgrade/mysql/3
../upgrade/mysql/3/D.sql
../upgrade/mysql/1
../upgrade/mysql/1/B.sql
../upgrade-dbadmin
../upgrade-dbadmin/mysql
../upgrade-dbadmin/mysql/2
../upgrade-dbadmin/mysql/2/A
$ 
$ upgradedirs="./upgrade/mysql ./upgrade-dbadmin/mysql"

In this case $f in the second for cycle will be substituted by the following
values: A B.sql D.sql E T.

$ find $upgradedirs -xtype f -print0 | xargs --no-run-if-empty -0 -n1 basename  
| sort -n | uniq
A
B.sql
D.sql
E
T
$ 

However we need not filenames but version numbers as arguments
of "dpkg --compare-versions", i.e. 1 2 3 in this example.

The for cycle should look like this or so:

        for f in `find $upgradedirs -xtype f -print0 |
              xargs --no-run-if-empty -0 -n1 dirname | xargs -n1 basename |
              sort -n | uniq`; do
                if dpkg --compare-versions $dbc_oldversion lt $f; then
                        pending="$pending $f"
                fi
        done

Note: "sort -n" in the original version is useless because it is applied
on script names instead of package versions.

Unfortunately the package versions are not single integers so sorting
them is not a trivial problem:

$ sort -n << EOT
> 5.15.5-1
> 15.15.5-3
> 5.5.15-0
> EOT
5.15.5-1
5.5.15-0
15.15.5-3
$ 

So what about a little more complex package versions like 5.0.51a-24+lenny1 ?

On can say that we can write our sort routine using "dpkg --compare-versions"
as the following for cycle does but be careful. Full paths are not comparable:

$ dpkg --compare-versions ./upgrade-dbadmin/mysql/2/A lt ./upgrade/mysql/1/B.sql
$ echo $?
0
$

Only the VERSION directory names must be sorted in such a way in order
to ensure scripts are executed in the proper order.

So I'm afraid this part of postinst script should be totally rewritten.

Any comment?

Gabor

-- System Information:
Debian Release: 5.0.1
  APT prefers proposed-updates
  APT policy: (500, 'proposed-updates'), (500, 'testing'), (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.26-1-686 (SMP w/2 CPU cores)
Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1)
Shell: /bin/sh linked to /bin/bash

Versions of packages dbconfig-common depends on:
ii  debconf [debconf-2.0]         1.5.24     Debian configuration management sy
ii  ucf                           3.0016     Update Configuration File: preserv

dbconfig-common recommends no packages.

Versions of packages dbconfig-common suggests:
ii  mysql-client-5.0 [virt 5.0.51a-24+lenny1 MySQL database client binaries

-- debconf information excluded



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to