severity 698248 normal thanks On Tue, Jan 15, 2013 at 11:14:25PM +0100, José Manuel Santamaría Lema wrote: > Package: odbcinst > Version: 2.2.14p2-5 > Severity: serious > Justification: makes odbcinst not very suitable for use in maintainer scripts
> while I'm filing this bug as serious, feel free to downgrade the severity > of this bug if you think it's appropiate. In any case imho a fix for this > bug is worth to be included in wheezy. I don't see anything serious about this bug. I haven't heard of any other packages using odbcinst for DSN registration, and I'm not sure it's really appropriate for virtuoso to do so - how do you correctly handle the scenario where the user has an existing system DSN named 'VOS' before installing your package? 'VOS' is not a particularly collision-resistant name. We allow the risk of collisions when installing drivers because drivers are much more likely to be provided by the system, and clobbering a locally-installed driver is much less likely to result in bugs. Clobbering an unrelated system DSN (with a very vague name, no less) is much more likely to cause problems for the admin. I would suggest that it would be more appropriate to set this up as a file DSN; that way virtuoso has full control over it with no risk of colliding with user settings. > I've been working on the Virtuoso debian package. The maintainer scripts > relies on odbc, the prerm script uses odbcinst with the -l option, thus: > odbcinst -u -s -l -n VOS > however, apparently it doesn't perform the operation like if "VOS" where a > system DSN, but an user DSN. So I've just workarounded this bug using an > evironnment variable which, according to a comment in the odbcinst source > code, is suposed to override the program arguments: > ODBCSEARCH=ODBC_SYSTEM_DSN odbcinst -u -s -l -n VOS > When used this way I think it works as expected. Given that a workaround is available, I definitely don't think this is a serious bug. > We noticed this bug when we where trying to fix a a piuparts error, for more > information, see: > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=677286 > Also note that the reported gave kindly a quick list of other packages which > _might_ be affected: > http://codesearch.debian.net/search?q=odbcinst.*-l+filetype%3Ashell None of these hits are maintainer scripts. Thanks, -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. Ubuntu Developer http://www.debian.org/ [email protected] [email protected]
signature.asc
Description: Digital signature
