On 8.1.2016 14:34, Martin Kosek wrote:
On 01/08/2016 02:32 PM, Martin Kosek wrote:
On 01/08/2016 02:22 PM, Jan Cholasta wrote:
On 8.1.2016 14:13, Martin Basti wrote:



On 08.01.2016 14:14, Jan Cholasta wrote:
On 8.1.2016 14:09, Martin Basti wrote:


On 08.01.2016 14:00, Martin Kosek wrote:
On 01/08/2016 01:45 PM, Martin Basti wrote:
Hello all,

fix for ticket https://fedorahosted.org/freeipa/ticket/5535
requires to import rpm module

This import somehow breaks nsslib in IPA
https://fedorahosted.org/freeipa/ticket/5572


We have 2 ways how to fix it:

1) move import rpm to body of methods (attached patch)
We are not sure how stable is this solution.

2) use solution with rpmdevtools proposed here:
https://www.redhat.com/archives/freeipa-devel/2016-January/msg00092.html

This should be rock stable but it needs many dependencies (rpm-python
too, perl)

The second way looks safer, so I would like to reimplement it, do you
all agree
or do you have better idea?
Feedback welcome, please ASAP.

Martin^2
Since it's Friday, I invested 15 minutes to practice my C skills and
use the
python-cffi library to call rpm rpmvercmp library call directly
(attached):

$ python rpm.py 4.2.0-15.el7 4.2.0-15.el7_2.3
4.2.0-15.el7 < 4.2.0-15.el7_2.3

This would not introduce any additional dependency besides rpm-devel,
right? :-)

Not rpm-devel, but rpm-libs (you should dlopen "librpm.so.3").

I'm afraid that this can cause the same issue as import rpm, because the
nsslib is used from C library

I would be surprised if NSS was used in this particular function.

I will try it

No NSS here:
<https://github.com/rpm-software-management/rpm/blob/master/lib/rpmvercmp.c>

What line? I must miss something...

Please ignore the above, I somehow read it as "No, NSS here" :-)


Anyway, the function looks simple, so it might be safer to just rewrite it to
Python, with no new dependencies.

I would personally rather use the first proposal of rpmdevtools, rather than
rewriting it ourselves. IMO, rewriting the function is the worst option 
actually.

Still, how is reimplementing NSS function safer than calling their library
function? I checked that rpm-devel is not required, BTW.

Loading a library and going through cffi just to call ~20 lines of code seems like an overkill to me.

(TBH I don't care how this is implemented, relying on linear versioning is broken by design, one way or another.)

--
Jan Cholasta

--
Manage your subscription for the Freeipa-devel mailing list:
https://www.redhat.com/mailman/listinfo/freeipa-devel
Contribute to FreeIPA: http://www.freeipa.org/page/Contribute/Code

Reply via email to