On 2015.10.29 19:11, Martin Jansa wrote:
On Thu, Oct 29, 2015 at 11:04:02AM +0200, Ioan-Adrian Ratiu wrote:
On Thu, 29 Oct 2015 09:41:52 +0800
Zhiquan Li <[email protected]> wrote:
On 2015.10.27 18:49, Ioan-Adrian Ratiu wrote:
On Tue, 27 Oct 2015 09:54:07 +0000
"Li, Zhiquan" <[email protected]> wrote:
I need to evaluate the possibility to upgrade the snort recipe to
2.9.7, because upgrade to > 2.9.7, some patches will not work
anymore and the daq recipe also need to be upgraded to 2.0.4 at
least. The side-effect is uncertainty.
What exactly do you mean by "patches will not work anymore"?.
Do you mean thy do not apply on >2.9.7? AFAIK two of those
patches are not needed in 2.9.7.6 (fixed upstream), the others
just need refreshing.
I've tried to upgrade snort from 2.9.6.0 to 2.9.7.5, as its
dependency I also upgrade daq recipe from 2.0.2 to 2.0.6, and
accordingly update the patches:
* add 2 new patches for snort to solve the cross compile issues.
* discard a snort patch since it is not needed.
* refresh the patch for daq new version.
Please see the attachment for the changes.
Unfortunately , it was failed when packaging debug files, the rpm
debugedit complain: canonicalization unexpectedly shrank by one
character. At a glance it is a bug of debugedit, please see:
http://sourceforge.net/p/snort/mailman/message/34130268/
Redhat hasn't resolved this bug:
https://bugzilla.redhat.com/show_bug.cgi?id=304121
So, the options are:
* Fix rpm debugedit bug and update it to OE
* Take the workaround that skip the snort debug package
* Backport the fix from snort upstream
IMO anything rpm-based is fundamentally broken and not worth fixing
because of these kind of long-standing bugs. You spend tons of time
fixing one, then just hit another that was also ignored for +8 years.
I don't think we should skip the debug package entirely because ipks
and debs should be fine. If it is possible to skip only rpm-debug pkgs
then this would be the best way to go IMO.
Not upgrading the package and backporting fixes only to avoid this rpm
bug should be the last option.
@Martin and @Khem, do you have any suggestions?
I've already merged this change to master-next and I plan to merge it to
master and jethro soon (when jenkins builds are finished).
It's good incremental step (fixes the root cause why it was
blacklisted), upgrade to newer version is also good, but can be separate
and only for master branch (as jethro is almost closed now).
"canonicalization unexpectedly shrank by one character" is something we
have to fix from time to time, but it's always doable in the component
source (usually double slash in one of the paths), so it's not 8+ years
kind of issue.
Regards,
Many thanks, Martin!
I saw your fix for "canonicalization unexpectedly shrank by one
character" issue:
http://lists.openembedded.org/pipermail/openembedded-core/2013-October/084960.html
Some redundant '/' were sneakingly inserted into snort binary and lead
to the rpm debugedit error finally.
I've submitted a new patch so that snort can be upgraded to 2.9.7+:
http://lists.openembedded.org/pipermail/openembedded-devel/2015-November/104661.html
--
Best Regards,
Li Zhiquan
--
_______________________________________________
Openembedded-devel mailing list
[email protected]
http://lists.openembedded.org/mailman/listinfo/openembedded-devel
