Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
Olaf van der Spek , 21/11/2018 - 15:03:07 (+0100): > It's a non-existing path (hopefully), so apt won't read any files from > /etc/apt/sources.d (the default for that setting). OK but I still can not understand why they do that. And why apt then removes these packages: default-mysql-server mariadb-client-10.1 mariadb-server-10.1 mysql-server Faustin
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
On Wed, Nov 21, 2018 at 3:11 PM Faustin Lammler wrote: > > Olaf van der Spek , > 21/11/2018 - 15:03:07 (+0100): > > > It's a non-existing path (hopefully), so apt won't read any files from > > /etc/apt/sources.d (the default for that setting). > OK but I still can not understand why they do that. It's used to exclude updates from third party repos I guess. > And why apt then > removes these packages: > default-mysql-server mariadb-client-10.1 mariadb-server-10.1 mysql-server If you're able to repro that then it shouldn't be too hard to figure out right? -- Olaf
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
On Wed, Nov 21, 2018 at 2:59 PM Faustin Lammler wrote: > > Thanks Olaf! > > Olaf van der Spek , > 21/11/2018 - 14:52:05 (+0100): > > > /etc/apt/sources.list.d/ > > File fragments for locations to fetch packages from. Configuration > > Item: Dir::Etc::SourceParts. > Yes, but what does 'nonexistent'? It's a non-existing path (hopefully), so apt won't read any files from /etc/apt/sources.d (the default for that setting). -- Olaf
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
Thanks Olaf! Olaf van der Spek , 21/11/2018 - 14:52:05 (+0100): > /etc/apt/sources.list.d/ > File fragments for locations to fetch packages from. Configuration > Item: Dir::Etc::SourceParts. Yes, but what does 'nonexistent'?
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
On Wed, Nov 21, 2018 at 2:46 PM Faustin Lammler wrote: > > Jeremy Davis , > 21/11/2018 - 15:57:31 (+1100): > May I suggest you to check why you use this option? > I can't find any relevant documentation... https://manpages.debian.org/testing/apt/apt-get.8.en.html /etc/apt/sources.list.d/ File fragments for locations to fetch packages from. Configuration Item: Dir::Etc::SourceParts. -- Olaf
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
Jeremy Davis , 21/11/2018 - 15:57:31 (+1100): > I'll aim to provide as much relevant info as possible, if there is > anything else you need please ask. Hopefully it's not too waffley and/or > includes too much irrelevant info... (I'm often told that I need to turn > verbosity down...) Verbosity in bug reporting is super helpful IMO! I have installed your appliance and the problem is the following option: -o Dir::Etc::sourceparts=nonexistent root@lamp ~# apt-get dist-upgrade -o APT::Get::Show-Upgraded=true \ -o Dir::Etc::sourcelist=/etc/apt/sources.list.d/security.sources.list \ -o DPkg::Options::=--force-confdef \ -o DPkg::Options::=--force-confold Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following NEW packages will be installed: libconfig-inifiles-perl linux-image-4.9.0-8-amd64 The following packages will be upgraded: adminer apache2 apache2-bin apache2-data apache2-utils base-files ca-certificates confconsole curl dehydrated dpkg file git git-core git-man gnupg gnupg-agent gpgv grub-common grub-pc grub-pc-bin grub2-common hdparm libapache2-mod-php7.0 libcurl3 libcurl3-gnutls libfuse2 libgnutls30 libldap-2.4-2 libldap-common libmagic-mgc libmagic1 libmariadbclient18 libpython2.7 libpython2.7-minimal libpython2.7-stdlib libpython3.5-minimal libpython3.5-stdlib libseccomp2 libsystemd0 libudev1 linux-image-amd64 mariadb-client-10.1 mariadb-client-core-10.1 mariadb-common mariadb-server-10.1 mariadb-server-core-10.1 openssh-client openssh-server openssh-sftp-server php7.0-cli php7.0-common php7.0-json php7.0-mysql php7.0-opcache php7.0-readline php7.0-xml python2.7 python2.7-minimal python3.5 python3.5-minimal ssh systemd systemd-sysv tklbam tzdata udev 67 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 99.9 MB of archives. After this operation, 194 MB of additional disk space will be used. Do you want to continue? [Y/n] root@lamp ~# apt-get dist-upgrade Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following NEW packages will be installed: libconfig-inifiles-perl linux-image-4.9.0-8-amd64 The following packages will be upgraded: adminer apache2 apache2-bin apache2-data apache2-utils base-files ca-certificates confconsole curl dehydrated dpkg file git git-core git-man gnupg gnupg-agent gpgv grub-common grub-pc grub-pc-bin grub2-common hdparm libapache2-mod-php7.0 libcurl3 libcurl3-gnutls libfuse2 libgnutls30 libldap-2.4-2 libldap-common libmagic-mgc libmagic1 libmariadbclient18 libpython2.7 libpython2.7-minimal libpython2.7-stdlib libpython3.5-minimal libpython3.5-stdlib libseccomp2 libsystemd0 libudev1 linux-image-amd64 mariadb-client-10.1 mariadb-client-core-10.1 mariadb-common mariadb-server-10.1 mariadb-server-core-10.1 openssh-client openssh-server openssh-sftp-server php7.0-cli php7.0-common php7.0-json php7.0-mysql php7.0-opcache php7.0-readline php7.0-xml python2.7 python2.7-minimal python3.5 python3.5-minimal ssh systemd systemd-sysv tklbam tzdata udev 67 upgraded, 2 newly installed, 0 to remove and 0 not upgraded. Need to get 99.9 MB of archives. After this operation, 194 MB of additional disk space will be used. Do you want to continue? [Y/n] So there is no problem with this security upgrade. May I suggest you to check why you use this option? I can't find any relevant documentation... If you find some useful information you want to add to this, please do it and then please close this bug report. Thanks again for your help! Regards, Faustin
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
On Wed, Nov 21, 2018 at 10:05 AM Jeremy Davis wrote: > > Have you tried figuring out why apt wants to remove mariadb-server? > > Pretty sure it's because we don't have libconfig-inifiles-perl installed > by default, which appears to (now?) be a 'depends' of mariadb-client-10.1. > > FWIW we have apt configured to only install 'depends' and I assume that > it has moved from a 'recommends' to a 'depends' although that is only a > guess... I think it wasn't in recommends either but that's not relevant. The question is: why didn't apt just install libconfig-inifiles-perl? Could you reproduce the issue and find out? -- Olaf
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
On 21/11/18 19:08, Olaf van der Spek wrote: > Are you aware of the unattended-upgrades package though? I have heard of it, but never actually tested it. FWIW we've been using this config for ~10 years now and this is only the 4th time it's bitten us (albeit one of the worst). Perhaps it's time to have a closer look at unattended-upgrades?! > Have you tried figuring out why apt wants to remove mariadb-server? Pretty sure it's because we don't have libconfig-inifiles-perl installed by default, which appears to (now?) be a 'depends' of mariadb-client-10.1. FWIW we have apt configured to only install 'depends' and I assume that it has moved from a 'recommends' to a 'depends' although that is only a guess... signature.asc Description: OpenPGP digital signature
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
On Wed, Nov 21, 2018 at 5:57 AM Jeremy Davis wrote: > On 20/11/18 18:50, Olaf van der Spek wrote: > > IMO apt shouldn't be run in such a way that packages get removed > > automatically though.. > > If you have any specific suggestions on how to ensure that apt won't > remove packages, I'd be interested to hear. No, unfortunately. Are you aware of the unattended-upgrades package though? > Also, IIRC there have been cases where removal of old packages were > required (I think that was the case with Samba security updates within > Jessie?! - Although perhaps I am confused). > Possibly the easiest way to reproduce the issue would be to download our > v15.0 (Stretch based) LAMP appliance ISO[1] (signed hash file here[2]) > and install it to a VM and NOT run the initial firstboot "security > updates" script (i.e. select "skip" when asked). Once logged in as root, > you can then poke around inside and see exactly what is going on. Have you tried figuring out why apt wants to remove mariadb-server? Gr, Olaf
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
Hi Olaf and Faustin, @Olaf Thanks for your quick response and suggestions. On 20/11/18 18:50, Olaf van der Spek wrote: > IMO apt shouldn't be run in such a way that packages get removed > automatically though.. If you have any specific suggestions on how to ensure that apt won't remove packages, I'd be interested to hear. Also, IIRC there have been cases where removal of old packages were required (I think that was the case with Samba security updates within Jessie?! - Although perhaps I am confused). @Faustin Thanks to you too for your prompt reply, apologies that my response has been a little slow... I'll aim to provide as much relevant info as possible, if there is anything else you need please ask. Hopefully it's not too waffley and/or includes too much irrelevant info... (I'm often told that I need to turn verbosity down...) On 21/11/18 04:57, Faustin Lammler wrote: > Are you able to provide a step-by-step procedure? > Possibly the easiest way to reproduce the issue would be to download our v15.0 (Stretch based) LAMP appliance ISO[1] (signed hash file here[2]) and install it to a VM and NOT run the initial firstboot "security updates" script (i.e. select "skip" when asked). Once logged in as root, you can then poke around inside and see exactly what is going on. [1] http://mirror.turnkeylinux.org/turnkeylinux/images/iso/turnkey-lamp-15.0-stretch-amd64.iso [2] http://mirror.turnkeylinux.org/turnkeylinux/images/iso/turnkey-lamp-15.0-stretch-amd64.iso.hash Then the issue can be reproduced by running 'turnkey-install-security-updates' That will only install updates from Debian (and TurnKey) security repos. In an effort to assist you to avoid that though, here's some more info which may help. The process that turnkey-install-security-updates uses is a little convoluted, but essentially it runs this: apt-get update apt-get autoclean -y apt-get dist-upgrade -y -o APT::Get::Show-Upgraded=true \ -o Dir::Etc::sourcelist=/etc/apt/sources.list.d/security.sources.list \ -o Dir::Etc::sourceparts=nonexistent \ -o DPkg::Options::=--force-confdef \ -o DPkg::Options::=--force-confold FWIW the security.sources.list: deb http://archive.turnkeylinux.org/debian stretch-security main deb http://security.debian.org/ stretch/updates main deb http://security.debian.org/ stretch/updates contrib #deb http://security.debian.org/ stretch/updates non-free If I run the above dist-upgrade command (after apt-get update and without the -y switch), I get this: Reading package lists... Done Building dependency tree Reading state information... Done Calculating upgrade... Done The following packages were automatically installed and are no longer required: galera-3 libaio1 libjemalloc1 lsof mariadb-client-core-10.1 mariadb-common mariadb-server-core-10.1 socat Use 'apt autoremove' to remove them. The following packages will be REMOVED: default-mysql-server mariadb-client-10.1 mariadb-server-10.1 mysql-server The following NEW packages will be installed: linux-image-4.9.0-8-amd64 The following packages will be upgraded: curl git git-core git-man libcurl3 libcurl3-gnutls libfuse2 libmariadbclient18 libpython2.7 libpython2.7-minimal libpython2.7-stdlib libpython3.5-minimal libpython3.5-stdlib linux-image-4.9.0-7-amd64 linux-image-amd64 mariadb-client-core-10.1 mariadb-common mariadb-server-core-10.1 openssh-client openssh-server openssh-sftp-server python2.7 python2.7-minimal python3.5 python3.5-minimal ssh 26 upgraded, 1 newly installed, 4 to remove and 0 not upgraded. Need to get 107 MB of archives. After this operation, 68.6 MB of additional disk space will be used. Do you want to continue? [Y/n] Obviously some of those packages are irrelevant to this issue, but figured it best to not omit anything. If I then allow it to install those updates (and uninstall default-mysql-server mariadb-client-10.1 mariadb-server-10.1 & mysql-server), then reinstall default-mysql-server, here's what I get: root@lamp ~# apt-get install default-mysql-server Reading package lists... Done Building dependency tree Reading state information... Done The following additional packages will be installed: libconfig-inifiles-perl mariadb-client-10.1 mariadb-server-10.1 Suggested packages: mariadb-test netcat-openbsd tinyca Recommended packages: libterm-readkey-perl libhtml-template-perl The following NEW packages will be installed: default-mysql-server libconfig-inifiles-perl mariadb-client-10.1 mariadb-server-10.1 0 upgraded, 4 newly installed, 0 to remove and 25 not upgraded. Need to get 11.3 MB of archives. After this operation, 125 MB of additional disk space will be used. So it appears likely that the offending dependency (as suggested by Olaf) is libconfig-inifiles-perl ?! > If not, dpgk -l could help to understand what apt dependencies may be > problematic. And what happened when you reinstalled mariadb. Which > command did you used, what was the output? > Alternatively (or as well as?), you can see all
Bug#914172: [debian-mysql] Bug#914172: Bug#914172: mariadb-server-10.1: mariadb-server sec-update (10.1.37-0+deb9u1) uninstalls default-mysql-server, mysql-server, mariadb-server-10.1 & mariadb-client
Hi Jeremy, thank you for your report. To work on this, I need to be able to reproduce it. Are you able to provide a step-by-step procedure? If not, dpgk -l could help to understand what apt dependencies may be problematic. And what happened when you reinstalled mariadb. Which command did you used, what was the output? Olaf's guess maybe true but there can be lot's of reason why APT decided to remove mariadb-* packages. Finally, do you at turnkeylinux set some non default apt preferences? Faustin