dpkg_lowpkg: Do not access dpkg internals directly #58735
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ghost
requested a review
from 
bdrung
force-pushed
the
fix-dpkg
branch
2 times, most recently
from
43c63cb
to
d2b619e
Compare
bdrung
changed the title
bdrung
changed the title
bdrung
force-pushed
the
fix-dpkg
branch
2 times, most recently
from
f1450b2
to
5385163
Compare
cmcmarrow
previously approved these changes
Oct 21, 2020
|
@bdrung thanks for the fix! |
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Oct 22, 2020
salt contains modules, which directly access the dpkg internal database,
instead of using one of the public interfaces provided by dpkg. This is
a problem for several reasons, because even though the layout and format
of the dpkg database is administrator friendly, and it is expected that
those might need to mess with it, in case of emergency, this “interface”
does not extend to other programs besides the dpkg suite of tools. The
admindir can also be configured differently at dpkg build or run-time.
And finally, the contents and its format, will be changing in the near
future.
So use something like:
```
dpkg-query --showformat '${db-fsys:Last-Modified}\n' --show $pkg
```
to get the mtime from /var/lib/dpkg/info/<package>.list files.
Bug: saltstack#52605
Bug-Debian: https://bugs.debian.org/944970
Forwarded: saltstack#58735
Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Oct 22, 2020
salt contains modules, which directly access the dpkg internal database, instead of using one of the public interfaces provided by dpkg. This is a problem for several reasons, because even though the layout and format of the dpkg database is administrator friendly, and it is expected that those might need to mess with it, in case of emergency, this “interface” does not extend to other programs besides the dpkg suite of tools. The admindir can also be configured differently at dpkg build or run-time. And finally, the contents and its format, will be changing in the near future. `/var/lib/dpkg/available` should not be read directly. Instead `dpkg-query --print-avail` should be used. The `/var/lib/dpkg/available` file is only kept up-to-date when using dselect, but nowadays `apt` is used, and therefore this file does not provide much more information than `dpkg-query -W`. Users of APT-based frontends should use `apt show` or in our case the `pkg.show` salt module. `dpkg-query --print-avail` provides following keys (on Ubuntu 20.04): ``` $ dpkg-query --print-avail | sed 's/:.*$//' | sort | uniq Architecture Breaks Bugs Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Conflicts Depends Description Description-md5 Enhances Essential Filename Homepage Important Installed-Size Maintainer MD5sum Multi-Arch Origin Original-Maintainer Package Pre-Depends Priority Provides Recommends Replaces Section SHA1 SHA256 Size Source Suggests Supported Task Version ``` Following keys cannot be retrieved by `dpkg-query -W`: ``` Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Important Multi-Arch Original-Maintainer SHA1 SHA256 Supported ``` Please use `pkg.show` for those keys. Following additional keys could be retrieved if needed: ``` Breaks Enhances Essential Filename Pre-Depends Priority Suggests ``` Without calling `_get_pkg_ds_avail`, `info` just calls `_get_pkg_info` and converts it into a dict and add a license field. Since `_get_pkg_ds_avail` is used nowhere else, move it into `info`. Do not query Installed-Size, because it was stripped as "technical" key previously. Bug: saltstack#52605 Bug-Debian: https://bugs.debian.org/944970 Forwarded: saltstack#58735 Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Oct 26, 2020
salt contains modules, which directly access the dpkg internal database,
instead of using one of the public interfaces provided by dpkg. This is
a problem for several reasons, because even though the layout and format
of the dpkg database is administrator friendly, and it is expected that
those might need to mess with it, in case of emergency, this “interface”
does not extend to other programs besides the dpkg suite of tools. The
admindir can also be configured differently at dpkg build or run-time.
And finally, the contents and its format, will be changing in the near
future.
So use something like:
```
dpkg-query --showformat '${db-fsys:Last-Modified}\n' --show $pkg
```
to get the mtime from /var/lib/dpkg/info/<package>.list files.
Bug: saltstack#52605
Bug-Debian: https://bugs.debian.org/944970
Forwarded: saltstack#58735
Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Oct 26, 2020
salt contains modules, which directly access the dpkg internal database, instead of using one of the public interfaces provided by dpkg. This is a problem for several reasons, because even though the layout and format of the dpkg database is administrator friendly, and it is expected that those might need to mess with it, in case of emergency, this “interface” does not extend to other programs besides the dpkg suite of tools. The admindir can also be configured differently at dpkg build or run-time. And finally, the contents and its format, will be changing in the near future. `/var/lib/dpkg/available` should not be read directly. Instead `dpkg-query --print-avail` should be used. The `/var/lib/dpkg/available` file is only kept up-to-date when using dselect, but nowadays `apt` is used, and therefore this file does not provide much more information than `dpkg-query -W`. Users of APT-based frontends should use `apt show` or in our case the `pkg.show` salt module. `dpkg-query --print-avail` provides following keys (on Ubuntu 20.04): ``` $ dpkg-query --print-avail | sed 's/:.*$//' | sort | uniq Architecture Breaks Bugs Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Conflicts Depends Description Description-md5 Enhances Essential Filename Homepage Important Installed-Size Maintainer MD5sum Multi-Arch Origin Original-Maintainer Package Pre-Depends Priority Provides Recommends Replaces Section SHA1 SHA256 Size Source Suggests Supported Task Version ``` Following keys cannot be retrieved by `dpkg-query -W`: ``` Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Important Multi-Arch Original-Maintainer SHA1 SHA256 Supported ``` Please use `pkg.show` for those keys. Following additional keys could be retrieved if needed: ``` Breaks Enhances Essential Filename Pre-Depends Priority Suggests ``` Without calling `_get_pkg_ds_avail`, `info` just calls `_get_pkg_info` and converts it into a dict and add a license field. Since `_get_pkg_ds_avail` is used nowhere else, move it into `info`. Do not query Installed-Size, because it was stripped as "technical" key previously. Bug: saltstack#52605 Bug-Debian: https://bugs.debian.org/944970 Forwarded: saltstack#58735 Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
krionbsd
previously approved these changes
Nov 9, 2020
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Apr 27, 2021
salt contains modules, which directly access the dpkg internal database,
instead of using one of the public interfaces provided by dpkg. This is
a problem for several reasons, because even though the layout and format
of the dpkg database is administrator friendly, and it is expected that
those might need to mess with it, in case of emergency, this “interface”
does not extend to other programs besides the dpkg suite of tools. The
admindir can also be configured differently at dpkg build or run-time.
And finally, the contents and its format, will be changing in the near
future.
So use something like:
```
dpkg-query --showformat '${db-fsys:Last-Modified}\n' --show $pkg
```
to get the mtime from /var/lib/dpkg/info/<package>.list files.
Bug: saltstack#52605
Bug-Debian: https://bugs.debian.org/944970
Forwarded: saltstack#58735
Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Apr 27, 2021
salt contains modules, which directly access the dpkg internal database, instead of using one of the public interfaces provided by dpkg. This is a problem for several reasons, because even though the layout and format of the dpkg database is administrator friendly, and it is expected that those might need to mess with it, in case of emergency, this “interface” does not extend to other programs besides the dpkg suite of tools. The admindir can also be configured differently at dpkg build or run-time. And finally, the contents and its format, will be changing in the near future. `/var/lib/dpkg/available` should not be read directly. Instead `dpkg-query --print-avail` should be used. The `/var/lib/dpkg/available` file is only kept up-to-date when using dselect, but nowadays `apt` is used, and therefore this file does not provide much more information than `dpkg-query -W`. Users of APT-based frontends should use `apt show` or in our case the `pkg.show` salt module. `dpkg-query --print-avail` provides following keys (on Ubuntu 20.04): ``` $ dpkg-query --print-avail | sed 's/:.*$//' | sort | uniq Architecture Breaks Bugs Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Conflicts Depends Description Description-md5 Enhances Essential Filename Homepage Important Installed-Size Maintainer MD5sum Multi-Arch Origin Original-Maintainer Package Pre-Depends Priority Provides Recommends Replaces Section SHA1 SHA256 Size Source Suggests Supported Task Version ``` Following keys cannot be retrieved by `dpkg-query -W`: ``` Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Important Multi-Arch Original-Maintainer SHA1 SHA256 Supported ``` Please use `pkg.show` for those keys. Following additional keys could be retrieved if needed: ``` Breaks Enhances Essential Filename Pre-Depends Priority Suggests ``` Without calling `_get_pkg_ds_avail`, `info` just calls `_get_pkg_info` and converts it into a dict and add a license field. Since `_get_pkg_ds_avail` is used nowhere else, move it into `info`. Do not query Installed-Size, because it was stripped as "technical" key previously. Bug: saltstack#52605 Bug-Debian: https://bugs.debian.org/944970 Forwarded: saltstack#58735 Signed-off-by: Benjamin Drung <benjamin.drung@cloud.ionos.com>
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Apr 16, 2022
salt contains modules, which directly access the dpkg internal database,
instead of using one of the public interfaces provided by dpkg. This is
a problem for several reasons, because even though the layout and format
of the dpkg database is administrator friendly, and it is expected that
those might need to mess with it, in case of emergency, this “interface”
does not extend to other programs besides the dpkg suite of tools. The
admindir can also be configured differently at dpkg build or run-time.
And finally, the contents and its format, will be changing in the near
future.
So use something like:
```
dpkg-query --showformat '${db-fsys:Last-Modified}\n' --show $pkg
```
to get the mtime from /var/lib/dpkg/info/<package>.list files.
Bug: saltstack#52605
Bug-Debian: https://bugs.debian.org/944970
Forwarded: saltstack#58735
Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
Gbp-Pq: Name dpkg_lowpkg-Do-not-access-var-lib-dpkg-info-package-.patch
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Apr 16, 2022
salt contains modules, which directly access the dpkg internal database, instead of using one of the public interfaces provided by dpkg. This is a problem for several reasons, because even though the layout and format of the dpkg database is administrator friendly, and it is expected that those might need to mess with it, in case of emergency, this “interface” does not extend to other programs besides the dpkg suite of tools. The admindir can also be configured differently at dpkg build or run-time. And finally, the contents and its format, will be changing in the near future. `/var/lib/dpkg/available` should not be read directly. Instead `dpkg-query --print-avail` should be used. The `/var/lib/dpkg/available` file is only kept up-to-date when using dselect, but nowadays `apt` is used, and therefore this file does not provide much more information than `dpkg-query -W`. Users of APT-based frontends should use `apt show` or in our case the `pkg.show` salt module. `dpkg-query --print-avail` provides following keys (on Ubuntu 20.04): ``` $ dpkg-query --print-avail | sed 's/:.*$//' | sort | uniq Architecture Breaks Bugs Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Conflicts Depends Description Description-md5 Enhances Essential Filename Homepage Important Installed-Size Maintainer MD5sum Multi-Arch Origin Original-Maintainer Package Pre-Depends Priority Provides Recommends Replaces Section SHA1 SHA256 Size Source Suggests Supported Task Version ``` Following keys cannot be retrieved by `dpkg-query -W`: ``` Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Important Multi-Arch Original-Maintainer SHA1 SHA256 Supported ``` Please use `pkg.show` for those keys. Following additional keys could be retrieved if needed: ``` Breaks Enhances Essential Filename Pre-Depends Priority Suggests ``` Without calling `_get_pkg_ds_avail`, `info` just calls `_get_pkg_info` and converts it into a dict and add a license field. Since `_get_pkg_ds_avail` is used nowhere else, move it into `info`. Do not query Installed-Size, because it was stripped as "technical" key previously. Bug: saltstack#52605 Bug-Debian: https://bugs.debian.org/944970 Forwarded: saltstack#58735 Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com> Gbp-Pq: Name dpkg_lowpkg-Drop-reading-var-lib-dpkg-available-dire.patch
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Nov 30, 2022
salt contains modules, which directly access the dpkg internal database,
instead of using one of the public interfaces provided by dpkg. This is
a problem for several reasons, because even though the layout and format
of the dpkg database is administrator friendly, and it is expected that
those might need to mess with it, in case of emergency, this “interface”
does not extend to other programs besides the dpkg suite of tools. The
admindir can also be configured differently at dpkg build or run-time.
And finally, the contents and its format, will be changing in the near
future.
So use something like:
```
dpkg-query --showformat '${db-fsys:Last-Modified}\n' --show $pkg
```
to get the mtime from /var/lib/dpkg/info/<package>.list files.
Bug: saltstack#52605
Bug-Debian: https://bugs.debian.org/944970
Forwarded: saltstack#58735
Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
bdrung
added a commit
to bdrung/salt
that referenced
this pull request
Nov 30, 2022
salt contains modules, which directly access the dpkg internal database, instead of using one of the public interfaces provided by dpkg. This is a problem for several reasons, because even though the layout and format of the dpkg database is administrator friendly, and it is expected that those might need to mess with it, in case of emergency, this “interface” does not extend to other programs besides the dpkg suite of tools. The admindir can also be configured differently at dpkg build or run-time. And finally, the contents and its format, will be changing in the near future. `/var/lib/dpkg/available` should not be read directly. Instead `dpkg-query --print-avail` should be used. The `/var/lib/dpkg/available` file is only kept up-to-date when using dselect, but nowadays `apt` is used, and therefore this file does not provide much more information than `dpkg-query -W`. Users of APT-based frontends should use `apt show` or in our case the `pkg.show` salt module. `dpkg-query --print-avail` provides following keys (on Ubuntu 20.04): ``` $ dpkg-query --print-avail | sed 's/:.*$//' | sort | uniq Architecture Breaks Bugs Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Conflicts Depends Description Description-md5 Enhances Essential Filename Homepage Important Installed-Size Maintainer MD5sum Multi-Arch Origin Original-Maintainer Package Pre-Depends Priority Provides Recommends Replaces Section SHA1 SHA256 Size Source Suggests Supported Task Version ``` Following keys cannot be retrieved by `dpkg-query -W`: ``` Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Important Multi-Arch Original-Maintainer SHA1 SHA256 Supported ``` Please use `pkg.show` for those keys. Following additional keys could be retrieved if needed: ``` Breaks Enhances Essential Filename Pre-Depends Priority Suggests ``` Without calling `_get_pkg_ds_avail`, `info` just calls `_get_pkg_info` and converts it into a dict and add a license field. Since `_get_pkg_ds_avail` is used nowhere else, move it into `info`. Do not query Installed-Size, because it was stripped as "technical" key previously. Bug: saltstack#52605 Bug-Debian: https://bugs.debian.org/944970 Forwarded: saltstack#58735 Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
|
Looks like some of the test failures are related. I can give a review once they are cleaned up. Thanks |
salt contains modules, which directly access the dpkg internal database,
instead of using one of the public interfaces provided by dpkg. This is
a problem for several reasons, because even though the layout and format
of the dpkg database is administrator friendly, and it is expected that
those might need to mess with it, in case of emergency, this “interface”
does not extend to other programs besides the dpkg suite of tools. The
admindir can also be configured differently at dpkg build or run-time.
And finally, the contents and its format, will be changing in the near
future.
So use something like:
```
dpkg-query --showformat '${db-fsys:Last-Modified}\n' --show $pkg
```
to get the mtime from /var/lib/dpkg/info/<package>.list files.
Bug: saltstack#52605
Bug-Debian: https://bugs.debian.org/944970
Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
salt contains modules, which directly access the dpkg internal database, instead of using one of the public interfaces provided by dpkg. This is a problem for several reasons, because even though the layout and format of the dpkg database is administrator friendly, and it is expected that those might need to mess with it, in case of emergency, this “interface” does not extend to other programs besides the dpkg suite of tools. The admindir can also be configured differently at dpkg build or run-time. And finally, the contents and its format, will be changing in the near future. `/var/lib/dpkg/available` should not be read directly. Instead `dpkg-query --print-avail` should be used. The `/var/lib/dpkg/available` file is only kept up-to-date when using dselect, but nowadays `apt` is used, and therefore this file does not provide much more information than `dpkg-query -W`. Users of APT-based frontends should use `apt show` or in our case the `pkg.show` salt module. `dpkg-query --print-avail` provides following keys (on Ubuntu 20.04): ``` $ dpkg-query --print-avail | sed 's/:.*$//' | sort | uniq Architecture Breaks Bugs Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Conflicts Depends Description Description-md5 Enhances Essential Filename Homepage Important Installed-Size Maintainer MD5sum Multi-Arch Origin Original-Maintainer Package Pre-Depends Priority Provides Recommends Replaces Section SHA1 SHA256 Size Source Suggests Supported Task Version ``` Following keys cannot be retrieved by `dpkg-query -W`: ``` Build-Essential Built-Using Cnf-Extra-Commands Cnf-Priority-Bonus Important Multi-Arch Original-Maintainer SHA1 SHA256 Supported ``` Please use `pkg.show` for those keys. Following additional keys could be retrieved if needed: ``` Breaks Enhances Essential Filename Pre-Depends Priority Suggests ``` Without calling `_get_pkg_ds_avail`, `info` just calls `_get_pkg_info` and converts it into a dict and add a license field. Since `_get_pkg_ds_avail` is used nowhere else, move it into `info`. Do not query Installed-Size, because it was stripped as "technical" key previously. Bug: saltstack#52605 Bug-Debian: https://bugs.debian.org/944970 Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
`dpkg_lowpkg.info` only returns information about installed packages. To query packges available in the configured APT archive(s), use the higher level aptpkg module. Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
Avoid joining and splitting command parameters to `cmd.run_all` by passing directly a list as `cmd` parameter. Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
`dpkg-query` does not know following keys: * binary:Revision (Revision exists, but is deprecated) * SHA1 * SHA256 * Summary Remove those keys since they will be always be empty and then stripped. Signed-off-by: Benjamin Drung <benjamin.drung@ionos.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
salt contains modules, which directly access the dpkg internal database, instead of using one of the public interfaces provided by dpkg. This is a problem for several reasons, because even though the layout and format of the dpkg database is administrator friendly, and it is expected that those might need to mess with it, in case of emergency, this “interface” does not extend to other programs besides the dpkg suite of tools. The admindir can also be configured differently at dpkg build or run-time. And finally, the contents and its format, will be changing in the near future.
So use something like:
to get the mtime from /var/lib/dpkg/info/.list files.
/var/lib/dpkg/availableshould not be read directly. Insteaddpkg-query --print-availshould be used. The/var/lib/dpkg/availablefile is only kept up-to-date when using dselect, but nowadays
aptis used, and therefore this file does not provide much more information thandpkg-query -W. Users of APT-based frontends should useapt showor in our case thepkg.showsalt module.This merge request addresses the issues in
dpkg_lowpkg. A separate merge request foralternativeswill follow. Please have a look at the individual commits for more details of the changes.Bug: #52605 and drive by fix for #58735
Bug-Debian: https://bugs.debian.org/944970