| Summary: | Using %apply_patches results in backup files being installed in some packages! | ||
|---|---|---|---|
| Product: | Mageia | Reporter: | Angelo Naselli <anaselli> |
| Component: | RPM Packages | Assignee: | Mageia Bug Squad <bugsquad> |
| Status: | RESOLVED WONTFIX | QA Contact: | |
| Severity: | enhancement | ||
| Priority: | Normal | CC: | sysadmin-bugs, thierry.vignaud |
| Version: | Cauldron | ||
| Target Milestone: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | http://svnweb.mageia.org/packages/cauldron/rpm/current/SOURCES/introduce-apply_patches-and-lua-var-patches_num.patch?revision=389214&view=markup | ||
| Whiteboard: | |||
| Source RPM: | rpm | CVE: | |
| Status comment: | |||
| Bug Depends on: | |||
| Bug Blocks: | 9832 | ||
| Attachments: |
full list of bogus packaged files
list of affected packages |
||
|
Description
Angelo Naselli
2015-03-27 15:54:43 CET
Angelo Naselli
2015-03-27 15:57:33 CET
Severity:
normal =>
enhancement Disabling backup (-b) wouldn't be sufficient, because patch will still create backups even without you explicitly asking it to if the line numbers don't exactly match. Unless you want the macro to actively delete such backups after they're created, it's not a full solution. As far as a bug goes, the bigger problem is that the Makefile is blindly copying all files including backups generated by patch. Unfortunately this is not uncommon for interpreted languages and is something in packaging one needs to be careful about. This caused an issue with os-prober (bug #9832) where it run dangerous commands on extended partitions instead of on just "logical" partitions. We could fix it so that it doesn't do backups by default but I think the proper solution is to deprecate %apply_patches and to switch to %autopatch which doesn't do backup http://rpm.org/gitweb?p=rpm.git;a=blob;f=macros.in#l1105 (one less rpm patch to carry...) URL:
(none) =>
http://svnweb.mageia.org/packages/cauldron/rpm/current/SOURCES/introduce-apply_patches-and-lua-var-patches_num.patch?revision=389214&view=markup Created attachment 6224 [details]
full list of bogus packaged files
urpmf '\.[0-9][0-9][0-9][0-9]$'|sort -u|grep -v ChangeLog|tee /tmp/RES
Created attachment 6225 [details]
list of affected packages
got by adding "|cut -f 1 -d:|sort -u" from previous attachment
Thierry Vignaud
2015-04-09 10:20:14 CEST
Component:
BuildSystem =>
RPM Packages Yes, we should certainly deprecate apply_patches in favor of autopatch (and maybe have tv run a global replace of it in existing specs) once Cauldron re-opens, but like I said before, that's not a full solution, as there will still be some backup files produced unless all patches have exactly correct line numbers. It would probably be worth searching packages for \.orig$ as well. AFAIC, all affected packages should switch to %auto(patch|setup) All affected packages have been fixed in SVN. Most have been submited to core/release Status:
NEW =>
RESOLVED @Thierry yes. Does auto_patch avoid the backup by default? if so we can close this bug otherwise we should remove backups from scripting packages (perl, python,...) yes it does, this is why I advertised this solution |