Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 919865 - dev-db/mariadb: rekeywording for dev-perl/DBD-MariaDB
Summary: dev-db/mariadb: rekeywording for dev-perl/DBD-MariaDB
Status: IN_PROGRESS
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: Keywording (show other bugs)
Hardware: All Linux
: Normal normal
Assignee: Gentoo Linux MySQL bugs team
URL:
Whiteboard:
Keywords: CC-ARCHES, PullRequest, SECURITY
: 913026 (view as bug list)
Depends on:
Blocks: 915511 917515
  Show dependency tree
 
Reported: 2023-12-14 06:44 UTC by Sam James
Modified: 2025-01-09 02:59 UTC (History)
10 users (show)

See Also:
Package list:
>=dev-db/mariadb-10.11.5-r1:10.11 alpha hppa mips s390 >=dev-db/mariadb-10.6.15-r1:10.6 alpha hppa mips s390 dev-perl/DBD-MariaDB alpha hppa mips s390 dev-perl/Proc-ProcessTable alpha hppa mips s390
Runtime testing required: ---
sam: sanity-check+


Attachments
test summary (file_919865.txt,3.48 KB, text/plain)
2024-02-27 16:23 UTC, matoro
no flags Details

Note You need to log in before you can comment on or make changes to this bug.
[+] Description Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-12-14 06:44:31 UTC Comment hidden (obsolete)
[+] Comment 1 NATTkA bot gentoo-dev 2023-12-14 06:48:17 UTC Comment hidden (obsolete)
[+] Comment 2 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2023-12-14 06:50:18 UTC Comment hidden (obsolete)
[+] Comment 3 NATTkA bot gentoo-dev 2023-12-14 06:52:16 UTC Comment hidden (obsolete)
Comment 4 Tomáš Mózes 2024-02-03 10:35:16 UTC
Hello Sam, would be good to proceed as we need to stabilize a newer version of MariaDB due to security issues, thanks!
[+] Comment 5 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-02-03 10:37:57 UTC Comment hidden (obsolete)
Comment 6 Larry the Git Cow gentoo-dev 2024-02-03 10:39:13 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=31a91f41b46cbdac7e714fa86126ba3c9e4406d2

commit 31a91f41b46cbdac7e714fa86126ba3c9e4406d2
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2024-02-03 10:38:45 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-02-03 10:39:07 +0000

    profiles/arch/loong: force dev-perl/DBD-MariaDB[mariadb]
    
    No MySQL here.
    
    Bug: https://bugs.gentoo.org/919865
    Signed-off-by: Sam James <sam@gentoo.org>

 profiles/arch/loong/package.use.force | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)
Comment 7 Larry the Git Cow gentoo-dev 2024-02-03 10:40:45 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=4a645015b14793aab35252a2916c43ad4244c151

commit 4a645015b14793aab35252a2916c43ad4244c151
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2024-02-03 10:40:20 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2024-02-03 10:40:20 +0000

    profiles/arch/loong: mask dev-perl/DBD-MariaDB[mysql]
    
    No MySQL here. Note that not use.mask-ing USE=mysql as it has a generic
    meaning too.
    
    Bug: https://bugs.gentoo.org/919865
    Signed-off-by: Sam James <sam@gentoo.org>

 profiles/arch/loong/package.use.mask | 4 ++++
 1 file changed, 4 insertions(+)
Comment 8 Jakov Smolić archtester gentoo-dev 2024-02-03 23:23:09 UTC
riscv done
[+] Comment 9 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-02-21 01:20:23 UTC Comment hidden (obsolete)
Comment 10 matoro archtester 2024-02-21 01:24:47 UTC
(In reply to Sam James from comment #9)
> matoro, I don't understand why you've changed it from depends on <-> blocks.
> 
> The point of this bug is to let people get rid of DBD-MySQL. What's dragging
> it in for you when doing this package list?

When I try to emerge dev-db/mariadb:10.11 it pulls in dev-perl/DBD-mysql which then fails to build.  See:  https://paste.matoro.tk/b1z1sxr
[+] Comment 11 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-02-21 01:56:03 UTC Comment hidden (obsolete)
Comment 12 matoro archtester 2024-02-21 01:59:00 UTC
(In reply to Sam James from comment #11)
> (In reply to matoro from comment #10)
> > (In reply to Sam James from comment #9)
> > > matoro, I don't understand why you've changed it from depends on <-> blocks.
> > > 
> > > The point of this bug is to let people get rid of DBD-MySQL. What's dragging
> > > it in for you when doing this package list?
> > 
> > When I try to emerge dev-db/mariadb:10.11 it pulls in dev-perl/DBD-mysql
> > which then fails to build.  See:  https://paste.matoro.tk/b1z1sxr
> 
> You need to do mariadb-10.11-r1 which changes the dep, that's why this is a
> rekeywording bug.

You mean 10.11.5-r1?  So should package list say >=dev-db/mariadb-10.11.5-r1:10.11 ?
[+] Comment 13 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-02-21 02:04:28 UTC Comment hidden (obsolete)
Comment 14 matoro archtester 2024-02-27 16:23:33 UTC
Created attachment 886132 [details]
test summary

Here's my summary of the test suite status on all of the requested architectures (see attachment).  How do we want to approach the ones with more drastic failures?

Passes:  arm64, ia64, ppc64le
One failure:  ppc64, loong64
mips64 has a handful of failures.  One due to big-endian.
arm has 2 failures on 10.6, but regresses severely to 10.11.
Many failures:  alpha, hppa, ppc

I can open individual bugs for these, but would like to understand if that would be helpful first.
Comment 15 Tomáš Mózes 2024-03-05 12:55:20 UTC
(In reply to matoro from comment #14)
> Created attachment 886132 [details]
> test summary
> 
> Here's my summary of the test suite status on all of the requested
> architectures (see attachment).  How do we want to approach the ones with
> more drastic failures?
> 
> Passes:  arm64, ia64, ppc64le
> One failure:  ppc64, loong64
> mips64 has a handful of failures.  One due to big-endian.
> arm has 2 failures on 10.6, but regresses severely to 10.11.
> Many failures:  alpha, hppa, ppc
> 
> I can open individual bugs for these, but would like to understand if that
> would be helpful first.

Thank you matoro for testing, actually I only use MariaDB on amd64 where the tests pass, no idea about the others arches, I don't use any of others. However this is KW request, so probably we should proceed if it can be compiled and started, the tests itself may be flaky.

A failing test doesn't really mean it won't work, however I do understand it would be great to 100% of success rate. On the other side, it's blocking a security stabilization where users are now stuck with old and vulnerable version.
Comment 16 matoro archtester 2024-03-05 14:42:06 UTC
(In reply to Tomáš Mózes from comment #15)
> (In reply to matoro from comment #14)
> > Created attachment 886132 [details]
> > test summary
> > 
> > Here's my summary of the test suite status on all of the requested
> > architectures (see attachment).  How do we want to approach the ones with
> > more drastic failures?
> > 
> > Passes:  arm64, ia64, ppc64le
> > One failure:  ppc64, loong64
> > mips64 has a handful of failures.  One due to big-endian.
> > arm has 2 failures on 10.6, but regresses severely to 10.11.
> > Many failures:  alpha, hppa, ppc
> > 
> > I can open individual bugs for these, but would like to understand if that
> > would be helpful first.
> 
> Thank you matoro for testing, actually I only use MariaDB on amd64 where the
> tests pass, no idea about the others arches, I don't use any of others.
> However this is KW request, so probably we should proceed if it can be
> compiled and started, the tests itself may be flaky.
> 
> A failing test doesn't really mean it won't work, however I do understand it
> would be great to 100% of success rate. On the other side, it's blocking a
> security stabilization where users are now stuck with old and vulnerable
> version.

If this is blocking a kwreq, then let's split it up into two bugs - one for arches blocking the stablereq, one for new arches.

Regardless, my vote on this would be to investigate the small failures - ppc64, loong64 - and drop keywords elsewhere.  I think it's unlikely to be running a mariadb server on the remaining arches - alpha, arm, hppa, mips, ppc.
[+] Comment 17 Sam James archtester Gentoo Infrastructure gentoo-dev Security 2024-03-05 15:06:16 UTC Comment hidden (obsolete)
Comment 18 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-04-05 05:16:52 UTC
ia64 done
Comment 19 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-04-05 05:17:45 UTC
arm done
Comment 20 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-04-05 05:17:46 UTC
arm64 done
Comment 21 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-04-05 05:18:25 UTC
ppc done
Comment 22 Arthur Zamarin archtester Gentoo Infrastructure gentoo-dev Security 2024-04-05 05:18:27 UTC
ppc64 done
Comment 23 Petr Vaněk gentoo-dev 2024-06-19 08:21:26 UTC
For remaining arches, how about to check what is the test state difference between latest version and the last keyworded version. It could be that the latest versions is actually in better shape than the last keyworded one. It would be beneficial for security bugs, I guess.

I was able to find multiple recent and active tickets in mariadb issue tracker for hppa, mips or sparc, therefore I would expect at least some improvement between versions. We are almost one year behind upstream now.
Comment 24 matoro archtester 2024-06-19 17:25:33 UTC
(In reply to Petr Vaněk from comment #23)
> For remaining arches, how about to check what is the test state difference
> between latest version and the last keyworded version. It could be that the
> latest versions is actually in better shape than the last keyworded one. It
> would be beneficial for security bugs, I guess.
> 
> I was able to find multiple recent and active tickets in mariadb issue
> tracker for hppa, mips or sparc, therefore I would expect at least some
> improvement between versions. We are almost one year behind upstream now.

I don't think this is the right approach.  I think we should be de-keywording on those arches instead.  Especially the ones where there are huge numbers of failures, it's evident that the package doesn't work reliably on them and that's not an acceptable outcome when you're dealing with a database that needs integrity.

For client packages like DBD-MariaDB, just mask USE=test on these arches and cite this bug.
Comment 25 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2024-06-27 21:53:50 UTC
(In reply to matoro from comment #24)
> (In reply to Petr Vaněk from comment #23)
> > For remaining arches, how about to check what is the test state difference
> > between latest version and the last keyworded version. It could be that the
> > latest versions is actually in better shape than the last keyworded one. It
> > would be beneficial for security bugs, I guess.
> > 
> > I was able to find multiple recent and active tickets in mariadb issue
> > tracker for hppa, mips or sparc, therefore I would expect at least some
> > improvement between versions. We are almost one year behind upstream now.
> 
> I don't think this is the right approach.  I think we should be
> de-keywording on those arches instead.  Especially the ones where there are
> huge numbers of failures, it's evident that the package doesn't work
> reliably on them and that's not an acceptable outcome when you're dealing
> with a database that needs integrity.
> 
> For client packages like DBD-MariaDB, just mask USE=test on these arches and
> cite this bug.

Let's do that then?

Since some of the other arches (arm/arm64/ppc/ppc64) are keyworded again, I guess I'll kick off a parallel stablereq to hack away some of what's remaining for the security bug...
[+] Comment 26 NATTkA bot gentoo-dev 2024-08-11 18:40:42 UTC Comment hidden (obsolete)
[+] Comment 27 NATTkA bot gentoo-dev 2024-09-04 21:00:46 UTC Comment hidden (obsolete)
Comment 28 NATTkA bot gentoo-dev 2024-09-07 09:21:10 UTC
Sanity check failed:

> dev-perl/DBD-MariaDB-1.230.0
>   bdepend ~alpha stable profile default/linux/alpha/23.0 (8 total)
>     dev-db/mysql:*
Comment 29 Larry the Git Cow gentoo-dev 2025-01-09 02:57:50 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=220f44145b6f8d2f4956c52eed8f2ecf9f1cdded

commit 220f44145b6f8d2f4956c52eed8f2ecf9f1cdded
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2025-01-09 02:56:56 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2025-01-09 02:57:15 +0000

    net-analyzer/cacti: drop ~alpha
    
    Needs php[mysql] and USE=mysql is masked here now.
    
    Bug: https://bugs.gentoo.org/919865
    Signed-off-by: Sam James <sam@gentoo.org>

 net-analyzer/cacti/cacti-1.2.21.ebuild | 4 ++--
 net-analyzer/cacti/cacti-1.2.26.ebuild | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=0c52d280cb6a6b3914f0707678a7042e258878e0

commit 0c52d280cb6a6b3914f0707678a7042e258878e0
Author:     Sam James <sam@gentoo.org>
AuthorDate: 2025-01-09 02:38:48 +0000
Commit:     Sam James <sam@gentoo.org>
CommitDate: 2025-01-09 02:57:14 +0000

    profiles/arch/alpha: mask USE=mysql
    
    dev-db/mysql isn't keyworded here.
    
    Bug: https://bugs.gentoo.org/919865
    Signed-off-by: Sam James <sam@gentoo.org>

 profiles/arch/alpha/use.mask | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)